|
Windows 10 Problem solving for the Windows 10 Operating System. |
|
Topic Tools |
#16
|
|||
|
|||
The text that you have entered is too long (140167 characters). Please shorten it to 50000 characters long.
I'm going to have to find a way to get around this problem. I really don't know how to even break a text file onto half - I presume I can send you 4 halves. Last edited by sebastian42; January 5th, 2020 at 08:38 PM. |
#17
|
||||
|
||||
Yes, you have to break it down into pieces. If you take a chunk of the log and highlight it, right click and select cut, then post what you have back here. Then do another cut, and post. When you're done, click don't save and the log will just be restored to its full size on your computer.
|
#18
|
|||
|
|||
What you have instructed is rather obvious - my (unstated) difficulty was with finding the halfway mark, the obviously safest place to break the file in two. Some programs have character count - could see where that leads.
My text editor had line numbers so could break at the middle line. Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01-01-2020 Ran by Joe (06-01-2020 06:29:49) Running from C:\Program Files\Farbar Microsoft Windows 10 Pro Version 1909 18363.535 (X86) (2019-12-05 14:47:55) Boot Mode: Normal ================================================== ======== ==================== Accounts: ============================= Administrator (S-1-5-21-198903158-1304534811-4163729061-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-198903158-1304534811-4163729061-503 - Limited - Disabled) Guest (S-1-5-21-198903158-1304534811-4163729061-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-198903158-1304534811-4163729061-1002 - Limited - Enabled) Joe (S-1-5-21-198903158-1304534811-4163729061-1000 - Administrator - Enabled) => C:\Users\Joe WDAGUtilityAccount (S-1-5-21-198903158-1304534811-4163729061-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Disabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKLM\...\uTorrent) (Version: 2.2.1 - ) 4K Video Downloader 4.9 (HKLM\...\{5AD5FB20-5563-4551-B6EC-9716E5F4AA8C}) (Version: 4.9.0.3032 - Open Media LLC) 8GadgetPack (HKLM\...\{A6ED7695-0EDF-47C6-BD79-669FA92C6E78}) (Version: 26.0.0 - 8GadgetPack.net) Active Desktop Calendar 7.96 (HKLM\...\Active Desktop Calendar_is1) (Version: - XemiComputers) Actual Window Manager 8.14 (HKLM\...\Actual Windows Manager_is1) (Version: 8.14 - Actual Tools) Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.303 - Adobe) Aidfile recovery software professional version 3.6.6.0 (HKLM\...\{456B239A-C1E0-4178-810E-8E8F09B06877}_is1) (Version: 3.6.6.0 - Mitusoft, Inc.) ********* HD Video Converter 8.1.18 (HKLM\...\{3039577D-975E-42fc-89FC-2F1FF42F3FCA}_is1) (Version: 8.1.18 - ********* Studio) ********* MP4 Video Converter 8.1.10 (HKLM\...\{75CE1C3D-5B84-4e3b-BC17-246607907E6B}_is1) (Version: 8.1.10 - ********* Studio) ********* Total Media Converter 6.2.86 (HKLM\...\{42087B24-ECD8-41d2-8053-E6EB99E5083F}_is1) (Version: 6.2.86 - ********* Studio) ********* Total Video Converter 9.2.28 (HKLM\...\********* Total Video Converter_is1) (Version: 9.2.28 - ********* Studio) ********* Video Converter Ultimate 9.2.38 (HKLM\...\{BD446D04-7426-4a27-9B0B-33B0C386F71B}_is1) (Version: 9.2.38 - ********* Studio) ********* Video Converter Ultimate 9.2.62 (HKLM\...\********* Video Converter Ultimate_is1) (Version: 9.2.62 - lrepacks.ru) Akamai NetSession Interface (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Akamai) (Version: - Akamai Technologies, Inc) Allavsoft 3.17.7.7150 (HKLM\...\{6EBED4D8-13D9-4270-8D44-B57DDB7A787C}_is1) (Version: - Allavsoft Corporation) AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.) AMP Calendar (HKLM\...\AMP Calendar) (Version: - ) Annotator version 2.0.0.12 (HKLM\...\{A6ACFC1B-361C-430B-94DA-51467B7D6E7E}_is1) (Version: 2.0.0.12 - IPEVO) ANT Drivers Installer x86 (HKLM\...\{41C1CDFA-BD68-480E-819C-A06112DA457B}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden ANT Drivers Installer x86 (HKLM\...\{D8E7F472-86F6-4E62-AAFB-283D238FEED0}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden Any Video Converter Professional 6.2.9 (HKLM\...\Any Video Converter Professional_is1) (Version: - Any-Video-Converter.com) AnyMP4 MP4 Converter 7.2.8 (HKLM\...\{116DCE20-DA28-44fb-9C04-DDE2AD05AC8C}_is1) (Version: 7.2.8 - AnyMP4 Studio) AOMEI Backupper Professional (HKLM\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: - AOMEI Technology Co., Ltd.) AOMEI Partition Assistant 8.6 (HKLM\...\{04F850ED-FD0F-4ED1-AE1B-4498165BF3D2}_is1) (Version: - AOMEI Technology Co., Ltd.) Apowersoft Video Converter Studio V4.8.3 (HKLM\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.8.3 - APOWERSOFT LIMITED) AutoHotkey 1.1.30.03 (HKLM\...\AutoHotkey) (Version: 1.1.30.03 - Lexikos) Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software) AVS Video Converter 12.0.2 (HKLM\...\AVS4YOU Video Converter 7_is1) (Version: 12.0.2.652 - Online Media Technologies Ltd.) Belarc Advisor 9.0 (HKLM\...\Belarc Advisor) (Version: 9.0.0.0 - Belarc Inc.) Bigasoft Video Downloader Pro 3.17.9.7200 (HKLM\...\{C7056BA6-D954-43A2-ABBA-AB2E8E777730}_is1) (Version: - Bigasoft Corporation) Boilsoft Video Joiner 6.57 (HKLM\...\{FD39EF4B-0B5C-4B33-8D57-2EE865A80EB1}_is1) (Version: - Boilsoft, Inc.) Boilsoft Video Splitter 6.33 (HKLM\...\{24549038-9956-4EE5-976D-4419AAEA7DD5}_is1) (Version: - Boilsoft, Inc.) Brother HL-2040 (HKLM\...\{AF5BED47-32A2-4FAE-9706-8F0E0462E838}) (Version: 1.00 - Brother) CapsLord 1.0 (remove only) (HKLM\...\CapsLord) (Version: - ) Casper 8.0 (HKLM\...\{6A58EB2E-5883-4515-910D-699C4396797B}) (Version: 8.0.4422 - Future Systems Solutions, Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform) Clipboard Magic version 5.05 (HKLM\...\Clipboard Magic_is1) (Version: 5.05 - CyberMatrix Corporation, Inc.) CloseAll (HKLM\...\CloseAll) (Version: 2.0 - NTWind Software) Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper) CPUID CPU-Z 1.90 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.90 - CPUID, Inc.) D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS) EaseUS Partition Master 13.0 Trial Edition (HKLM\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS) EasiestSoft Video Converter 3.3.1 (HKLM\...\{62540757-EAF0-B027-F7F8-CD5A8A0DC9BA}_is1) (Version: 3.3.1 - EasiestSoft International LLC.) Eassos PartitionGuru 4.9.5 (HKLM\...\{FC4FF5F4-2265-4E18-8BBC-12CBA9794388}_is1) (Version: - Eassos Co., Ltd.) Easy Video Splitter 1.28 (HKLM\...\Easy Video Splitter_is1) (Version: - DoEasier Tech Inc) Elevated Installer (HKLM\...\{D65F0A69-836E-419F-B817-A82A1A0B04A3}) (Version: 6.17.0.0 - Garmin Ltd or its subsidiaries) Hidden EmEditor (32-bit) (HKLM\...\{87E57ED7-E591-4DFD-8FD5-0F253EF425B3}) (Version: 19.0.0 - Emurasoft, Inc.) EmEditor Help (English) (HKLM\...\{613A955D-A807-4489-B423-1CEDE0676739}) (Version: 15.7.1 - Emurasoft, Inc.) Epic Pen version v3.6.0.0 (HKLM\...\Epic Pen_is1) (Version: v3.6.0.0 - TANK Studios) Evaer Video Recorder for Skype 1.6.5.11 (HKLM\...\Evaer Video Recorder for Skype) (Version: 1.6.5.11 - Evaer Technology) Faasoft Video Converter 5.2.24.5621 (HKLM\...\{C6FE6897-0A65-4474-8EF7-E7AF11F8F239}_is1) (Version: - Faasoft Corporation) FileSeek 6.2.1 (32-bit) (HKLM\...\44953928-E730-4e8c-A2B2-3A85BC96A3D0_is1) (Version: 6.2.1.0 - Binary Fortress Software) Firefox Preloader (HKLM\...\Firefox Preloader_is1) (Version: 1.0.366.0 - 6XGate Incorporated) Folder Size Explorer (HKLM\...\{7C3E7EA4-DCEC-4E49-8459-B6F15DBD9795}) (Version: 1.7.1 - Bazwise) FormatFactory 4.8.0.0 (HKLM\...\FormatFactory) (Version: 4.8.0.0 - Free Time) FotoTagger 2.13.0.1 (HKLM\...\FotoTagger) (Version: 2.13.0.1 - Cogitum) Free Launch Bar (HKLM\...\{1574CBD4-1656-420c-B553-E16F01E74C0F}) (Version: 2.0 - Tordex) Free M4a to MP3 Converter 9.7 (HKLM\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com) Free MPG Player (HKLM\...\{254E7ACE-402F-4CA4-951F-9C5F0B00AF1A}) (Version: 1.0.0 - Free MPG Player) Free Video Flip and Rotate version 2.1.6.128 (HKLM\...\Free Video Flip and Rotate_is1) (Version: 2.1.6.128 - DVDVideoSoft Ltd.) Free Video Joiner (HKLM\...\{14FA6DD9-92ED-493D-A937-81A78870E08A}_is1) (Version: - FreeVideoJoiner.com) Free WebM to MP3 Converter (32-bit) 1.2 (HKLM\...\{E359DE7A-892A-4E9F-B2D6-7487C4AA7FB6}_is1) (Version: 1.2 - Jacek Pazera) Freemake Video Converter version 4.1.10 (HKLM\...\Freemake Video Converter_is1) (Version: 4.1.10 - Mixbyte Inc.) Freemake Video Downloader (HKLM\...\Freemake Video Downloader_is1) (Version: 3.8.3 - Ellora Assets Corporation) Garmin City Navigator Aus and NZ NT 2017.20 (HKLM\...\{3E711870-B474-4277-AE21-481DEAD361B3}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries) Garmin City Navigator Australia And New Zealand NT 2012.40 Update (HKLM\...\{5E34337E-9BE4-4D72-9C61-77769BD72855}) (Version: 12.40.0.0 - Garmin Ltd or its subsidiaries) Garmin Communicator Plugin (HKLM\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries) Garmin Express (HKLM\...\{4A1D1574-78D4-48E5-A587-84392EEA5C8A}) (Version: 6.17.0.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express (HKLM\...\{624907e5-2ad8-4617-a97f-9e051f9179dd}) (Version: 6.17.0.0 - Garmin Ltd or its subsidiaries) Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries) Garmin USB Drivers (HKLM\...\{E31435FE-F0B7-4A62-BE46-BD166A1EEFFB}) (Version: 2.3.1.1 - Garmin Ltd or its subsidiaries) Garmin WebUpdater (HKLM\...\{5EF98E1C-3912-40EA-A8C1-25772D9F1762}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries) Hidden Garmin WebUpdater (HKLM\...\{f1c8f03d-88bd-432d-80d1-782d4fac96b2}) (Version: 2.5.7 - Garmin Ltd or its subsidiaries) Glary Utilities PRO 5.134 (HKLM\...\Glary Utilities 5) (Version: 5.134.0.160 - Glarysoft Ltd) GOM Player (HKLM\...\GOM Player) (Version: 2.3.42.5304 - GOM & Company) Google Chrome (HKLM\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC) Google Earth Pro (HKLM\...\{9D524A1E-F2FC-444D-B12A-7592CEB56EB5}) (Version: 7.3.2.5776 - Google) Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot) HandBrake 1.0.7 (HKLM\...\HandBrake) (Version: 1.0.7 - ) Hard Disk Sentinel PRO (HKLM\...\Hard Disk Sentinel_is1) (Version: 5.40 - Janos Mathe) HD Video Converter Factory Pro 17.1 (HKLM\...\HD Video Converter Factory Pro_is1) (Version: 17.1 - lrepacks.ru) HD Video Converter Factory Pro 18.6 (HKLM\...\HD Video Converter Factory Pro) (Version: 18.6 - WonderFox Soft, Inc.) Helium Audio Joiner (build 331) (HKLM\...\{1C7BCE67-6479-4D56-AD92-E50479028171}_is1) (Version: 1.9.0.331 - Imploded Software) HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.16.310 - SurfRight B.V.) Ico Converter 1.3 (HKLM\...\IcoConverter) (Version: - Tomatosoft) ICQ (version 10.0.12417) (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\icq.desktop) (Version: 10.0.12417 - ICQ) iDealshare VideoGo 7.0.4.6443 (HKLM\...\{CC4C06C4-7C78-4AAB-B5AF-33FB11CCD860}_is1) (Version: - iDealshare Corporation) ImTOO MP4 to MP3 Converter 6 (HKLM\...\ImTOO MP4 to MP3 Converter 6) (Version: 6.8.0.1101 - ImTOO) Ink2Go (HKLM\...\{6F884302-FE97-4024-ADE3-6415E0F3D372}) (Version: 1.6.0 - EyePower Games) Internet Download Manager (HKLM\...\Internet Download Manager) (Version: 6.32.8 - Tonek Inc.) IrfanView 4.53 (32-bit) (HKLM\...\IrfanView) (Version: 4.53 - Irfan Skiljan) iSkysoft Helper Compact 2.5.2 (HKLM\...\{9BF12010-8799-41A5-A671-E9CFDE9E79F3}_is1) (Version: 2.5.2 - iSkysoft) iSkysoft Video Converter Ultimate(Build 11.5.0.24) (HKLM\...\iSkysoft Video Converter Ultimate_is1) (Version: 11.5.0.24 - iSkysoft Software) ISO2Disc 1.10 (HKLM\...\ISO2Disc_is1) (Version: - Top Password Software, Inc.) JPG to PDF Converter 1.1 (HKLM\...\JPG to PDF Converter) (Version: 1.1 - ) Junk Mail filter update (HKLM\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Kleptomania version 5.0 (HKLM\...\{59C08933-1E83-4A8B-A2A9-FD895CFCC95D}_is1) (Version: 5.0 - StructuRise) K-Lite Codec Pack 15.3.2 Basic (HKLM\...\KLiteCodecPack_is1) (Version: 15.3.2 - KLCP) KMPlayer (HKLM\...\The KMPlayer) (Version: 4.2.2.35 - *******TV) Linksys Wireless-G PCI Adapter Driver - WMP54Gv4.1 (HKLM\...\{4DDC3BED-CC68-44AA-B435-D727B620CA5B}) (Version: 1.0 - Linksys, A Division of Cisco Systems, Inc.) Macro Express Pro (HKLM\...\Macro Express Pro) (Version: 4.3.0.1 - Insight Software Solutions, Inc.) Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes) MediaHuman Audio Converter version 1.9.6.6 (HKLM\...\MHAudioConverter_is1) (Version: 1.9.6.6 - MediaHuman) MediaInfo 18.12 (HKLM\...\MediaInfo) (Version: 18.12 - MediaArea.net) Messenger for Desktop (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\{4e2a4302-5df4-5868-a685-36c844414384}) (Version: 3.0.14 - MFD LABS LTD) Messenger for Desktop (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\4e2a4302-5df4-5868-a685-36c844414384) (Version: 3.0.8 - MFD LABS LTD) Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Windows Debugging Symbols (HKLM\...\{C6DB958A-50CC-481B-9ED8-3BAD236F7B49}) (Version: 7601 - Microsoft) Microsoft Works 6-9 Converter (HKLM\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation) MightyText (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\MightyText) (Version: 4.3.0 - MightyText) MKV to MP3 Converter 5.0.1 (HKLM\...\MKV to MP3 Converter) (Version: 5.0.1 - FreeStar) Movavi Video Converter 20 Premium (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Movavi Video Converter 20 Premium) (Version: 20.0.0 - Movavi) Movie Maker (HKLM\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 50.0 (x86 en-US) (HKLM\...\Mozilla Firefox 50.0 (x86 en-US)) (Version: 50.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 50.0 - Mozilla) Mp3tag v2.99a (HKLM\...\Mp3tag) (Version: 2.99a - Florian Heidenreich) MP4 Downloader Pro 3 (HKLM\...\MP4 Downloader Pro_is1) (Version: - Tomabo) MPC-HC 1.7.13 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.13 - MPC-HC Team) NetWorx 5.5.5 (HKLM\...\NetWorx_is1) (Version: - Softperfect) NirSoft RegScanner (HKLM\...\NirSoft RegScanner) (Version: - ) NirSoft ShellExView (HKLM\...\NirSoft ShellExView) (Version: - ) Nitro Pro (HKLM\...\{94E40F4E-D482-499D-9239-D70AE64E9618}) (Version: 13.2.3.26 - Nitro) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation) PicPick (HKLM\...\PicPick) (Version: 5.0.7 - NGWIN) Platform (HKLM\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.40 - VIA Technologies, Inc.) Hidden Point Position 1.0 (HKLM\...\Point Position 1.0) (Version: 1.0 - Vasilios Applications) PowerISO (HKLM\...\PowerISO) (Version: 6.3 - Power Software Ltd) Presentation Assistant V3.0.1 (HKLM\...\Presentation Assistant_is1) (Version: - www.presentation-assistant.com) Pushbullet version 338 (HKLM\...\{7578F204-49E7-4830-B051-14C23F408BFE}_is1) (Version: 338 - Pushbullet Inc) Readiris 17 (HKLM\...\{8ACAE85F-B250-4543-9AD8-734474B3BA20}) (Version: 17.01.11945 - I.R.I.S.) RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden RealUpgrade 1.1 (HKLM\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden Recover My Files (HKLM\...\Recover My Files v5_is1) (Version: 5.2.1.1964 - GetData Pty Ltd) Registrar Registry Manager 8.60 (HKLM\...\Registrar32_is1) (Version: - Resplendence Software Projects Sp.) Revo Uninstaller Pro 4.2.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.2.0 - VS Revo Group, Ltd.) Screenpresso (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Screenpresso) (Version: 1.7.0.0 - Learnpulse) Security Task Manager 2.3c (HKLM\...\Security Task Manager) (Version: 2.3c - Neuber Software) Skype version 8.55 (HKLM\...\Skype_is1) (Version: 8.55 - Skype Technologies S.A.) SMPlayer 19.10.0 (HKLM\...\SMPlayer) (Version: 19.10.0 - Ricardo Villalba) Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform) Spotify (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Spotify) (Version: 1.1.16.522.g55a4b852 - Spotify AB) Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.) Spybot Anti-Beacon (HKLM\...\{419A7FCF-93E1-474D-BFE9-987CF3F90C88}_is1) (Version: 1.5 - Safer-Networking Ltd.) Stellar Repair for Video (HKLM\...\Stellar Repair for Video_is1) (Version: 4.0.0.0 - Stellar Information Technology Pvt Ltd.) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1038 - SUPERAntiSpyware.com) Tame version 6.0d (remove only) (HKLM\...\Tame 6.0d) (Version: - ) TeamViewer (HKLM\...\TeamViewer) (Version: 15.0.8397 - TeamViewer) Telegram Desktop version 1.9.3 (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.9.3 - Telegram FZ-LLC) TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version: - Code Sector) Text Monkey Lite (HKLM\...\Text Monkey Lite) (Version: - ) TreeSize V7.1.3 (HKLM\...\TreeSize_is1) (Version: 7.1.3 - JAM Software) Ultra Video Joiner 6.4.1010 (HKLM\...\Ultra Video Joiner_is1) (Version: - Aone Software) Ultra Video Splitter 6.4.1010 (HKLM\...\Ultra Video Splitter_is1) (Version: - Aone Software) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) UpdateService (HKLM\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden VC 9.0 Runtime (HKLM\...\{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}) (Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden vDosWP (HKLM\...\{49883946-559B-4FE0-866F-7674B9516A75}_is1) (Version: 2018.10.14 - wpdos.org) VIA Platform Device Manager (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.40 - VIA Technologies, Inc.) Viber (HKLM\...\{D65DDA75-2C0A-46BA-807D-127BD5638490}) (Version: 6.0.1.5 - Viber Media Inc.) Hidden Viber (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\{acc83058-83b0-41e2-b372-266672a1af16}) (Version: 6.0.1.5 - Viber Media Inc.) Video Downloader (HKLM\...\{8B6202FD-3790-4DD4-B343-51736F7FF4E5}) (Version: 1.2.0 - RealNetworks) Hidden VideoProc (HKLM\...\VideoProc) (Version: 3.5 - Digiarty, Inc.) VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN) VSDC Free Video Editor version 6.3.6.17 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.3.6.17 - Flash-Integro LLC) VSO ConvertXToDVD (HKLM\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.3.0.40 - VSO Software) Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden Winaero Tweaker (HKLM\...\Winaero Tweaker_is1) (Version: 0.16.1.0 - Winaero) WinAVI Video Converter (HKLM\...\WinAVI Video Converter) (Version: 11.5.1.4360 - ZJMedia Digital Technology Ltd.) Windows 7 Games for Windows 10 and 8 (HKLM\...\Win7Games) (Version: 2.0 - hxxp://winaero.com) Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46 ) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152 ) (Version: 04/19/2012 2.3.1.0 - Garmin) Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2 ) (Version: 02/06/2007 3.1 - Silicon Labs Software) Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Winja version 4.1.0 (HKLM\...\Winja_is1) (Version: 4.1.0 - Phrozen SAS) WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 35.5.2017.8 - Ruiware) WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) WinRAR 5.80 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH) WinX HD Video Converter Deluxe 5.15.5 (HKLM\...\WinX HD Video Converter Deluxe_is1) (Version: - Digiarty Software, Inc.) WinX YouTube Downloader (HKLM\...\WinX YouTube Downloader) (Version: 5.2 - Digiarty, Inc.) WinX YouTube Downloader 4.0.10 (HKLM\...\WinX YouTube Downloader_is1) (Version: - Digiarty Software, Inc.) Wireless-G PCI Adapter (HKLM\...\{88742616-A6E9-4C7E-9665-B625799541FB}) (Version: - ) Wise Duplicate Finder 1.3.4.42 (HKLM\...\Wise Duplicate Finder_is1) (Version: 1.3.4.42 - lrepacks.ru) WonderFox DVD Video Converter 18.0 (HKLM\...\WonderFox DVD Video Converter) (Version: 18.0 - WonderFox Soft, Inc.) Wondershare AllMyTube(Build 7.4.5.0) (HKLM\...\AllMyTube_is1) (Version: 7.4.5.0 - Wondershare) Wondershare Helper Compact 2.5.3 (HKLM\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare) Xilisoft Video Converter Ultimate (HKLM\...\Xilisoft Video Converter Ultimate) (Version: 7.8.23.20180925 - Xilisoft) Xperia Companion (HKLM\...\{5b7c1b25-5fb6-442c-a1b5-cb8dfc2267bf}) (Version: 2.8.3.0 - Sony) Xperia Companion (HKLM\...\{66EABD35-6233-4926-9AB1-AB31CC6BC7D9}) (Version: 2.8.3.0 - Sony) Hidden Xperia Companion Service (HKLM\...\{E41065E8-67E2-448F-940C-FF9D7C51E4E3}) (Version: 2.8.3.0 - Sony) Hidden Xvid MPEG-4 Video Codec (HKLM\...\xvid) (Version: - Xvid Development Team) Packages: ========= IDM Integration Module -> C:\Program Files\WindowsApps\TonecInc.IDMIntegrationModule_6. 30.6.0_neutral__e7b5mm5d3r6v2 [2019-04-01] (Tonec Inc.) Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_41.1788.5 0991.0_x86__8xx8rvfyw5nnt [2018-12-09] (Instagram) Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_16005.11029.20108.0_x86__8wekyb3d8bbwe [2019-12-06] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 08.3.0_x86__8wekyb3d8bbwe [2019-12-06] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireColl ection_4.2.11280.0_x86__8wekyb3d8bbwe [2019-12-06] (Microsoft Studios) [MS Ad] mysms - Text from Computer, Messaging -> C:\Program Files\WindowsApps\UptoElevenDigitalSolution.mysms-Textanywhere_3.2.0.0_x86__c9d6r4qvva5x8 [2019-12-22] (Up to Eleven Digital Solutions GmbH) Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.9.49.0_ x86__43tkc6nmykmb6 [2019-12-24] (Ookla) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-198903158-1304534811-4163729061-1000_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Joe\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboa rder32.dll (Helmut Buhler) [File not signed] CustomCLSID: HKU\S-1-5-21-198903158-1304534811-4163729061-1000_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Joe\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.3 2.dll (Helmut Buhler) [File not signed] CustomCLSID: HKU\S-1-5-21-198903158-1304534811-4163729061-1000_Classes\CLSID\{DFA0CC7F-D36B-47D1-8EF5-415C1DA53F57}\InprocServer32 -> C:\Users\Joe\AppData\Local\Programs\EmEditor\emeds hl.dll (Emurasoft, Inc. -> Emurasoft, Inc.) ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2018-05-12] (Tonec Inc. -> Tonec Inc.) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-04] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-04] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => -> No File ContextMenuHandlers1: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File ContextMenuHandlers1: [Tomabo.MP4Converter] -> [CC]{67A979E9-C5A6-4C0F-B0B7-FB516406FA9E} => -> No File ContextMenuHandlers1: [Tomabo.MP4Player] -> [CC]{DA4F8B8B-91CF-43AD-BB0B-B52BF770DA3E} => -> No File ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {55D63393-DB17-4A2B-9052-15D85B4B1344} => -> No File ContextMenuHandlers2: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-04] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-05] () [File not signed] ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => -> No File ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> No File ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File ContextMenuHandlers4: [TeraCopy] -> [CC]{A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => -> No File ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacmxx.dll [2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers5: [Actual Window Manager] -> {CE577978-3FCA-430D-B0CE-D637788F9C5A} => C:\Program Files\Actual Window Manager\ActualWindowManagerShellExtension.dll [2019-05-15] (Actual Tools (Mikhail Yurievich Tretyakov IP) -> Actual Tools) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-04] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group) ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-05] () [File not signed] ContextMenuHandlers1_S-1-5-21-198903158-1304534811-4163729061-1000: [EmEditor] -> {DFA0CC7F-D36B-47D1-8EF5-415C1DA53F57} => C:\Users\Joe\AppData\Local\Programs\EmEditor\emeds hl.dll [2019-07-30] (Emurasoft, Inc. -> Emurasoft, Inc.) ContextMenuHandlers2_S-1-5-21-198903158-1304534811-4163729061-1000: [EmEditor] -> [CC]{DFA0CC7F-D36B-47D1-8EF5-415C1DA53F57} => -> No File ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [msacm.divxa32] => C:\WINDOWS\system32\msaud32_divx.acm [186368 2003-02-03] (Microsoft Corporation) [File not signed] HKLM\...\Drivers32: [vidc.MPG4] => C:\WINDOWS\system32\mpg4c32.dll [413760 2001-01-07] (Microsoft Corporation) [File not signed] HKLM\...\Drivers32: [vidc.MP42] => C:\WINDOWS\system32\mpg4c32.dll [413760 2001-01-07] (Microsoft Corporation) [File not signed] HKLM\...\Drivers32: [vidc.MP43] => C:\WINDOWS\system32\mpg4c32.dll [413760 2001-01-07] (Microsoft Corporation) [File not signed] HKLM\...\Drivers32: [msacm.voxacm160] => C:\WINDOWS\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed] HKLM\...\Drivers32: [msacm.scg726] => C:\WINDOWS\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed] HKLM\...\Drivers32: [msacm.alf2cd] => C:\WINDOWS\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed] HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed] HKLM\...\Drivers32: [msacm.lame] => C:\WINDOWS\system32\lame.ax [245760 2005-08-01] () [File not signed] HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed] HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed] HKLM\...\Drivers32: [vidc.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] ( ) [File not signed] HKLM\...\Drivers32: [vidc.XVID] => C:\WINDOWS\system32\xvidvfw.dll [236544 2011-12-19] () [File not signed] HKLM\...\Drivers32: [VIDC.VP80] => vp8vfw.dll ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\Joe\Desktop\Clear Quicklaunch.lnk -> C:\Data\Batch Files\DOS or CMD\Clear_Q.L.bat () Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\autohotkey.lnk -> C:\Data\Batch Files\Autohotkey\autohotkey.bat () Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\Cleanup.lnk -> C:\Data\Batch Files\DOS or CMD\Cleanup.bat () Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\Firefox Preloader.lnk -> C:\Program Files\FirefoxPreloader\FirefoxPreloader.exe (6XGate Incorporated) Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\AWMClipboard.lnk -> C:\Data\Batch Files\Macro Express\Clipboard_AWM.bat () Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\close & copy ADC.lnk -> C:\Data\Batch Files\Copy Data\Autohotkey\close & copy ADC.bat () Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Greenshot.lnk -> C:\Data\Batch Files\Macro Express\Greenshot.bat () Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\KillGreenshot.lnk -> C:\Data\Batch Files\DOS or CMD\KillGreenshot.bat () Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MultiLaunch.lnk -> C:\Data\Batch Files\DOS or CMD\MultiLaunch.bat () ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Creating an internet shortcut fails _.._.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=djcnpbhjfgpighcllplapphngaaockbd ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\draw.io Desktop.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=pebppomjfocnoigkeepgbmcifnnlndla ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Gmail (1).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kmhopmchchfpfdcdjodmpfaaphdclmlj ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kmhopmchchfpfdcdjodmpfaaphdclmlj ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Google Hangouts.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Hangouts (1).lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=deigijodonbmdapahgkdjljmcngipaab ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Hangouts.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=deigijodonbmdapahgkdjljmcngipaab ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\MightyTextTest.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=andmpiilbgodiefijhcneadhegcolaoe ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Pushbullet Settings.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jinnpgkhgbkooiphbamlonfpcedokdah ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\SendLeap.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=phnjmiobjppgfeicepedmfnpjjmfjlha ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\sydney time.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=dahalpfpibpddfpdcfgmpjelnldolich ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Telegram.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=clhhggbfdinjmjhajaheehoeibfljjno ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Todoist for Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=bgjohebimpjdhhocbknplfelpmdhifhd ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=adnlfjpnmidfimlkaohpidplnoimahfh ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\fd4d8e7501576f3f\Pushb ullet.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=chlffgpmiacpedhhbkiomidkjlcfhogd ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Googl e Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Comms\Hangouts.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Comms\SendLeap.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=phnjmiobjppgfeicepedmfnpjjmfjlha ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ Rare\MightyText Test.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=andmpiilbgodiefijhcneadhegcolaoe ==================== Loaded Modules (Whitelisted) ============= 2020-01-06 06:13 - 2020-01-06 06:13 - 000379904 _____ () [File not signed] \\?\C:\Users\Joe\AppData\Local\Temp\BD93.tmp.node 2020-01-06 06:13 - 2020-01-06 06:13 - 000379904 _____ () [File not signed] \\?\C:\Users\Joe\AppData\Local\Temp\C6E9.tmp.node 2017-12-03 09:37 - 2017-10-16 01:21 - 003420672 _____ () [File not signed] C:\Program Files\Kleptomania\TextractSmart.dll 2017-01-02 17:19 - 2016-09-19 12:08 - 000622080 _____ () [File not signed] C:\Program Files\NetWorx\sqlite.dll 2012-01-10 08:22 - 2011-11-23 15:59 - 000035840 _____ () [File not signed] C:\Program Files\XemiComputers\Active Desktop Calendar\MouseHook.dll 2019-07-09 12:21 - 2019-07-09 12:21 - 001702400 _____ () [File not signed] C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\ffmpeg.dll 2019-07-09 12:21 - 2019-07-09 12:21 - 000015872 _____ () [File not signed] C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\libegl.dll 2019-07-09 12:21 - 2019-07-09 12:21 - 002517504 _____ () [File not signed] C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\libglesv2.dll 2016-07-29 13:05 - 2005-01-19 13:15 - 000028672 _____ (6XGate Systems, Inc.) [File not signed] C:\WINDOWS\SYSTEM32\regclass.dll 2019-08-01 17:55 - 2016-11-15 18:30 - 000122880 _____ (Allavsoft Corporation) [File not signed] C:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.17.7.7150\BVDFirefoxExt\com ponents\BVDFirefoxPlugin.dll 2019-03-14 17:44 - 2018-04-28 11:09 - 000580096 _____ (Helmut Buhler) [File not signed] C:\Program Files\Windows Sidebar\dwmapi.dll 2019-12-06 01:26 - 2019-12-06 01:26 - 000065536 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.openmp_1fc8b3 b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vc omp.dll 2019-07-09 12:21 - 2019-07-09 12:21 - 014393344 _____ (Node.js) [File not signed] C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\node.dll 2016-02-13 03:17 - 2016-02-13 03:17 - 001170944 _____ (TameDOS) [File not signed] C:\WINDOWS\System32\TameVdd.Dll 2009-04-14 09:14 - 2009-04-14 09:14 - 001527808 _____ (TrueSoft) [File not signed] C:\Program Files\FreeLaunchBar\flb.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== ==================== Association (Whitelisted) ================= ==================== Internet Explorer trusted/restricted ========== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\garmin.com -> hxxps://my.garmin.com IE trusted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\localhost -> localhost IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\123simsen.com -> www.123simsen.com There are 7945 more sites. ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 13:04 - 2019-11-21 09:45 - 000455737 ____R C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com |
#19
|
|||
|
|||
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01-01-2020
Ran by Joe (06-01-2020 06:29:49) Running from C:\Program Files\Farbar Microsoft Windows 10 Pro Version 1909 18363.535 (X86) (2019-12-05 14:47:55) Boot Mode: Normal ================================================== ======== ==================== Accounts: ============================= Administrator (S-1-5-21-198903158-1304534811-4163729061-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-198903158-1304534811-4163729061-503 - Limited - Disabled) Guest (S-1-5-21-198903158-1304534811-4163729061-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-198903158-1304534811-4163729061-1002 - Limited - Enabled) Joe (S-1-5-21-198903158-1304534811-4163729061-1000 - Administrator - Enabled) => C:\Users\Joe WDAGUtilityAccount (S-1-5-21-198903158-1304534811-4163729061-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Disabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKLM\...\uTorrent) (Version: 2.2.1 - ) 4K Video Downloader 4.9 (HKLM\...\{5AD5FB20-5563-4551-B6EC-9716E5F4AA8C}) (Version: 4.9.0.3032 - Open Media LLC) 8GadgetPack (HKLM\...\{A6ED7695-0EDF-47C6-BD79-669FA92C6E78}) (Version: 26.0.0 - 8GadgetPack.net) Active Desktop Calendar 7.96 (HKLM\...\Active Desktop Calendar_is1) (Version: - XemiComputers) Actual Window Manager 8.14 (HKLM\...\Actual Windows Manager_is1) (Version: 8.14 - Actual Tools) Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.303 - Adobe) Aidfile recovery software professional version 3.6.6.0 (HKLM\...\{456B239A-C1E0-4178-810E-8E8F09B06877}_is1) (Version: 3.6.6.0 - Mitusoft, Inc.) ********* HD Video Converter 8.1.18 (HKLM\...\{3039577D-975E-42fc-89FC-2F1FF42F3FCA}_is1) (Version: 8.1.18 - ********* Studio) ********* MP4 Video Converter 8.1.10 (HKLM\...\{75CE1C3D-5B84-4e3b-BC17-246607907E6B}_is1) (Version: 8.1.10 - ********* Studio) ********* Total Media Converter 6.2.86 (HKLM\...\{42087B24-ECD8-41d2-8053-E6EB99E5083F}_is1) (Version: 6.2.86 - ********* Studio) ********* Total Video Converter 9.2.28 (HKLM\...\********* Total Video Converter_is1) (Version: 9.2.28 - ********* Studio) ********* Video Converter Ultimate 9.2.38 (HKLM\...\{BD446D04-7426-4a27-9B0B-33B0C386F71B}_is1) (Version: 9.2.38 - ********* Studio) ********* Video Converter Ultimate 9.2.62 (HKLM\...\********* Video Converter Ultimate_is1) (Version: 9.2.62 - lrepacks.ru) Akamai NetSession Interface (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Akamai) (Version: - Akamai Technologies, Inc) Allavsoft 3.17.7.7150 (HKLM\...\{6EBED4D8-13D9-4270-8D44-B57DDB7A787C}_is1) (Version: - Allavsoft Corporation) AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.) AMP Calendar (HKLM\...\AMP Calendar) (Version: - ) Annotator version 2.0.0.12 (HKLM\...\{A6ACFC1B-361C-430B-94DA-51467B7D6E7E}_is1) (Version: 2.0.0.12 - IPEVO) ANT Drivers Installer x86 (HKLM\...\{41C1CDFA-BD68-480E-819C-A06112DA457B}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden ANT Drivers Installer x86 (HKLM\...\{D8E7F472-86F6-4E62-AAFB-283D238FEED0}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden Any Video Converter Professional 6.2.9 (HKLM\...\Any Video Converter Professional_is1) (Version: - Any-Video-Converter.com) AnyMP4 MP4 Converter 7.2.8 (HKLM\...\{116DCE20-DA28-44fb-9C04-DDE2AD05AC8C}_is1) (Version: 7.2.8 - AnyMP4 Studio) AOMEI Backupper Professional (HKLM\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: - AOMEI Technology Co., Ltd.) AOMEI Partition Assistant 8.6 (HKLM\...\{04F850ED-FD0F-4ED1-AE1B-4498165BF3D2}_is1) (Version: - AOMEI Technology Co., Ltd.) Apowersoft Video Converter Studio V4.8.3 (HKLM\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.8.3 - APOWERSOFT LIMITED) AutoHotkey 1.1.30.03 (HKLM\...\AutoHotkey) (Version: 1.1.30.03 - Lexikos) Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software) AVS Video Converter 12.0.2 (HKLM\...\AVS4YOU Video Converter 7_is1) (Version: 12.0.2.652 - Online Media Technologies Ltd.) Belarc Advisor 9.0 (HKLM\...\Belarc Advisor) (Version: 9.0.0.0 - Belarc Inc.) Bigasoft Video Downloader Pro 3.17.9.7200 (HKLM\...\{C7056BA6-D954-43A2-ABBA-AB2E8E777730}_is1) (Version: - Bigasoft Corporation) Boilsoft Video Joiner 6.57 (HKLM\...\{FD39EF4B-0B5C-4B33-8D57-2EE865A80EB1}_is1) (Version: - Boilsoft, Inc.) Boilsoft Video Splitter 6.33 (HKLM\...\{24549038-9956-4EE5-976D-4419AAEA7DD5}_is1) (Version: - Boilsoft, Inc.) Brother HL-2040 (HKLM\...\{AF5BED47-32A2-4FAE-9706-8F0E0462E838}) (Version: 1.00 - Brother) CapsLord 1.0 (remove only) (HKLM\...\CapsLord) (Version: - ) Casper 8.0 (HKLM\...\{6A58EB2E-5883-4515-910D-699C4396797B}) (Version: 8.0.4422 - Future Systems Solutions, Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform) Clipboard Magic version 5.05 (HKLM\...\Clipboard Magic_is1) (Version: 5.05 - CyberMatrix Corporation, Inc.) CloseAll (HKLM\...\CloseAll) (Version: 2.0 - NTWind Software) Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper) CPUID CPU-Z 1.90 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.90 - CPUID, Inc.) D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS) EaseUS Partition Master 13.0 Trial Edition (HKLM\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS) EasiestSoft Video Converter 3.3.1 (HKLM\...\{62540757-EAF0-B027-F7F8-CD5A8A0DC9BA}_is1) (Version: 3.3.1 - EasiestSoft International LLC.) Eassos PartitionGuru 4.9.5 (HKLM\...\{FC4FF5F4-2265-4E18-8BBC-12CBA9794388}_is1) (Version: - Eassos Co., Ltd.) Easy Video Splitter 1.28 (HKLM\...\Easy Video Splitter_is1) (Version: - DoEasier Tech Inc) Elevated Installer (HKLM\...\{D65F0A69-836E-419F-B817-A82A1A0B04A3}) (Version: 6.17.0.0 - Garmin Ltd or its subsidiaries) Hidden EmEditor (32-bit) (HKLM\...\{87E57ED7-E591-4DFD-8FD5-0F253EF425B3}) (Version: 19.0.0 - Emurasoft, Inc.) EmEditor Help (English) (HKLM\...\{613A955D-A807-4489-B423-1CEDE0676739}) (Version: 15.7.1 - Emurasoft, Inc.) Epic Pen version v3.6.0.0 (HKLM\...\Epic Pen_is1) (Version: v3.6.0.0 - TANK Studios) Evaer Video Recorder for Skype 1.6.5.11 (HKLM\...\Evaer Video Recorder for Skype) (Version: 1.6.5.11 - Evaer Technology) Faasoft Video Converter 5.2.24.5621 (HKLM\...\{C6FE6897-0A65-4474-8EF7-E7AF11F8F239}_is1) (Version: - Faasoft Corporation) FileSeek 6.2.1 (32-bit) (HKLM\...\44953928-E730-4e8c-A2B2-3A85BC96A3D0_is1) (Version: 6.2.1.0 - Binary Fortress Software) Firefox Preloader (HKLM\...\Firefox Preloader_is1) (Version: 1.0.366.0 - 6XGate Incorporated) Folder Size Explorer (HKLM\...\{7C3E7EA4-DCEC-4E49-8459-B6F15DBD9795}) (Version: 1.7.1 - Bazwise) FormatFactory 4.8.0.0 (HKLM\...\FormatFactory) (Version: 4.8.0.0 - Free Time) FotoTagger 2.13.0.1 (HKLM\...\FotoTagger) (Version: 2.13.0.1 - Cogitum) Free Launch Bar (HKLM\...\{1574CBD4-1656-420c-B553-E16F01E74C0F}) (Version: 2.0 - Tordex) Free M4a to MP3 Converter 9.7 (HKLM\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com) Free MPG Player (HKLM\...\{254E7ACE-402F-4CA4-951F-9C5F0B00AF1A}) (Version: 1.0.0 - Free MPG Player) Free Video Flip and Rotate version 2.1.6.128 (HKLM\...\Free Video Flip and Rotate_is1) (Version: 2.1.6.128 - DVDVideoSoft Ltd.) Free Video Joiner (HKLM\...\{14FA6DD9-92ED-493D-A937-81A78870E08A}_is1) (Version: - FreeVideoJoiner.com) Free WebM to MP3 Converter (32-bit) 1.2 (HKLM\...\{E359DE7A-892A-4E9F-B2D6-7487C4AA7FB6}_is1) (Version: 1.2 - Jacek Pazera) Freemake Video Converter version 4.1.10 (HKLM\...\Freemake Video Converter_is1) (Version: 4.1.10 - Mixbyte Inc.) Freemake Video Downloader (HKLM\...\Freemake Video Downloader_is1) (Version: 3.8.3 - Ellora Assets Corporation) Garmin City Navigator Aus and NZ NT 2017.20 (HKLM\...\{3E711870-B474-4277-AE21-481DEAD361B3}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries) Garmin City Navigator Australia And New Zealand NT 2012.40 Update (HKLM\...\{5E34337E-9BE4-4D72-9C61-77769BD72855}) (Version: 12.40.0.0 - Garmin Ltd or its subsidiaries) Garmin Communicator Plugin (HKLM\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries) Garmin Express (HKLM\...\{4A1D1574-78D4-48E5-A587-84392EEA5C8A}) (Version: 6.17.0.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express (HKLM\...\{624907e5-2ad8-4617-a97f-9e051f9179dd}) (Version: 6.17.0.0 - Garmin Ltd or its subsidiaries) Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries) Garmin USB Drivers (HKLM\...\{E31435FE-F0B7-4A62-BE46-BD166A1EEFFB}) (Version: 2.3.1.1 - Garmin Ltd or its subsidiaries) Garmin WebUpdater (HKLM\...\{5EF98E1C-3912-40EA-A8C1-25772D9F1762}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries) Hidden Garmin WebUpdater (HKLM\...\{f1c8f03d-88bd-432d-80d1-782d4fac96b2}) (Version: 2.5.7 - Garmin Ltd or its subsidiaries) Glary Utilities PRO 5.134 (HKLM\...\Glary Utilities 5) (Version: 5.134.0.160 - Glarysoft Ltd) GOM Player (HKLM\...\GOM Player) (Version: 2.3.42.5304 - GOM & Company) Google Chrome (HKLM\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC) Google Earth Pro (HKLM\...\{9D524A1E-F2FC-444D-B12A-7592CEB56EB5}) (Version: 7.3.2.5776 - Google) Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot) HandBrake 1.0.7 (HKLM\...\HandBrake) (Version: 1.0.7 - ) Hard Disk Sentinel PRO (HKLM\...\Hard Disk Sentinel_is1) (Version: 5.40 - Janos Mathe) HD Video Converter Factory Pro 17.1 (HKLM\...\HD Video Converter Factory Pro_is1) (Version: 17.1 - lrepacks.ru) HD Video Converter Factory Pro 18.6 (HKLM\...\HD Video Converter Factory Pro) (Version: 18.6 - WonderFox Soft, Inc.) Helium Audio Joiner (build 331) (HKLM\...\{1C7BCE67-6479-4D56-AD92-E50479028171}_is1) (Version: 1.9.0.331 - Imploded Software) HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.16.310 - SurfRight B.V.) Ico Converter 1.3 (HKLM\...\IcoConverter) (Version: - Tomatosoft) ICQ (version 10.0.12417) (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\icq.desktop) (Version: 10.0.12417 - ICQ) iDealshare VideoGo 7.0.4.6443 (HKLM\...\{CC4C06C4-7C78-4AAB-B5AF-33FB11CCD860}_is1) (Version: - iDealshare Corporation) ImTOO MP4 to MP3 Converter 6 (HKLM\...\ImTOO MP4 to MP3 Converter 6) (Version: 6.8.0.1101 - ImTOO) Ink2Go (HKLM\...\{6F884302-FE97-4024-ADE3-6415E0F3D372}) (Version: 1.6.0 - EyePower Games) Internet Download Manager (HKLM\...\Internet Download Manager) (Version: 6.32.8 - Tonek Inc.) IrfanView 4.53 (32-bit) (HKLM\...\IrfanView) (Version: 4.53 - Irfan Skiljan) iSkysoft Helper Compact 2.5.2 (HKLM\...\{9BF12010-8799-41A5-A671-E9CFDE9E79F3}_is1) (Version: 2.5.2 - iSkysoft) iSkysoft Video Converter Ultimate(Build 11.5.0.24) (HKLM\...\iSkysoft Video Converter Ultimate_is1) (Version: 11.5.0.24 - iSkysoft Software) ISO2Disc 1.10 (HKLM\...\ISO2Disc_is1) (Version: - Top Password Software, Inc.) JPG to PDF Converter 1.1 (HKLM\...\JPG to PDF Converter) (Version: 1.1 - ) Junk Mail filter update (HKLM\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Kleptomania version 5.0 (HKLM\...\{59C08933-1E83-4A8B-A2A9-FD895CFCC95D}_is1) (Version: 5.0 - StructuRise) K-Lite Codec Pack 15.3.2 Basic (HKLM\...\KLiteCodecPack_is1) (Version: 15.3.2 - KLCP) KMPlayer (HKLM\...\The KMPlayer) (Version: 4.2.2.35 - *******TV) Linksys Wireless-G PCI Adapter Driver - WMP54Gv4.1 (HKLM\...\{4DDC3BED-CC68-44AA-B435-D727B620CA5B}) (Version: 1.0 - Linksys, A Division of Cisco Systems, Inc.) Macro Express Pro (HKLM\...\Macro Express Pro) (Version: 4.3.0.1 - Insight Software Solutions, Inc.) Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes) MediaHuman Audio Converter version 1.9.6.6 (HKLM\...\MHAudioConverter_is1) (Version: 1.9.6.6 - MediaHuman) MediaInfo 18.12 (HKLM\...\MediaInfo) (Version: 18.12 - MediaArea.net) Messenger for Desktop (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\{4e2a4302-5df4-5868-a685-36c844414384}) (Version: 3.0.14 - MFD LABS LTD) Messenger for Desktop (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\4e2a4302-5df4-5868-a685-36c844414384) (Version: 3.0.8 - MFD LABS LTD) Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Windows Debugging Symbols (HKLM\...\{C6DB958A-50CC-481B-9ED8-3BAD236F7B49}) (Version: 7601 - Microsoft) Microsoft Works 6-9 Converter (HKLM\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation) MightyText (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\MightyText) (Version: 4.3.0 - MightyText) MKV to MP3 Converter 5.0.1 (HKLM\...\MKV to MP3 Converter) (Version: 5.0.1 - FreeStar) Movavi Video Converter 20 Premium (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Movavi Video Converter 20 Premium) (Version: 20.0.0 - Movavi) Movie Maker (HKLM\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 50.0 (x86 en-US) (HKLM\...\Mozilla Firefox 50.0 (x86 en-US)) (Version: 50.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 50.0 - Mozilla) Mp3tag v2.99a (HKLM\...\Mp3tag) (Version: 2.99a - Florian Heidenreich) MP4 Downloader Pro 3 (HKLM\...\MP4 Downloader Pro_is1) (Version: - Tomabo) MPC-HC 1.7.13 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.13 - MPC-HC Team) NetWorx 5.5.5 (HKLM\...\NetWorx_is1) (Version: - Softperfect) NirSoft RegScanner (HKLM\...\NirSoft RegScanner) (Version: - ) NirSoft ShellExView (HKLM\...\NirSoft ShellExView) (Version: - ) Nitro Pro (HKLM\...\{94E40F4E-D482-499D-9239-D70AE64E9618}) (Version: 13.2.3.26 - Nitro) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation) PicPick (HKLM\...\PicPick) (Version: 5.0.7 - NGWIN) Platform (HKLM\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.40 - VIA Technologies, Inc.) Hidden Point Position 1.0 (HKLM\...\Point Position 1.0) (Version: 1.0 - Vasilios Applications) PowerISO (HKLM\...\PowerISO) (Version: 6.3 - Power Software Ltd) Presentation Assistant V3.0.1 (HKLM\...\Presentation Assistant_is1) (Version: - www.presentation-assistant.com) Pushbullet version 338 (HKLM\...\{7578F204-49E7-4830-B051-14C23F408BFE}_is1) (Version: 338 - Pushbullet Inc) Readiris 17 (HKLM\...\{8ACAE85F-B250-4543-9AD8-734474B3BA20}) (Version: 17.01.11945 - I.R.I.S.) RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden RealUpgrade 1.1 (HKLM\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden Recover My Files (HKLM\...\Recover My Files v5_is1) (Version: 5.2.1.1964 - GetData Pty Ltd) Registrar Registry Manager 8.60 (HKLM\...\Registrar32_is1) (Version: - Resplendence Software Projects Sp.) Revo Uninstaller Pro 4.2.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.2.0 - VS Revo Group, Ltd.) Screenpresso (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Screenpresso) (Version: 1.7.0.0 - Learnpulse) Security Task Manager 2.3c (HKLM\...\Security Task Manager) (Version: 2.3c - Neuber Software) Skype version 8.55 (HKLM\...\Skype_is1) (Version: 8.55 - Skype Technologies S.A.) SMPlayer 19.10.0 (HKLM\...\SMPlayer) (Version: 19.10.0 - Ricardo Villalba) Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform) Spotify (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Spotify) (Version: 1.1.16.522.g55a4b852 - Spotify AB) Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.) Spybot Anti-Beacon (HKLM\...\{419A7FCF-93E1-474D-BFE9-987CF3F90C88}_is1) (Version: 1.5 - Safer-Networking Ltd.) Stellar Repair for Video (HKLM\...\Stellar Repair for Video_is1) (Version: 4.0.0.0 - Stellar Information Technology Pvt Ltd.) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1038 - SUPERAntiSpyware.com) Tame version 6.0d (remove only) (HKLM\...\Tame 6.0d) (Version: - ) TeamViewer (HKLM\...\TeamViewer) (Version: 15.0.8397 - TeamViewer) Telegram Desktop version 1.9.3 (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.9.3 - Telegram FZ-LLC) TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version: - Code Sector) Text Monkey Lite (HKLM\...\Text Monkey Lite) (Version: - ) TreeSize V7.1.3 (HKLM\...\TreeSize_is1) (Version: 7.1.3 - JAM Software) Ultra Video Joiner 6.4.1010 (HKLM\...\Ultra Video Joiner_is1) (Version: - Aone Software) Ultra Video Splitter 6.4.1010 (HKLM\...\Ultra Video Splitter_is1) (Version: - Aone Software) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) UpdateService (HKLM\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden VC 9.0 Runtime (HKLM\...\{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}) (Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden vDosWP (HKLM\...\{49883946-559B-4FE0-866F-7674B9516A75}_is1) (Version: 2018.10.14 - wpdos.org) VIA Platform Device Manager (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.40 - VIA Technologies, Inc.) Viber (HKLM\...\{D65DDA75-2C0A-46BA-807D-127BD5638490}) (Version: 6.0.1.5 - Viber Media Inc.) Hidden Viber (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\{acc83058-83b0-41e2-b372-266672a1af16}) (Version: 6.0.1.5 - Viber Media Inc.) Video Downloader (HKLM\...\{8B6202FD-3790-4DD4-B343-51736F7FF4E5}) (Version: 1.2.0 - RealNetworks) Hidden VideoProc (HKLM\...\VideoProc) (Version: 3.5 - Digiarty, Inc.) VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN) VSDC Free Video Editor version 6.3.6.17 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.3.6.17 - Flash-Integro LLC) VSO ConvertXToDVD (HKLM\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.3.0.40 - VSO Software) Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden Winaero Tweaker (HKLM\...\Winaero Tweaker_is1) (Version: 0.16.1.0 - Winaero) WinAVI Video Converter (HKLM\...\WinAVI Video Converter) (Version: 11.5.1.4360 - ZJMedia Digital Technology Ltd.) Windows 7 Games for Windows 10 and 8 (HKLM\...\Win7Games) (Version: 2.0 - hxxp://winaero.com) Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46 ) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152 ) (Version: 04/19/2012 2.3.1.0 - Garmin) Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2 ) (Version: 02/06/2007 3.1 - Silicon Labs Software) Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Winja version 4.1.0 (HKLM\...\Winja_is1) (Version: 4.1.0 - Phrozen SAS) WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 35.5.2017.8 - Ruiware) WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) WinRAR 5.80 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH) WinX HD Video Converter Deluxe 5.15.5 (HKLM\...\WinX HD Video Converter Deluxe_is1) (Version: - Digiarty Software, Inc.) WinX YouTube Downloader (HKLM\...\WinX YouTube Downloader) (Version: 5.2 - Digiarty, Inc.) WinX YouTube Downloader 4.0.10 (HKLM\...\WinX YouTube Downloader_is1) (Version: - Digiarty Software, Inc.) Wireless-G PCI Adapter (HKLM\...\{88742616-A6E9-4C7E-9665-B625799541FB}) (Version: - ) Wise Duplicate Finder 1.3.4.42 (HKLM\...\Wise Duplicate Finder_is1) (Version: 1.3.4.42 - lrepacks.ru) WonderFox DVD Video Converter 18.0 (HKLM\...\WonderFox DVD Video Converter) (Version: 18.0 - WonderFox Soft, Inc.) Wondershare AllMyTube(Build 7.4.5.0) (HKLM\...\AllMyTube_is1) (Version: 7.4.5.0 - Wondershare) Wondershare Helper Compact 2.5.3 (HKLM\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare) Xilisoft Video Converter Ultimate (HKLM\...\Xilisoft Video Converter Ultimate) (Version: 7.8.23.20180925 - Xilisoft) Xperia Companion (HKLM\...\{5b7c1b25-5fb6-442c-a1b5-cb8dfc2267bf}) (Version: 2.8.3.0 - Sony) Xperia Companion (HKLM\...\{66EABD35-6233-4926-9AB1-AB31CC6BC7D9}) (Version: 2.8.3.0 - Sony) Hidden Xperia Companion Service (HKLM\...\{E41065E8-67E2-448F-940C-FF9D7C51E4E3}) (Version: 2.8.3.0 - Sony) Hidden Xvid MPEG-4 Video Codec (HKLM\...\xvid) (Version: - Xvid Development Team) Packages: ========= IDM Integration Module -> C:\Program Files\WindowsApps\TonecInc.IDMIntegrationModule_6. 30.6.0_neutral__e7b5mm5d3r6v2 [2019-04-01] (Tonec Inc.) Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_41.1788.5 0991.0_x86__8xx8rvfyw5nnt [2018-12-09] (Instagram) Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_16005.11029.20108.0_x86__8wekyb3d8bbwe [2019-12-06] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 08.3.0_x86__8wekyb3d8bbwe [2019-12-06] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireColl ection_4.2.11280.0_x86__8wekyb3d8bbwe [2019-12-06] (Microsoft Studios) [MS Ad] mysms - Text from Computer, Messaging -> C:\Program Files\WindowsApps\UptoElevenDigitalSolution.mysms-Textanywhere_3.2.0.0_x86__c9d6r4qvva5x8 [2019-12-22] (Up to Eleven Digital Solutions GmbH) Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.9.49.0_ x86__43tkc6nmykmb6 [2019-12-24] (Ookla) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-198903158-1304534811-4163729061-1000_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Joe\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboa rder32.dll (Helmut Buhler) [File not signed] CustomCLSID: HKU\S-1-5-21-198903158-1304534811-4163729061-1000_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Joe\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.3 2.dll (Helmut Buhler) [File not signed] CustomCLSID: HKU\S-1-5-21-198903158-1304534811-4163729061-1000_Classes\CLSID\{DFA0CC7F-D36B-47D1-8EF5-415C1DA53F57}\InprocServer32 -> C:\Users\Joe\AppData\Local\Programs\EmEditor\emeds hl.dll (Emurasoft, Inc. -> Emurasoft, Inc.) ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2018-05-12] (Tonec Inc. -> Tonec Inc.) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-04] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-04] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => -> No File ContextMenuHandlers1: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File ContextMenuHandlers1: [Tomabo.MP4Converter] -> [CC]{67A979E9-C5A6-4C0F-B0B7-FB516406FA9E} => -> No File ContextMenuHandlers1: [Tomabo.MP4Player] -> [CC]{DA4F8B8B-91CF-43AD-BB0B-B52BF770DA3E} => -> No File ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {55D63393-DB17-4A2B-9052-15D85B4B1344} => -> No File ContextMenuHandlers2: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-04] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-05] () [File not signed] ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => -> No File ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> No File ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File ContextMenuHandlers4: [TeraCopy] -> [CC]{A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => -> No File ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacmxx.dll [2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) ContextMenuHandlers5: [Actual Window Manager] -> {CE577978-3FCA-430D-B0CE-D637788F9C5A} => C:\Program Files\Actual Window Manager\ActualWindowManagerShellExtension.dll [2019-05-15] (Actual Tools (Mikhail Yurievich Tretyakov IP) -> Actual Tools) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-04] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group) ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-05] () [File not signed] ContextMenuHandlers1_S-1-5-21-198903158-1304534811-4163729061-1000: [EmEditor] -> {DFA0CC7F-D36B-47D1-8EF5-415C1DA53F57} => C:\Users\Joe\AppData\Local\Programs\EmEditor\emeds hl.dll [2019-07-30] (Emurasoft, Inc. -> Emurasoft, Inc.) ContextMenuHandlers2_S-1-5-21-198903158-1304534811-4163729061-1000: [EmEditor] -> [CC]{DFA0CC7F-D36B-47D1-8EF5-415C1DA53F57} => -> No File ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [msacm.divxa32] => C:\WINDOWS\system32\msaud32_divx.acm [186368 2003-02-03] (Microsoft Corporation) [File not signed] HKLM\...\Drivers32: [vidc.MPG4] => C:\WINDOWS\system32\mpg4c32.dll [413760 2001-01-07] (Microsoft Corporation) [File not signed] HKLM\...\Drivers32: [vidc.MP42] => C:\WINDOWS\system32\mpg4c32.dll [413760 2001-01-07] (Microsoft Corporation) [File not signed] HKLM\...\Drivers32: [vidc.MP43] => C:\WINDOWS\system32\mpg4c32.dll [413760 2001-01-07] (Microsoft Corporation) [File not signed] HKLM\...\Drivers32: [msacm.voxacm160] => C:\WINDOWS\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed] HKLM\...\Drivers32: [msacm.scg726] => C:\WINDOWS\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed] HKLM\...\Drivers32: [msacm.alf2cd] => C:\WINDOWS\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed] HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed] HKLM\...\Drivers32: [msacm.lame] => C:\WINDOWS\system32\lame.ax [245760 2005-08-01] () [File not signed] HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed] HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed] HKLM\...\Drivers32: [vidc.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] ( ) [File not signed] HKLM\...\Drivers32: [vidc.XVID] => C:\WINDOWS\system32\xvidvfw.dll [236544 2011-12-19] () [File not signed] HKLM\...\Drivers32: [VIDC.VP80] => vp8vfw.dll ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\Joe\Desktop\Clear Quicklaunch.lnk -> C:\Data\Batch Files\DOS or CMD\Clear_Q.L.bat () Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\autohotkey.lnk -> C:\Data\Batch Files\Autohotkey\autohotkey.bat () Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\Cleanup.lnk -> C:\Data\Batch Files\DOS or CMD\Cleanup.bat () Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\Firefox Preloader.lnk -> C:\Program Files\FirefoxPreloader\FirefoxPreloader.exe (6XGate Incorporated) Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\AWMClipboard.lnk -> C:\Data\Batch Files\Macro Express\Clipboard_AWM.bat () Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\close & copy ADC.lnk -> C:\Data\Batch Files\Copy Data\Autohotkey\close & copy ADC.bat () Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Greenshot.lnk -> C:\Data\Batch Files\Macro Express\Greenshot.bat () Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\KillGreenshot.lnk -> C:\Data\Batch Files\DOS or CMD\KillGreenshot.bat () Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MultiLaunch.lnk -> C:\Data\Batch Files\DOS or CMD\MultiLaunch.bat () ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Creating an internet shortcut fails _.._.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=djcnpbhjfgpighcllplapphngaaockbd ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\draw.io Desktop.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=pebppomjfocnoigkeepgbmcifnnlndla ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Gmail (1).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kmhopmchchfpfdcdjodmpfaaphdclmlj ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kmhopmchchfpfdcdjodmpfaaphdclmlj ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Google Hangouts.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Hangouts (1).lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=deigijodonbmdapahgkdjljmcngipaab ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Hangouts.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=deigijodonbmdapahgkdjljmcngipaab ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\MightyTextTest.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=andmpiilbgodiefijhcneadhegcolaoe ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Pushbullet Settings.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jinnpgkhgbkooiphbamlonfpcedokdah ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\SendLeap.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=phnjmiobjppgfeicepedmfnpjjmfjlha ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\sydney time.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=dahalpfpibpddfpdcfgmpjelnldolich ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Telegram.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=clhhggbfdinjmjhajaheehoeibfljjno ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Todoist for Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=bgjohebimpjdhhocbknplfelpmdhifhd ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=adnlfjpnmidfimlkaohpidplnoimahfh ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\fd4d8e7501576f3f\Pushb ullet.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=chlffgpmiacpedhhbkiomidkjlcfhogd ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Googl e Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Comms\Hangouts.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Comms\SendLeap.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=phnjmiobjppgfeicepedmfnpjjmfjlha ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ Rare\MightyText Test.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=andmpiilbgodiefijhcneadhegcolaoe ==================== Loaded Modules (Whitelisted) ============= 2020-01-06 06:13 - 2020-01-06 06:13 - 000379904 _____ () [File not signed] \\?\C:\Users\Joe\AppData\Local\Temp\BD93.tmp.node 2020-01-06 06:13 - 2020-01-06 06:13 - 000379904 _____ () [File not signed] \\?\C:\Users\Joe\AppData\Local\Temp\C6E9.tmp.node 2017-12-03 09:37 - 2017-10-16 01:21 - 003420672 _____ () [File not signed] C:\Program Files\Kleptomania\TextractSmart.dll 2017-01-02 17:19 - 2016-09-19 12:08 - 000622080 _____ () [File not signed] C:\Program Files\NetWorx\sqlite.dll 2012-01-10 08:22 - 2011-11-23 15:59 - 000035840 _____ () [File not signed] C:\Program Files\XemiComputers\Active Desktop Calendar\MouseHook.dll 2019-07-09 12:21 - 2019-07-09 12:21 - 001702400 _____ () [File not signed] C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\ffmpeg.dll 2019-07-09 12:21 - 2019-07-09 12:21 - 000015872 _____ () [File not signed] C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\libegl.dll 2019-07-09 12:21 - 2019-07-09 12:21 - 002517504 _____ () [File not signed] C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\libglesv2.dll 2016-07-29 13:05 - 2005-01-19 13:15 - 000028672 _____ (6XGate Systems, Inc.) [File not signed] C:\WINDOWS\SYSTEM32\regclass.dll 2019-08-01 17:55 - 2016-11-15 18:30 - 000122880 _____ (Allavsoft Corporation) [File not signed] C:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.17.7.7150\BVDFirefoxExt\com ponents\BVDFirefoxPlugin.dll 2019-03-14 17:44 - 2018-04-28 11:09 - 000580096 _____ (Helmut Buhler) [File not signed] C:\Program Files\Windows Sidebar\dwmapi.dll 2019-12-06 01:26 - 2019-12-06 01:26 - 000065536 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.openmp_1fc8b3 b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vc omp.dll 2019-07-09 12:21 - 2019-07-09 12:21 - 014393344 _____ (Node.js) [File not signed] C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\node.dll 2016-02-13 03:17 - 2016-02-13 03:17 - 001170944 _____ (TameDOS) [File not signed] C:\WINDOWS\System32\TameVdd.Dll 2009-04-14 09:14 - 2009-04-14 09:14 - 001527808 _____ (TrueSoft) [File not signed] C:\Program Files\FreeLaunchBar\flb.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== ==================== Association (Whitelisted) ================= ==================== Internet Explorer trusted/restricted ========== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\garmin.com -> hxxps://my.garmin.com IE trusted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\localhost -> localhost IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\123simsen.com -> www.123simsen.com There are 7945 more sites. ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 13:04 - 2019-11-21 09:45 - 000455737 ____R C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com |
#20
|
|||
|
|||
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-01-2020
Ran by Joe (administrator) on DESKTOPTOWER (Gigabyte Technology Co., Ltd. X58A-UD5) (06-01-2020 06:28:40) Running from C:\Program Files\Farbar Loaded Profiles: Joe (Available Profiles: Joe & DefaultAppPool) Platform: Microsoft Windows 10 Pro Version 1909 18363.535 (X86) Language: English (United States) Default browser: FF Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () [File not signed] C:\Program Files\AutoHotkey\AutoHotkey.exe () [File not signed] C:\Program Files\Kleptomania\KMania.exe (6XGate Incorporated) [File not signed] C:\Program Files\FirefoxPreloader\FirefoxPreloader.exe (Actual Tools (Mikhail Yurievich Tretyakov IP) -> Actual Tools) C:\Program Files\Actual Window Manager\ActualWindowManagerCenter.exe (Actual Tools (Mikhail Yurievich Tretyakov IP) -> Actual Tools) C:\Program Files\Actual Window Manager\ActualWindowManagerShellCenter.exe (Actual Tools (Mikhail Yurievich Tretyakov IP) -> Actual Tools) C:\Program Files\Actual Window Manager\LogonScreenService.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe (BitTorrent Inc -> BitTorrent, Inc.) C:\Program Files\uTorrent\uTorrent.exe (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.) C:\Program Files\AOMEI Backupper\ABService.exe (Google LLC -> Google LLC) C:\Program Files\Google\Update\1.3.35.422\GoogleCrashHandler. exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Live\Mail\wlmail.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSv cHost.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSv cHost.exe (Microsoft Corporation) [File not signed] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\ntvdm.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\snmp.exe (Mixbyte Inc -> Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\Freem akeUtilsService.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Nitro PDF Software -> Nalpeiron Ltd.) C:\Windows\System32\NLSSRV32.EXE (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe (Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe (Openphone Inc. -> MightyText) C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\MightyText.exe (Openphone Inc. -> MightyText) C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\MightyText.exe (Openphone Inc. -> MightyText) C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\MightyText.exe (Openphone Inc. -> MightyText) C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\MightyText.exe (Openphone Inc. -> MightyText) C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\MightyText.exe (Openphone Inc. -> MightyText) C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\MightyText.exe (Openphone Inc. -> MightyText) C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\MightyText.exe (SOFTPERFECT PTY. LTD. -> SoftPerfect) C:\Program Files\NetWorx\networx.exe (Sony Mobile Communications AB -> Sony) C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe (TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (Telegram FZ-LLC -> Telegram FZ-LLC) C:\Users\Joe\AppData\Roaming\Telegram Desktop\Telegram.exe (XemiComputers ltd.) [File not signed] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NetWorx] => C:\Program Files\NetWorx\networx.exe [5219656 2016-09-28] (SOFTPERFECT PTY. LTD. -> SoftPerfect) HKLM\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1960248 2015-10-26] (Shenzhen Wondershare Information Technology Co., Ltd. -> ) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [232840 2019-10-04] (AVAST Software s.r.o. -> AVAST Software) HKLM\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (Shenzhen Yi Xing Investment Co., Ltd. -> iSkySoft) HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Run: [Active Desktop Calendar] => C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe [7608832 2011-11-23] (XemiComputers ltd.) [File not signed] HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Run: [Kleptomania] => C:\Program Files\Kleptomania\KMania.exe [973312 2017-10-16] () [File not signed] HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Run: [WinPatrol] => C:\Program Files\Ruiware\WinPatrol\winpatrol.exe [1223560 2017-05-08] (Ruiware, LLC -> Ruiware) HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Run: [uTorrent] => C:\Program Files\uTorrent\uTorrent.exe [399736 2019-04-18] (BitTorrent Inc -> BitTorrent, Inc.) HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Run: [com.squirrel.MightyText.MightyText] => C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\MightyText.exe [56272456 2019-07-09] (Openphone Inc. -> MightyText) HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [44024 2019-12-23] (Glarysoft LTD -> Glarysoft Ltd) HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Run: [GarminExpress] => C:\Program Files\Garmin\Express\express.exe [30871024 2019-08-21] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot) HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Run: [Actual Window Manager] => C:\Program Files\Actual Window Manager\ActualWindowManagerCenter.exe [2180352 2019-05-15] (Actual Tools (Mikhail Yurievich Tretyakov IP) -> Actual Tools) HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [4038712 2019-03-20] (Tonec Inc.) [File not signed] HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Policies\system: [DisableLockWorkstation] 1 HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Policies\Explorer: [NoCookiesForDCFMC] 81<0 HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\79.0.3945.88\Insta ller\chrmstp.exe [2019-12-20] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> Startup: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\autohotkey.lnk [2019-01-19] ShortcutTarget: autohotkey.lnk -> C:\Data\Batch Files\Autohotkey\autohotkey.bat () [File not signed] Startup: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\Cleanup.lnk [2019-01-19] ShortcutAndArgument: Cleanup.lnk -> C:\Data\Batch Files\DOS or CMD\Cleanup.bat => Startup: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\Firefox Preloader.lnk [2016-07-29] ShortcutTarget: Firefox Preloader.lnk -> C:\Program Files\FirefoxPreloader\FirefoxPreloader.exe (6XGate Incorporated) [File not signed] Startup: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\Sidebar500.lnk [2020-01-06] ShortcutTarget: Sidebar500.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) [File not signed] Startup: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\Telegram.lnk [2016-04-24] ShortcutTarget: Telegram.lnk -> C:\Users\Joe\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC) Startup: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\WLM.lnk [2015-10-09] ShortcutTarget: WLM.lnk -> C:\Program Files\Windows Live\Mail\wlmail.exe (Microsoft Corporation -> Microsoft Corporation) BootExecute: autocheck autochk * les\Glary Utilities 5\data\gulr.dat GroupPolicy: Restriction ? <==== ATTENTION GroupPolicy\User: Restriction ? <==== ATTENTION FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {006E622B-6E41-4398-8D4E-FB6B7F93B7BF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpda teService.exe [335416 2019-12-14] (Adobe Inc. -> Adobe) Task: {016125DD-943C-46FB-933D-E06926FC3960} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-15] (Piriform Software Ltd -> Piriform Software Ltd) Task: {023C9347-2476-4306-85F6-61A6D26B47CC} - System32\Tasks\{98BA06CC-6FD7-4F59-887B-4D383000A001} => C:\Windows\system32\pcalua.exe -a "C:\Users\Joe\Downloads\Utilities\PDF\Editor\F oxIt PDF Editor 2.0\FoxitEditor20_setup.exe" -d "C:\Users\Joe\Downloads\Utilities\PDF\Editor\F oxIt PDF Editor 2.0" Task: {0F99FD47-2D75-4BB1-A3F4-C3207724203F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandco ntent -> No File <==== ATTENTION Task: {1AA84EE5-ED74-4508-AB04-800F817C5524} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_ex e => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [1696976 2014-03-19] (Microsoft Corporation -> Microsoft Corporation) Task: {223F6883-C780-495D-B9FF-51D91FAF956E} - \SidebarExecute -> No File <==== ATTENTION Task: {24FA84A0-E087-48EC-BC51-2B9C4C815D78} - System32\Tasks\Microsoft\Windows\PerfTrack\Backgro undConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {28066BF8-59F1-43C9-9C89-1405B5915DA7} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3250056 2019-10-04] (AVAST Software s.r.o. -> AVAST Software) Task: {28384190-8375-4F91-AE91-CFEDEBAF6387} - System32\Tasks\Microsoft\Windows\SideShow\SessionA gent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {2A4BB477-D5D2-4159-A391-79CFC1D3D814} - System32\Tasks\{EB3B1F34-37CE-4AAC-9491-1B51A99EF057} => C:\Windows\system32\pcalua.exe -a "C:\Users\Joe\Downloads\Utilities\Voice & Video chat\GoogleVoiceAndVideoSetup.exe" -d "C:\Users\Joe\Downloads\Utilities\Voice & Video chat" Task: {2A6AAE0A-529B-4CF7-82E1-51C962140A40} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-15] (Piriform Software Ltd -> Piriform Ltd) Task: {2CE46AF6-52D6-4865-800C-F1EBA1BA51D3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - System32\Tasks\Microsoft\Windows\Shell\WindowsPare ntalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A} Task: {41B4479B-CE79-4E00-88A6-5910895E7BFC} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [1696976 2014-03-19] (Microsoft Corporation -> Microsoft Corporation) Task: {4819EA1D-C6B2-4A48-8554-E3257C37D1A6} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyb oardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2211024 2014-03-19] (Microsoft Corporation -> Microsoft) Task: {48920FDE-4F57-4B1A-9581-2C84E84CF16B} - System32\Tasks\{79B648AB-D2C7-4CB6-B481-8750BB0C9223} => C:\Windows\system32\pcalua.exe -a "U:\Drivers\Brother Laser\SETUP.EXE" -d "U:\Drivers\Brother Laser" Task: {495F7F3D-F249-42FF-AF62-5CEA8A3945EE} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin\InstallManagerApp.exe [9431240 2016-03-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {49735B1A-80CC-4353-8325-461135C141AC} - System32\Tasks\Microsoft\Windows\SideShow\SystemDa taProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {4D1B8669-469B-4A21-AE33-428EF5B56156} - System32\Tasks\{5D2BF198-67A0-47E7-8C5F-A3524EDD536B} => C:\Windows\system32\pcalua.exe -a "U:\Utilities\WP51+\Tame v6\tame60.exe" -d "U:\Utilities\WP51+\Tame v6" Task: {549E1291-F375-4588-A43C-75FAF3831ECC} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {567898A3-E18B-4BA0-A82E-3DC699F351F5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {62798434-2842-41A5-922E-E479E405DC6B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.) Task: {661F045A-1B72-4EA0-B1D5-DC8C21046604} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {66721EE1-1FB2-4949-A560-39C2A12A0248} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_ 0_0_303_Plugin.exe [1457720 2019-12-14] (Adobe Inc. -> Adobe) Task: {69402868-C889-4D08-AE0B-CECF4D6AFD3F} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION Task: {80BA2A26-808F-4A36-99BF-6E00DF762174} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {895936EB-17D5-4A65-AD01-861BF8E4DCD3} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1106128 2014-03-19] (Microsoft Corporation -> Microsoft Corporation) Task: {89B124C6-1DA4-4E0E-AF24-108FB673A9C0} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2019-08-21] (Garmin International, Inc. -> ) Task: {89C980E2-68AC-4FDE-B713-F7E7086CF301} - System32\Tasks\{1C8C8445-3AF3-4DD6-8C02-6694F42FDBE6} => C:\Windows\system32\pcalua.exe -a C:\Utilities\GTalk\GoogleVoiceAndVideoSetup.exe -d C:\Utilities\GTalk Task: {8D1AB70C-325A-4323-97A3-E717D2E87FFC} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {8F919ED4-806D-4EE1-B4FA-F65D9D44C5ED} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1542536 2019-10-04] (AVAST Software s.r.o. -> AVAST Software) Task: {92DBC411-9B90-4298-9EFB-831154BE45E0} - System32\Tasks\{F5737DFE-F1CC-479D-8E20-6148EA378C88} => C:\Windows\system32\pcalua.exe -a "C:\Users\Joe\Downloads\Utilities\Security\Zon e Alarm\zaSuiteSetup_91_008_000_en.exe" -d "C:\Users\Joe\Downloads\Utilities\Security\Zon e Alarm" Task: {944C24C5-EAF4-4661-A0D1-84CAFBF36D4A} - System32\Tasks\{63015BF2-084B-43A3-ADD2-5B422213AA20} => C:\Windows\system32\pcalua.exe -a C:\Users\Joe\Desktop\v6\WIN32\IE.EXE -d C:\Users\Joe\Desktop\v6\WIN32 Task: {94DD9B89-C8A6-4CFF-870B-1F5CBDB84971} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {A0BABFE1-F03C-4C2B-B95E-BCDA5FFC882E} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK Task: {A77A79C8-76B2-4FE2-9D78-ADFF1885DEED} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {B47BF8F2-207F-414D-B278-3640571BDBD8} - System32\Tasks\Future Systems Solutions\Casper\Casper 8.0 Update Notification Task => C:\Program Files\Future Systems Solutions\Casper 8.0\CASPER.EXE [12154288 2014-04-30] (Future Systems Solutions, Inc. -> Future Systems Solutions, Inc.) Task: {BE0D60AF-DB66-4573-894B-AC9389FA6F96} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe Task: {BFB5A266-26A0-43EF-A87C-D1E321ECCEB1} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION Task: {C29C0A7B-324D-47E4-BA07-FA6EF99D1262} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} C:\Program Files\Windows Live\SOXE\wlsoxe.dll [192704 2014-03-31] (Microsoft Corporation -> Microsoft Corporation) Task: {C3CBC979-B3E1-478B-BAA1-EC871F99A0D0} - System32\Tasks\Safer-Networking\Spybot Anti-Beacon\Refresh Anti-Beacon immunization => C:\Program Files\Spybot Anti-Beacon\SDAntiBeacon.exe [5584920 2015-10-19] (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed] Task: {C44EB20B-C9B1-4DC4-8625-B83CE2CDE70C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.) Task: {CBAC8618-106A-48BA-8EA8-FBA377BC7FEA} - System32\Tasks\GU5SkipUAC => C:\Program Files\Glary Utilities 5\Integrator.exe [916464 2019-12-23] (Glarysoft LTD -> Glarysoft Ltd) Task: {CE030FC7-013B-490A-83E2-F9FFBD8D7D59} - System32\Tasks\{25E6CB6D-8992-43FF-9440-629929607D3D} => C:\Windows\system32\pcalua.exe -a "C:\Users\Joe\Desktop\Brother Driver\eng\inst\setup.exe" -d "C:\Users\Joe\Desktop\Brother Driver\eng\inst" Task: {CFC16982-A32D-4423-89AF-7921ED8D3E74} - \FreeDownloadManagerNetworkMonitor -> No File <==== ATTENTION Task: {D128094B-B79B-4F43-BEAA-AC5ECCE2DEF9} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgra deTime -> No File <==== ATTENTION Task: {D4C73E75-416B-421A-838D-3E8BA54D2C43} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION Task: {D5E9F6F6-1413-44E5-9AEA-F365EC9C04D9} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgra deReminderTime -> No File <==== ATTENTION Task: {DCD08411-7FD4-4DF6-B2F8-61CEDEA01EE9} - System32\Tasks\Microsoft\Windows\SideShow\GadgetMa nager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {E79B2998-8F63-451A-A56D-26EDC0A5098A} - System32\Tasks\Microsoft\Windows\Shell\WindowsPare ntalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB} Task: {EAA584A5-9C1E-4646-BD93-296671026395} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {EC546FC1-8235-4E97-8B77-D2F6E056B8E3} - System32\Tasks\{F45CE27F-5014-49C7-9C3D-D02C23C9DF8A} => "c:\program files\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/5.8.0.158/en/abandoninstall?source=lightinstaller&page=tsInstal l Task: {EE4DCCBB-07C0-46BC-98D8-1D8C3D9DBEAD} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxcon fig-B -> No File <==== ATTENTION Task: {F20713DE-957F-41A0-9DC0-D0FEBE841BA7} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1106128 2014-03-19] (Microsoft Corporation -> Microsoft Corporation) Task: {FC25CF3C-3BF5-4FE5-9477-651B844DADD1} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {FE923EC4-094C-45A0-9265-B2AD53E38FFD} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask .job => C:\WINDOWS\explorer.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{281df617-1514-4e2d-b234-f44e08eb4905}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{2ceeefcf-7eda-41d3-8549-f5e54f1884d9}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{56ffec6b-bffe-456f-87cc-70676a8d1a21}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{dc39b9eb-28f6-4f80-a95e-2737cb81f0d2}: [NameServer] 1.1.1.1,1.0.0.1 Tcpip\..\Interfaces\{dc39b9eb-28f6-4f80-a95e-2737cb81f0d2}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-198903158-1304534811-4163729061-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2018-11-22] (Tonec Inc. -> Internet Download Manager, Tonec Inc.) BHO: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation) BHO: No Name -> {FF2573AE-E1ED-40e1-83BA-F544CB2EE135} -> No File DPF: {9732FB42-C321-11D1-836F-00A0C993F125} hxxp://www.pcpitstop.com/mhLbl.cab Handler: AutorunsDisabled\belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2019-01-25] (Belarc, Inc. -> Belarc, Inc.) Handler: AutorunsDisabled\wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2019-01-25] (Belarc, Inc. -> Belarc, Inc.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File FireFox: ======== FF DefaultProfile: rbclt173.default FF ProfilePath: C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profi les\rbclt173.default [2020-01-06] FF Extension: (Add-on Compatibility Reporter) - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profi les\rbclt173.default\Extensions\compatibility@addo ns.mozilla.org.xpi [2018-09-06] [Legacy] FF Extension: (HTTPS Everywhere) - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profi les\rbclt173.default\Extensions\https-everywhere@eff.org.xpi [2019-11-13] FF Extension: (Auto-Sort Bookmarks) - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profi les\rbclt173.default\Extensions\sortbookmarks@boua nto.xpi [2018-10-14] [Legacy] FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profi les\rbclt173.default\Extensions\sp@avast.com.xpi [2019-10-03] FF Extension: (uBlock Origin) - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profi les\rbclt173.default\Extensions\uBlock0@raymondhil l.net.xpi [2018-09-08] [Legacy] FF Extension: (Avast Online Security) - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profi les\rbclt173.default\Extensions\wrc@avast.com.xpi [2019-12-31] FF Extension: (Screengrab (fix version)) - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profi les\rbclt173.default\Extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2018-09-06] [Legacy] FF Extension: (Session Manager) - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profi les\rbclt173.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2018-09-06] [Legacy] FF Extension: (Password Exporter) - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profi les\rbclt173.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2018-09-07] [Legacy] FF Extension: (1M's Choice, LINER - Web / PDF Highlighter) - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profi les\rbclt173.default\Extensions\{b6dccbb2-f2bd-4a56-84b8-3432934a5905}.xpi [2020-01-03] FF Extension: (Video DownloadHelper) - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profi les\rbclt173.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-05-30] FF Extension: (MP4 Downloader Pro Extension) - C:\Program Files\Tomabo\MP4 Downloader Pro\MP4DP_FF.xpi [2016-07-26] [Legacy] FF Extension: (Allavsoft Video Downloader Firefox Extension) - C:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.17.7.7150\BVDFirefoxExt [2019-08-01] [Legacy] FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2017-12-21] [Legacy] FF HKLM\...\Firefox\Extensions: [{682F8106-3DFC-4cde-98D2-285FCF23FD09}] - C:\Program Files\Tomabo\MP4 Downloader Pro\MP4DP_FF.xpi FF HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc3.xpi FF Extension: (IDM Integration Module) - C:\Program Files\Internet Download Manager\idmmzcc3.xpi [2019-03-20] [UpdateUrl:hxxps://data.internetdownloadmanager.com/idmmzcc3/update.json] FF HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi FF HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Firefox\Extensions: [{6EBED4D8-13D9-4270-8D44-B57DDB7A787C}] - C:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.17.7.7150\BVDFirefoxExt FF HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Firefox\Extensions: [KVAllmytube@KeepVid.com] - C:\Program Files\Wondershare\AllMyTube\BrowserPlugin\kvallmyt ube@keepvid.com_xpi FF Extension: (KeepVid Pro) - C:\Program Files\Wondershare\AllMyTube\BrowserPlugin\kvallmyt ube@keepvid.com_xpi [2019-09-27] [Legacy] FF HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Firefox\Extensions: [{31C8B8A4-6712-4A47-B378-2BE78B8EE9E1}] - C:\Program Files\Bigasoft\Video Downloader Pro\extensions\3.17.9.7200\BVDFirefoxExt FF Extension: (Bigasoft Video Downloader Pro) - C:\Program Files\Bigasoft\Video Downloader Pro\extensions\3.17.9.7200\BVDFirefoxExt [2019-09-27] [Legacy] [not signed] FF HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Joe\AppData\Roaming\IDM\idmmzcc5 FF Extension: (IDM CC) - C:\Users\Joe\AppData\Roaming\IDM\idmmzcc5 [2019-12-21] [Legacy] [not signed] FF HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_ 303.dll [2019-12-14] (Adobe Inc. -> ) FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File] FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File] FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2012-11-02] (Garmin International, Inc. -> GARMIN Corp.) FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google Inc -> Google) FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1 .dll [No File] FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [No File] FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc. -> Yahoo! Inc.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC) FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN) Chrome: ======= CHR DefaultProfile: Default CHR StartupUrls: Default -> "hxxps://www.google.com.au/","hxxp://www.bing.com/search?FORM=INCOH1&PC=IC03&PTAG=ICO-d6194eaa" CHR Notifications: Default -> hxxps://downloads.tomsguide.com; hxxps://sendleap.com; hxxps://www.facebook.com CHR Profile: C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default [2020-01-05] CHR DownloadDir: C:\Captures CHR Extension: (Google Translate) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgj llcleb [2019-12-14] CHR Extension: (YouTube) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\adnlfjpnmidfimlkaohpidplno imahfh [2019-10-01] CHR Extension: (Free Download Manager) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgo ilbfdp [2019-12-17] CHR Extension: (280daily) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aibhdihcdjelmifgpkcalcafld alpkbm [2019-01-16] CHR Extension: (Flash Video Downloader) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlh ccpdbc [2019-05-08] CHR Extension: (MightyTextTest) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\andmpiilbgodiefijhcneadheg colaoe [2019-08-27] CHR Extension: (Docs) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2017-11-07] CHR Extension: (Dictanote) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomjekmpappghadlogpigifkgh lmebjk [2019-01-16] CHR Extension: (Google Drive) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2017-06-08] CHR Extension: (Todoist for Chrome) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjohebimpjdhhocbknplfelpm dhifhd [2019-01-17] CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkop ceiche [2019-06-05] CHR Extension: (YouTube) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2017-06-08] CHR Extension: (Pushbullet) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjl cfhogd [2019-12-29] CHR Extension: (Telegram) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\clhhggbfdinjmjhajaheehoeib fljjno [2019-01-17] CHR Extension: (sydney time) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\dahalpfpibpddfpdcfgmpjelnl dolich [2019-11-29] CHR Extension: (Hangouts) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\deigijodonbmdapahgkdjljmcn gipaab [2019-03-14] CHR Extension: (Allavsoft video downloader converter) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhancbnhabhandieicagelcddk dfgoif [2017-12-06] CHR Extension: (Creating an internet shortcut fails |...) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcnpbhjfgpighcllplapphnga aockbd [2019-08-28] CHR Extension: (Session Buddy) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbc dcpbko [2018-03-11] CHR Extension: (Bulk Media Downloader) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehfdcgbfcboceiclmjaofdannm jdeaoi [2018-03-01] CHR Extension: (Google Docs Offline) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2018-08-23] CHR Extension: (Avast Online Security) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegiea cbdmki [2019-12-21] CHR Extension: (Drive Notepad) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpgjomejfimnbmobcocilppikh ncegaj [2019-01-17] CHR Extension: (VoiceNote II - Speech to text) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfknjgplnkgjihghcidajejfml dhibfm [2019-01-17] CHR Extension: (vGet Extension (Video Downloader, DLNA)) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniladkejehjfchadikcbjmgja ogciic [2018-03-01] CHR Extension: (My Diary) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\igfnkanfehhehlajnhpajibfcf gkaikl [2019-01-17] CHR Extension: (YouTube Video Downloader Extension) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\igljnkmljjbhcellpnjppojkfd fmkjmp [2018-03-02] CHR Extension: (Mate Translate – translator, dictionary) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmgiclibbndffejedjimfjmfo abpcke [2019-11-29] CHR Extension: (Voice Recognition) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikjmfindklfaonkodbnidahohd fbdhkn [2019-01-17] CHR Extension: (Excel Online) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\iljnkagajgfdmfnnidjijobijl fjfgnb [2019-01-16] CHR Extension: (Dropbox) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhaf glcjdl [2019-01-17] CHR Extension: (Pushbullet Settings) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\jinnpgkhgbkooiphbamlonfpce dokdah [2019-06-28] CHR Extension: (Multi Forward for Gmail) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjmdplljmniahpamcmabdnahmj dlikpm [2018-08-23] CHR Extension: (Gmail) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhopmchchfpfdcdjodmpfaaph dclmlj [2019-11-30] CHR Extension: (Google Hangouts) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgoln pehhpl [2019-05-25] CHR Extension: (Evernote Web) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhila dcgbol [2019-01-17] CHR Extension: (Google Maps) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbea pigfbh [2019-01-17] CHR Extension: (Yellow highlighter pen for web) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnmengjdnfjbochkdkcjbbpild acancp [2018-04-04] CHR Extension: (Google Hangouts) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanao iihapd [2019-05-25] CHR Extension: (IDM Integration Module) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhm bhlaek [2019-12-25] CHR Extension: (Chrome Web Store Payments) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2019-10-09] CHR Extension: (ImTranslator: Translator, Dictionary, TTS) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\noaijdpnepcgjemiklgfkcfbko kogabh [2019-12-03] CHR Extension: (AdBlocker Ultimate) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohahllgiabjaoigichmmfljhkc fikeof [2019-12-27] CHR Extension: (draw.io Desktop) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pebppomjfocnoigkeepgbmcifn nlndla [2019-12-29] CHR Extension: (SendLeap) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\phnjmiobjppgfeicepedmfnpjj mfjlha [2020-01-01] CHR Extension: (Gmail) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2019-04-26] CHR Extension: (Chrome Media Router) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcj beemfm [2019-12-14] CHR Extension: (Free Video Downloader) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgadljdflpomdcdacknofppee jgmjdn [2018-05-13] CHR HKLM\...\Chrome\Extension: [dhancbnhabhandieicagelcddkdfgoif] - C:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.17.7.7150\BVDChromeExt.crx [2019-08-01] CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] |
#21
|
|||
|
|||
CHR HKLM\...\Chrome\Extension: [jpnkpjikgipojkofgjjkfgdhfanggcdm] - C:\Program Files\Bigasoft\Video Downloader Pro\extensions\3.17.9.7200\BVDChromeExt.crx [2019-09-27]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2019-03-22] CHR HKU\S-1-5-21-198903158-1304534811-4163729061-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\ Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [143776 2017-01-31] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) R2 aim_LSService; C:\Program Files\Actual Window Manager\LogonScreenService.exe [95472 2019-05-15] (Actual Tools (Mikhail Yurievich Tretyakov IP) -> Actual Tools) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5106064 2019-12-20] (AVAST Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [859096 2019-10-04] (AVAST Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-04] (AVAST Software s.r.o. -> AVAST Software) R2 Backupper Service; C:\Program Files\AOMEI Backupper\ABService.exe [483184 2019-01-22] (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.) S4 caspereui; C:\Program Files\Common Files\Future Systems Solutions\Services\CASPERSVCS.EXE [607976 2013-11-19] (Future Systems Solutions, Inc. -> Future Systems Solutions, Inc.) S4 casperhpb; C:\Program Files\Common Files\Future Systems Solutions\Services\CASPERSVCS.EXE [607976 2013-11-19] (Future Systems Solutions, Inc. -> Future Systems Solutions, Inc.) R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\Freem akeUtilsService.exe [81280 2019-07-04] (Mixbyte Inc -> Freemake) S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5394136 2019-06-26] (Malwarebytes Corporation -> Malwarebytes) S4 mfevtp; C:\Windows\system32\mfevtps.exe [238288 2015-05-18] (McAfee, Inc. -> McAfee, Inc.) R2 nlsX86cc; C:\Windows\system32\NLSSRV32.EXE [69640 2014-05-19] (Nitro PDF Software -> Nalpeiron Ltd.) S3 rpcapd; C:\Program Files\WinPcap\rpcapd.exe [117264 2011-02-12] (CACE Technologies, Inc. -> CACE Technologies, Inc.) S4 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.) S4 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.) S4 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3748704 2019-10-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [12097024 2019-11-07] (TeamViewer GmbH -> TeamViewer Germany GmbH) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [2250992 2019-12-31] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [85240 2019-12-31] (Microsoft Windows Publisher -> Microsoft Corporation) S4 WsAppService; C:\Program Files\Wondershare\WAF\2.3.1.204\WsAppService.exe [437392 2016-11-16] (Wondershare software CO., LIMITED -> Wondershare) S3 WsDrvInst; C:\Program Files\iSkysoft\Video Converter Ultimate\Transfer\DriverInstall.exe [107800 2019-09-26] (Shenzhen Yi Xing Investment Co., Ltd. -> Wondershare) R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2013024 2019-10-22] (Sony Mobile Communications AB -> Sony) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSys tem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSyste m" -r -p 30000 S4 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.lo g" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [26424 2015-02-26] (Aomei Technology Co., Limited -> ) [File not signed] R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [129720 2015-02-26] (Aomei Technology Co., Limited -> ) [File not signed] S3 ampa; C:\WINDOWS\system32\ampa.sys [35760 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [14392 2015-02-26] (Aomei Technology Co., Limited -> ) [File not signed] R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\i386\AODDriver2.sys [50400 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35512 2019-10-04] (AVAST Software s.r.o. -> AVAST Software) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [174712 2019-10-04] (AVAST Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [224008 2019-10-04] (AVAST Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [169408 2019-10-04] (AVAST Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [59368 2019-10-04] (AVAST Software s.r.o. -> AVAST Software) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15792 2019-10-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [211088 2019-10-04] (AVAST Software s.r.o. -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41200 2019-10-04] (AVAST Software s.r.o. -> AVAST Software) R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [136752 2019-11-02] (AVAST Software s.r.o. -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [95168 2019-10-04] (AVAST Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [73312 2019-10-04] (AVAST Software s.r.o. -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [691528 2019-10-04] (AVAST Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [394856 2019-10-04] (AVAST Software s.r.o. -> AVAST Software) R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [176760 2019-10-04] (AVAST Software s.r.o. -> AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [277408 2019-10-04] (AVAST Software s.r.o. -> AVAST Software) R2 BrPar; C:\WINDOWS\System32\drivers\BrPar.sys [19537 2000-07-24] (Brother Industries Ltd.) [File not signed] S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [33200 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> ) R3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [29496 2016-09-29] (DEV47 APPS -> Dev47Apps) R3 DroidCamVideo; C:\WINDOWS\System32\drivers\droidcamvideo.sys [225592 2016-09-29] (DEV47 APPS -> Windows (R) Win 7 DDK provider) U3 EnigmaFileMonDriver; C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sy s [60232 2020-01-03] (EnigmaSoft Limited -> EnigmaSoft Limited) S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [31936 2018-10-18] (CHENGDU YIWO Tech Development Co., Ltd. -> ) R0 EPMVolFlt; C:\WINDOWS\System32\drivers\EPMVolFlt.sys [28880 2018-10-18] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider) R1 epp; C:\EEK\bin32\epp.sys [118248 2019-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd) S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10208 2018-10-24] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [25864 2018-08-04] (Glarysoft LTD -> Glarysoft Ltd) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [17352 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 mf; C:\WINDOWS\System32\drivers\mf.sys [29696 2019-03-19] (Microsoft Windows -> Microsoft Corporation) R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [648552 2015-05-18] (McAfee, Inc. -> McAfee, Inc.) S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [91840 2015-05-18] (McAfee, Inc. -> McAfee, Inc.) R3 mv91cons; C:\WINDOWS\System32\drivers\mv91cons.sys [30440 2016-04-12] (Marvell Semiconductor, Inc. -> Marvell Semiconductor Inc.) R1 networx; C:\WINDOWS\System32\drivers\networx.sys [67640 2016-09-20] (SOFTPERFECT PTY. LTD. -> NetFilterSDK.com) R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2019-07-16] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ dispi.inf_x86_9f540655d9eda3dd\nvlddmkm.sys [15367072 2018-06-13] (NVIDIA Corporation -> NVIDIA Corporation) S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [53616 2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation) S3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [50248 2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation) R1 PCIESER; C:\WINDOWS\system32\drivers\PCIESER.sys [67328 2014-10-09] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com) R1 PSSDK42; C:\Windows\system32\Drivers\pssdk42.sys [38976 2015-11-10] (Microolap technologies -> microOLAP Technologies LTD) R1 PSSDKLBF; C:\Windows\system32\Drivers\pssdklbf.sys [53312 2015-11-10] (Microolap technologies -> microOLAP Technologies LTD) S3 RDPDISPM; C:\WINDOWS\System32\DRIVERS\rdpdispm.sys [15488 2010-09-22] (Microsoft Corporation) [File not signed] R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [956752 2018-09-04] (Realtek Semiconductor Corp. -> Realtek ) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-23] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-13] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [114304 2015-06-08] (Power Software Limited -> Power Software Ltd) S3 tap0901; C:\WINDOWS\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [37472 2019-12-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [278456 2019-12-31] (Microsoft Windows -> Microsoft Corporation) S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [119952 2016-07-15] (NGO -> MBB) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [39368 2019-12-31] (Microsoft Windows -> Microsoft Corporation) S3 WsAudio_Device; C:\WINDOWS\system32\drivers\VirtualAudio.sys [27496 2015-02-27] (Wondershare Software Co., Ltd. -> Wondershare) R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [207360 2019-03-19] (Microsoft Windows -> Microsoft Corporation) U3 idsvc; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) =================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-01-06 01:51 - 2020-01-06 01:51 - 000161803 _____ C:\-AAAJOBS.WPF 2020-01-06 00:06 - 2020-01-06 06:22 - 000000000 ____D C:\Program Files\Farbar 2020-01-05 11:10 - 2020-01-05 11:11 - 000000000 ____D C:\Program Files\KMPlayer 2020-01-05 10:02 - 2020-01-05 10:02 - 000020087 _____ C:\Users\Joe\Desktop\SearchRegLog.txt 2020-01-05 09:58 - 2020-01-06 06:29 - 000000000 ____D C:\FRST 2020-01-04 21:31 - 2020-01-04 22:10 - 000001352 _____ C:\Activation.TXT 2020-01-04 07:57 - 2020-01-04 07:57 - 000003020 _____ C:\WINDOWS\system32\Tasks\GU5SkipUAC 2020-01-02 21:58 - 2020-01-02 21:58 - 000000000 ___HD C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup-Disabled 2020-01-02 14:23 - 2020-01-02 14:23 - 000000000 ____D C:\Users\Joe\Desktop\faulty 8Gb USB 2020-01-02 14:03 - 2020-01-04 07:24 - 000001412 _____ C:\Users\Joe\Desktop\Clear Quicklaunch.lnk 2020-01-01 21:30 - 2020-01-01 21:30 - 000000000 ____D C:\Users\Joe\AppData\Local\SendLeap 2020-01-01 16:17 - 2020-01-01 16:22 - 000000000 ____D C:\Program Files\AOMEI Partition Assistant 2020-01-01 16:17 - 2019-12-02 11:01 - 001880664 _____ C:\WINDOWS\ampa.exe 2020-01-01 16:17 - 2017-02-28 14:20 - 000035760 _____ C:\WINDOWS\system32\ampa.sys 2020-01-01 16:17 - 2016-12-27 18:45 - 000033200 _____ C:\WINDOWS\system32\ddmdrv.sys 2020-01-01 16:17 - 2016-09-29 09:44 - 001129624 _____ C:\WINDOWS\ddmmain.exe 2019-12-31 22:54 - 2020-01-01 16:46 - 000001024 ____H C:\AMTAG.BIN 2019-12-31 13:13 - 2020-01-03 00:16 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2019-12-31 13:10 - 2019-10-04 00:36 - 000305032 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe 2019-12-31 12:35 - 2019-12-31 12:32 - 000613944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2019-12-30 18:46 - 2020-01-03 00:52 - 000060232 _____ (EnigmaSoft Limited) C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sy s 2019-12-30 01:05 - 2019-12-30 01:05 - 000004234 _____ C:\Context.TXT 2019-12-24 20:52 - 2019-12-24 20:52 - 000000373 _____ C:\Users\Joe\Desktop\USBRECORDER.lnk 2019-12-22 19:28 - 2019-12-22 19:28 - 000001140 _____ C:\Users\Joe\Desktop\Steve'sTemplate.docx.lnk 2019-12-22 17:55 - 2020-01-05 21:16 - 000000806 _____ C:\Users\Joe\Desktop\url.txt.lnk 2019-12-22 02:29 - 2020-01-05 21:18 - 000000000 _____ C:\url.txt 2019-12-22 00:39 - 2019-12-22 00:39 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask .job 2019-12-21 19:09 - 2019-12-30 14:10 - 000000000 ____D C:\Users\Joe\Desktop\New folder 2019-12-21 12:12 - 2019-12-31 12:52 - 000000000 ____D C:\Users\Joe\AppData\Roaming\IDM 2019-12-21 12:12 - 2019-12-21 12:12 - 000000000 ____D C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Internet Download Manager 2019-12-21 11:56 - 2020-01-03 08:19 - 000000000 ____D C:\WINDOWS\Minidump 2019-12-21 11:36 - 2019-12-21 11:36 - 000000000 ____D C:\Program Files\Mozilla Firefox 2019-12-21 04:33 - 2019-12-21 04:34 - 000000000 ____D C:\sh5ldr 2019-12-18 11:18 - 2019-12-18 11:18 - 000042656 _____ C:\Users\Joe\Desktop\UTS BIG THINKING AND SYDNEY FESTIVAL 2020 PROGRAM!.eml 2019-12-16 07:47 - 2019-12-16 07:47 - 000000000 ____D C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Actual Window Manager 2019-12-16 07:47 - 2019-12-16 07:47 - 000000000 ____D C:\Users\Joe\AppData\Roaming\Actual Tools 2019-12-16 07:47 - 2019-12-16 07:47 - 000000000 ____D C:\Program Files\Actual Window Manager 2019-12-15 14:54 - 2019-12-21 05:04 - 000000000 ____D C:\Program Files\Security Task Manager 2019-12-15 02:33 - 2019-12-15 02:33 - 000002488 _____ C:\Users\Joe\Desktop\excerptA.lnk 2019-12-14 20:10 - 2019-12-14 20:10 - 000000000 ____D C:\Program Files\IPEVO 2019-12-11 15:35 - 2019-12-11 13:34 - 000410830 __RSH C:\bootmgr 2019-12-11 15:35 - 2019-03-19 13:40 - 000000001 ___SH C:\BOOTNXT 2019-12-11 13:34 - 2019-12-11 13:34 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 007067960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-12-11 13:34 - 2019-12-11 13:34 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayR eady.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 002995712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2019-12-11 13:34 - 2019-12-11 13:34 - 002204176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2019-12-11 13:34 - 2019-12-11 13:34 - 002084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 002073200 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 002059264 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2019-12-11 13:34 - 2019-12-11 13:34 - 001793024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.oneco re.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 001539880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 001496080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems32.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 001429304 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 001401856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.deskt op.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 001399296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 001394544 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2019-12-11 13:34 - 2019-12-11 13:34 - 001246816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2019-12-11 13:34 - 2019-12-11 13:34 - 001133568 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe 2019-12-11 13:34 - 2019-12-11 13:34 - 001111992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2019-12-11 13:34 - 2019-12-11 13:34 - 001077632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2019-12-11 13:34 - 2019-12-11 13:34 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 000980792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2019-12-11 13:34 - 2019-12-11 13:34 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 000779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2019-12-11 13:34 - 2019-12-11 13:34 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dl l 2019-12-11 13:34 - 2019-12-11 13:34 - 000612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe 2019-12-11 13:34 - 2019-12-11 13:34 - 000554168 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2019-12-11 13:34 - 2019-12-11 13:34 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 000472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2019-12-11 13:34 - 2019-12-11 13:34 - 000421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2019-12-11 13:34 - 2019-12-11 13:34 - 000413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dl l 2019-12-11 13:34 - 2019-12-11 13:34 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys 2019-12-11 13:34 - 2019-12-11 13:34 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2019-12-11 13:34 - 2019-12-11 13:34 - 000320016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys 2019-12-11 13:34 - 2019-12-11 13:34 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys 2019-12-11 13:34 - 2019-12-11 13:34 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.d ll 2019-12-11 13:34 - 2019-12-11 13:34 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 000105376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 000079888 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe 2019-12-11 13:34 - 2019-12-11 13:34 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentS tatusTracking.ConfigProvider.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 000046928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt. ProxyStub.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 000024080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys 2019-12-11 13:34 - 2019-12-11 13:34 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll 2019-12-11 13:34 - 2019-12-11 13:34 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll 2019-12-11 10:35 - 2019-12-11 10:37 - 000000000 ____D C:\Tame60 2019-12-11 10:35 - 2019-12-11 10:35 - 000000000 ____D C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Tame Version 6.0d 2019-12-11 10:16 - 2020-01-06 06:28 - 000000000 ____D C:\WP51 2019-12-09 23:04 - 2020-01-01 16:46 - 000010015 _____ C:\WINDOWS\GA_OF.dat 2019-12-07 07:04 - 2019-12-07 23:12 - 000000000 ____D C:\Users\Joe\AppData\Roaming\VideoProc ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-01-06 06:24 - 2019-04-18 00:52 - 000000000 ____D C:\Users\Joe\AppData\Roaming\uTorrent 2020-01-06 06:24 - 2017-09-02 16:17 - 000000000 ____D C:\Users\Joe\AppData\LocalLow\Mozilla 2020-01-06 06:19 - 2019-12-06 01:45 - 000948396 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-01-06 06:19 - 2019-03-19 13:44 - 000000000 ____D C:\WINDOWS\INF 2020-01-06 06:13 - 2019-12-06 01:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-01-06 06:13 - 2019-07-09 12:21 - 000000000 ____D C:\Users\Joe\AppData\Roaming\MightyText 2020-01-06 06:13 - 2019-03-26 23:24 - 000000520 _____ C:\WINDOWS\system32\AbBakConfig.dat 2020-01-06 06:13 - 2019-03-26 23:22 - 000000000 ____D C:\Program Files\AOMEI Backupper 2020-01-06 06:13 - 2019-02-18 12:04 - 000000000 ____D C:\Users\Joe\AppData\Roaming\Telegram Desktop 2020-01-06 06:13 - 2019-01-24 22:14 - 000000000 ____D C:\Program Files\TeamViewer 2020-01-06 06:13 - 2015-09-22 01:01 - 000000150 _____ C:\WINDOWS\system32\winsevr.dat 2020-01-06 02:13 - 2019-03-19 13:35 - 000262144 _____ C:\WINDOWS\system32\config\BBI 2020-01-06 02:13 - 2018-07-30 18:06 - 000000000 ____D C:\Users\Joe\AppData\Roaming\vlc 2020-01-06 01:38 - 2013-02-01 19:24 - 000000000 ____D C:\OutputFolder 2020-01-06 01:34 - 2014-05-23 19:17 - 000000000 ____D C:\Captures 2020-01-06 01:25 - 2018-02-09 21:35 - 000000000 ____D C:\Users\Joe\AppData\Local\CrashDumps 2020-01-06 00:50 - 2019-11-28 16:38 - 000000000 ____D C:\Users\Joe\AppData\Local\Pushbullet 2020-01-05 21:47 - 2019-04-01 21:52 - 000000000 ____D C:\Users\Joe\AppData\Roaming\DMCache 2020-01-05 14:46 - 2019-10-03 23:25 - 000000000 ____D C:\Users\Joe\AppData\Local\AVAST Software 2020-01-05 00:39 - 2019-12-06 01:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2020-01-04 09:51 - 2011-12-10 01:34 - 000000000 ____D C:\Users\Joe\AppData\Roaming\TeraCopy 2020-01-04 08:35 - 2018-07-18 22:27 - 000000000 ____D C:\Program Files\WinRAR 2020-01-04 08:28 - 2017-01-07 16:10 - 000000000 ____D C:\Program Files\K-Lite Codec Pack 2020-01-04 08:02 - 2019-01-24 22:14 - 000000000 ____D C:\Users\Joe\AppData\Roaming\TeamViewer 2020-01-04 07:58 - 2016-01-10 10:13 - 000000000 ____D C:\Program Files\Glary Utilities 5 2020-01-04 07:27 - 2011-12-08 20:52 - 000000000 ____D C:\Data 2020-01-03 21:06 - 2017-10-22 16:38 - 000000000 ____D C:\Users\Joe\AppData\Roaming\Wise Duplicate Finder 2020-01-03 01:53 - 2019-12-06 01:38 - 000000000 ____D C:\Users\DefaultAppPool 2020-01-03 00:17 - 2019-12-06 01:47 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2020-01-03 00:00 - 2019-10-24 22:28 - 000000000 ____D C:\Users\Joe\AppData\Roaming\Messenger for Desktop 2020-01-02 20:58 - 2019-06-02 22:39 - 000000000 ____D C:\Users\Joe\AppData\Local\Greenshot 2020-01-02 20:22 - 2017-11-07 21:33 - 000000000 ____D C:\Program Files\Winaero Tweaker 2020-01-02 02:22 - 2019-12-06 01:38 - 000000000 ____D C:\Users\Joe 2020-01-01 21:40 - 2019-01-08 21:40 - 000000000 ____D C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps 2020-01-01 21:30 - 2018-05-26 23:19 - 000000000 ____D C:\Users\Joe\AppData\Local\SquirrelTemp 2019-12-31 21:46 - 2018-02-20 12:33 - 000000000 ____D C:\Users\Joe\AppData\Roaming\Mp3tag 2019-12-31 13:10 - 2019-03-19 13:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2019-12-31 12:41 - 2013-05-09 13:43 - 000000000 ____D C:\Program Files\MSOffice activator 2019-12-31 12:38 - 2019-03-19 13:46 - 000000000 ____D C:\Program Files\Windows Defender 2019-12-31 12:38 - 2018-05-10 23:44 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2019-12-31 11:43 - 2019-03-19 13:46 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-12-30 22:40 - 2017-08-17 00:02 - 000000000 ____D C:\Users\Joe\AppData\Local\ElevatedDiagnostics 2019-12-25 13:51 - 2017-12-13 11:14 - 000000000 ____D C:\Users\Joe\AppData\Local\Packages 2019-12-25 00:37 - 2018-05-18 13:26 - 000000000 ____D C:\Users\Joe\AppData\Local\D3DSCache 2019-12-24 22:40 - 2018-01-07 09:22 - 000000000 ____D C:\Users\Joe\AppData\Local\PlaceholderTileLogoFold er 2019-12-24 22:36 - 2019-03-19 13:46 - 000000000 ___HD C:\Program Files\WindowsApps 2019-12-21 16:41 - 2019-04-01 22:05 - 000000000 ____D C:\Program Files\Internet Download Manager 2019-12-21 11:56 - 2017-10-24 14:43 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service 2019-12-20 22:34 - 2017-11-25 10:08 - 000000000 ____D C:\Users\Joe\AppData\Roaming\Allavsoft 2019-12-19 12:47 - 2019-11-30 11:58 - 000000000 ____D C:\Users\Joe\Desktop\Autocad 2015 cracks 2019-12-18 15:36 - 2019-04-17 14:35 - 000000000 ____D C:\Program Files\SUPERAntiSpyware 2019-12-17 07:14 - 2018-03-25 08:39 - 000000000 ____D C:\EEK 2019-12-14 20:12 - 2016-09-14 15:06 - 000000000 ____D C:\Program Files\PicPick 2019-12-14 20:07 - 2019-04-14 02:38 - 000000000 ____D C:\Users\Joe\AppData\Local\Adobe 2019-12-14 20:05 - 2019-12-06 01:47 - 000004578 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier 2019-12-14 20:05 - 2019-12-06 01:47 - 000004376 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater 2019-12-14 20:05 - 2019-03-19 13:46 - 000000000 ____D C:\WINDOWS\system32\Macromed 2019-12-14 10:45 - 2019-12-06 01:47 - 000003408 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineU A 2019-12-14 10:45 - 2019-12-06 01:47 - 000003284 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineC ore 2019-12-12 16:52 - 2016-08-31 20:06 - 000000000 ____D C:\Users\Joe\AppData\Local\Sidebar7 2019-12-11 15:35 - 2019-12-06 01:34 - 000479864 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-12-11 15:35 - 2017-12-13 11:23 - 000000000 ___RD C:\Users\Joe\3D Objects 2019-12-11 15:35 - 2016-02-13 23:20 - 000000000 __RHD C:\Users\Public\AccountPictures 2019-12-11 15:35 - 2012-01-05 10:38 - 000000000 ___RD C:\Users\Joe\Virtual Machines 2019-12-11 13:41 - 2019-03-19 13:46 - 000000000 ____D C:\WINDOWS\SystemResources 2019-12-11 13:41 - 2019-03-19 13:46 - 000000000 ____D C:\WINDOWS\ShellExperiences 2019-12-11 13:41 - 2019-03-19 13:46 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-12-11 13:36 - 2013-08-14 21:32 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-12-11 13:36 - 2012-01-07 11:47 - 126061744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-12-11 13:35 - 2019-03-19 13:35 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-12-11 10:35 - 2019-03-19 13:43 - 000002160 _____ C:\WINDOWS\system32\autoexec.nt 2019-12-11 09:46 - 2019-03-19 13:43 - 000002577 _____ C:\WINDOWS\system32\config.nt 2019-12-08 11:29 - 2017-08-26 00:43 - 000000000 ____D C:\WPTemp 2019-12-08 10:55 - 2019-12-06 14:48 - 000000000 ____D C:\WINDOWS\Panther 2019-12-07 18:06 - 2015-06-10 22:37 - 000000000 ____D C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\AVS4YOU 2019-12-07 18:06 - 2015-06-10 22:35 - 000000000 ____D C:\Program Files\AVS4YOU 2019-12-07 13:40 - 2017-08-26 00:43 - 000000000 ____D C:\WPTmp 2019-12-07 07:04 - 2018-12-31 19:58 - 000000000 ____D C:\Users\Joe\Documents\VideoProc 2019-12-07 07:04 - 2015-11-17 23:45 - 000000000 ____D C:\Program Files\Digiarty ==================== Files in the root of some directories ======== 2013-02-17 14:27 - 2013-02-17 14:27 - 002174976 _____ (Advanced Micro Devices Inc.) C:\Program Files\Common Files\atimpenc.dll 2014-12-03 14:31 - 2016-01-11 22:16 - 000087608 _____ () C:\Users\Joe\AppData\Roaming\inst.exe 2014-12-03 14:31 - 2016-01-11 22:16 - 000007887 _____ () C:\Users\Joe\AppData\Roaming\pcouffin.cat 2014-12-03 14:31 - 2016-01-11 22:16 - 000001144 _____ () C:\Users\Joe\AppData\Roaming\pcouffin.inf 2014-12-03 14:31 - 2016-01-11 22:16 - 000000033 _____ () C:\Users\Joe\AppData\Roaming\pcouffin.log 2014-12-03 14:31 - 2016-01-11 22:16 - 000047360 _____ (VSO Software) C:\Users\Joe\AppData\Roaming\pcouffin.sys 2019-10-06 21:45 - 2019-10-07 22:37 - 000001435 _____ () C:\Users\Joe\AppData\Local\oobelibMkey.log 2016-07-25 01:51 - 2018-10-12 21:52 - 000007617 _____ () C:\Users\Joe\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ======================== |
#22
|
||||
|
||||
It'll take me a while to weed through that, but I will be back in touch.
|
#23
|
|||
|
|||
I'm young (77) - I can wait.
|
#24
|
||||
|
||||
In all honesty, still pondering things.Nothing in the log, and I am trying to figure out how a context menu item is loaded, but not from the Registry.
|
#25
|
|||
|
|||
In case it helps I'll load a snap of the entry so you can be confident that it is real. However, when I try to attach the pic, I have to give a URL - but it is on my desktop,
so if you can suggest a website, I'll post it there. |
#26
|
||||
|
||||
You can upload an image here, then when posting click the insert image icon above the post and paste the http code.
While we have the info, I suggest you uninstall these dinosaurs: HitmanPro 3.8 Spybot Spybot Anti-Beacon SUPERAntiSpyware WinPatrol Blasts from the past, and Super is loading at startup so slowing things down. -------------------------- Let's see if this context menu item is created by a startup. Press Ctrl-Alt-Delete and select Task Manager. Click More details if the display is blank. Go to the Startups tab and right click, Disable each item. Then reboot, and check to see if that context menu item shows. If so, go ahead and open Task Manager and re-enable all the startups. |
#27
|
|||
|
|||
https://ibb.co/NYd0hSL
Of the suggested uninstalls - Winpatrol was intended to delay startups - not sure if still relevant. Your trial and error method is time consuming because of the reboots required, so I can not report on that until I've had the leisure to do that. Last edited by sebastian42; January 7th, 2020 at 02:12 PM. |
#28
|
||||
|
||||
What happens if you put a DVD in the DVD drive, then right click on the DVD drive and select open autoplay?
|
#29
|
|||
|
|||
I can't fully do that because 'Open Autoplay' does not appear on Optical drive's Context menu.
|
#30
|
|||
|
|||
I've now tested disabling the Task Manager StartUps, except for AVlauncher - because i could not. With 'all' startups disabled, the autoplay entry is still there - but only for one 80Gb (data) HDD.
|
Bookmarks |
«
Previous Topic
|
Next Topic
»
Topic Tools | |
|
|
Similar Topics | ||||
Topic | Topic Starter | Forum | Replies | Last Post |
Bad Context Menu | niapet | Windows Vista | 3 | September 24th, 2008 05:51 PM |
Context Menu | Winkerbie | Windows Vista | 25 | April 11th, 2008 11:53 PM |
CONTEXT MENU (right click menu) for ALL PROGRAMS doesn't appear | jayro | Windows XP | 3 | June 26th, 2004 03:43 AM |
edit "Context Menu" (right click menu) on WEB PAGES | jayro | Internet / Browsers | 3 | August 19th, 2003 05:41 AM |
All times are GMT +1. The time now is 02:23 AM.