Acer Aspire R running slowly - Virus, Trojan, Spyware, and Malware Removal Help (2022)

First my apologies. You had given me advice earlier this year and I never followed up on it. Running Windows 10 and recently has gotten quite slow running. Looking to see if any of you are willing to offer help? See the requested reports below.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2022

Ran by fishe (administrator) on DESKTOP-3QU7A8Q (Acer Aspire R5-571T) (27-07-2022 20:52:19)

Running from C:\Users\fishe\Downloads

Loaded Profiles: fishe

Platform: Microsoft Windows 10 Home Version 21H1 19043.1826 (X64) Language: English (United States)

Default browser: Chrome

Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe

(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe

(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe

(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe

(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe

(C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1852_none_7de3b01c7cacf858\TiWorker.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe

(explorer.exe ->) (Bluebeam, Inc. -> Bluebeam, Inc.) C:\Program Files\Bluebeam Software\Bluebeam Revu\2018\Revu\BBPrint.exe

(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <23>

(explorer.exe ->) (Support.com, Inc. -> SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82548830eadb8221\igfxEM.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe

(services.exe ->) () [File not signed] C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe

(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe

(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(services.exe ->) (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe

(services.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82548830eadb8221\igfxCUIService.exe

(services.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82548830eadb8221\IntelCpHDCPSvc.exe

(services.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82548830eadb8221\IntelCpHeciSvc.exe

(services.exe ->) (Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe

(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe

(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe

(services.exe ->) (Qualcomm Atheros -> Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe

(services.exe ->) (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe

(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

(services.exe ->) (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe

(services.exe ->) (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe

(svchost.exe ->) (Acer Incorporated -> ) C:\OEM\Preload\FubTool\FubTool.exe

(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe

(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe\GameBar.exe

(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1852_none_7de3b01c7cacf858\TiWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16733192 2016-11-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1476104 2016-11-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [323056 2015-11-04] (Intel® Rapid Storage Technology -> Intel Corporation)

HKLM\...\Run: [BbInstallUser] => C:\Program Files\Bluebeam Software\Bluebeam Revu\2018\Pushbutton PDF\Bluebeam Admin User.exe [107568 2018-03-30] (Bluebeam, Inc. -> Bluebeam, Inc.)

HKLM\...\Run: [BbPrintMonitor] => C:\Program Files\Bluebeam Software\Bluebeam Revu\2018\Revu\BBPrint.exe [880688 2018-03-30] (Bluebeam, Inc. -> Bluebeam, Inc.)

HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [736768 2016-02-04] () [File not signed]

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)

HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [704424 2017-03-10] (Autodesk, Inc -> Autodesk, Inc.)

HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694048 2014-05-23] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)

HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2016-01-14] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)

HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5571944 2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)

HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [122427152 2021-07-15] (Microsoft Corporation -> Microsoft Corporation)

HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION

HKU\S-1-5-21-1462537330-2448890953-4029325140-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2632088 2022-07-13] (Microsoft Corporation -> Microsoft Corporation)

HKU\S-1-5-21-1462537330-2448890953-4029325140-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1235336 2014-08-28] (Autodesk, Inc -> Autodesk, Inc.)

HKU\S-1-5-21-1462537330-2448890953-4029325140-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36976728 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)

HKU\S-1-5-21-1462537330-2448890953-4029325140-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\fishe\AppData\Local\Microsoft\Teams\Update.exe [2337544 2020-03-01] (Microsoft 3rd Party Application Component -> Microsoft Corporation)

HKU\S-1-5-21-1462537330-2448890953-4029325140-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [10994528 2022-07-24] (Support.com, Inc. -> SUPERAntiSpyware)

HKU\S-1-5-21-1462537330-2448890953-4029325140-1001\...\Policies\Explorer: []

HKU\S-1-5-21-1462537330-2448890953-4029325140-1001\...\MountPoints2: {6a0e6d7c-1663-11e7-9da0-94e97991a142} - "D:\LaunchU3.exe" -a

HKU\S-1-5-21-1462537330-2448890953-4029325140-1001\...\MountPoints2: {6b3965fb-5673-11eb-9e61-94e97991a142} - "D:\RTK_NIC_DRIVER_INSTALLER.sfx.exe"

HKLM\...\Print\Monitors\Bluebeam PDF Monitor: C:\WINDOWS\system32\BBPdfPortMon.DLL [491056 2018-03-30] (Bluebeam, Inc. -> Bluebeam, Inc.)

HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.134\Installer\chrmstp.exe [2022-07-20] (Google LLC -> Google LLC)

Startup: C:\Users\fishe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2021-03-28]

ShortcutTarget: Send to OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (No File)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06BABD96-DC41-4056-AC3A-42F07B46D159} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214144 2022-07-13] (Microsoft Corporation -> Microsoft Corporation)

Task: {08423025-15BB-4896-8579-5FE96D7B701C} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"]

Task: {09892CBB-5064-408E-8DE8-5F4FCCE656E5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145312 2022-07-20] (Microsoft Corporation -> Microsoft Corporation)

Task: {1076C018-1AAF-4DD1-ADCE-786D8A41E4BA} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe -auto (No File)

Task: {11490CBF-483D-4081-9435-DDFD543AD590} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel® Trusted Connect Service -> Intel® Corporation)

Task: {36800106-0595-40F8-99E1-5E5CFB37E9F7} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\Explorer.exe /NOUACCHECK

Task: {3761E1B7-465E-47B3-B4F2-A2C87115963F} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate

Task: {37FF4301-0229-4E2F-ABB2-676A8154E411} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2017-03-20] (Acer Incorporated -> Acer Incorporated)

Task: {41AC6660-3407-4CC4-9EB9-BED75130E430} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-06-14] (Piriform Software Ltd -> Piriform)

Task: {4305892E-8DA3-41C1-89D0-3C8B14B3A601} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472992 2016-06-24] (Acer Incorporated -> Acer Incorporated)

Task: {499F0091-E8D1-4E00-9C29-A96372E23374} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {6E004170-A2E9-4D27-B95A-5B827C27F966} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {7094109F-64F3-40BA-A392-71E01870CAC4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8414664 2022-07-20] (Microsoft Corporation -> Microsoft Corporation)

Task: {75DD9D1D-86DE-4E16-A1BC-412746751720} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"

Task: {7D51858C-C38E-47AD-93EF-6FB7B642753D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-29] (Google Inc -> Google Inc.)

Task: {81EF0A14-B89F-40DF-81FE-063428719726} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8414664 2022-07-20] (Microsoft Corporation -> Microsoft Corporation)

Task: {894063DA-4CAF-4199-B913-23EC4B155659} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1462537330-2448890953-4029325140-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214144 2022-07-13] (Microsoft Corporation -> Microsoft Corporation)

Task: {949F3AC0-4A3A-4518-9066-A6EBE46B3F52} - System32\Tasks\CCleanerSkipUAC - fishe => C:\Program Files\CCleaner\CCleaner.exe [31027800 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)

Task: {991BD556-C81B-4EAF-9913-EF1B5D23A369} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {9B5E9F7E-4AE0-4C63-ABCD-D7F3B1E82A23} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [30976 2015-05-14] (Acer Incorporated -> )

Task: {A3F1B662-789D-435F-84E6-880A1A533D5C} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe /default (No File)

Task: {B7229895-A63F-4F86-838B-BDBFA246D009} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145312 2022-07-20] (Microsoft Corporation -> Microsoft Corporation)

Task: {C114D6C5-F351-45D3-9CB9-C6F63C7AAA3C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-29] (Google Inc -> Google Inc.)

Task: {CD47E4CD-2846-48B3-AF8C-F4D9C2203D91} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [64416 2022-07-09] (Microsoft Corporation -> Microsoft Corporation)

Task: {E2FDEC30-0DDD-40C6-85F1-CDA43CC36002} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23378864 2022-07-20] (Microsoft Corporation -> Microsoft Corporation)

Task: {E7DA7047-EAF4-4FAE-815B-16A73D53E2FD} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23378864 2022-07-20] (Microsoft Corporation -> Microsoft Corporation)

Task: {EFBB8424-9C4C-47F7-A370-56E5E975B167} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{2d8b3fad-0c4e-4a8e-a6d1-8284ce5c142b}: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{89b44d83-7847-49fe-8893-ad94fa4bf557}: [DhcpNameServer] 10.66.184.1

Edge:

=======

Edge Notifications: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001 -> hxxps://www.facebook.com

Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]

Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]

Edge Extension: (No Name) -> hdokiejnpimakedhajhdlcegeplioahd_LastPassLastPassFreePasswordManager_qq0fmhteeht3j => C:\Program Files\WindowsApps\LastPass.LastPassFreePasswordManager_4.49.0.0_neutral__qq0fmhteeht3j [not found]

Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]

Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]

Edge DefaultProfile: Default

Edge Profile: C:\Users\fishe\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-26]

Edge Extension: (Search With Incognito) - C:\Users\fishe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aegpbigghghmkomaolphakjjppnebdhb [2022-01-08]

Edge Extension: (Social Fixer for Facebook) - C:\Users\fishe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bhaooomeolkdacolgpkfbfookhomkbei [2021-11-20]

Edge Extension: (Search by Image (by Google)) - C:\Users\fishe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2020-06-28]

Edge Extension: (Logitech Smooth Scrolling) - C:\Users\fishe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2020-06-28]

Edge Extension: (McAfee® WebAdvisor) - C:\Users\fishe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdhgeoginicibhagdmblfikbgbkahibd [2022-06-07]

Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\fishe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-06-07]

Edge Extension: (No Name) - C:\Users\fishe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gpaiobkfhnonedkhhfjpmhdalgeoebfa [2022-06-07]

Edge Extension: (TinEye Reverse Image Search) - C:\Users\fishe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2021-11-20]

Edge Extension: (WOT Website Security & Browsing Protection) - C:\Users\fishe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\iiclaphjclecagpkkaacljnpcppnoibi [2022-06-07]

Edge Extension: (Chromium Wheel Smooth Scroller) - C:\Users\fishe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\khpcanbeojalbkpgpmjpdkjnkfcgfkhb [2021-11-20]

FireFox:

========

FF DefaultProfile: 5niqmv2r.default-1642863647379

FF ProfilePath: C:\Users\fishe\AppData\Roaming\Mozilla\Firefox\Profiles\5niqmv2r.default-1642863647379 [2022-07-27]

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)

Chrome:

=======

CHR Profile: C:\Users\fishe\AppData\Local\Google\Chrome\User Data\Default [2022-07-27]

CHR Notifications: Default -> hxxps://www.adam4adam.com; hxxps://www.adaware.com; hxxps://www.samsung.com

CHR Extension: (Search With Incognito) - C:\Users\fishe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegpbigghghmkomaolphakjjppnebdhb [2021-07-25]

CHR Extension: (WOT Website Security & Privacy Protection) - C:\Users\fishe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2022-07-17]

CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\fishe\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-07-09]

CHR Extension: (Search by Image (by Google)) - C:\Users\fishe\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2017-09-16]

CHR Extension: (Logitech Smooth Scrolling) - C:\Users\fishe\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2017-03-29]

CHR Extension: (BidTracer) - C:\Users\fishe\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnldallmemknnglkjkbenhkklclolldd [2017-03-29]

CHR Extension: (Google Docs Offline) - C:\Users\fishe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-27]

CHR Extension: (TinEye Reverse Image Search) - C:\Users\fishe\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2021-11-08]

CHR Extension: (Crackle) - C:\Users\fishe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2017-03-29]

CHR Extension: (Office - Enable Copy and Paste) - C:\Users\fishe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbmcpbgkhlpfcodhjhdbllhiaomkdej [2022-06-04]

CHR Extension: (Social Fixer for Facebook) - C:\Users\fishe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2021-11-13]

CHR Extension: (Cisco Webex Extension) - C:\Users\fishe\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2022-07-23]

CHR Extension: (Chromium Wheel Smooth Scroller) - C:\Users\fishe\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpcanbeojalbkpgpmjpdkjnkfcgfkhb [2021-10-14]

CHR Extension: (McAfee® Web Boost) - C:\Users\fishe\AppData\Local\Google\Chrome\User Data\Default\Extensions\klekeajafkkpokaofllcadenjdckhinm [2022-03-02]

CHR Extension: (Solitaire) - C:\Users\fishe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkbhppfbabandkdmgjmifahoabeodiep [2020-10-16]

CHR Extension: (Chrome Web Store Payments) - C:\Users\fishe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]

CHR Profile: C:\Users\fishe\AppData\Local\Google\Chrome\User Data\System Profile [2022-07-26]

CHR HKLM\...\Chrome\Extension: [klekeajafkkpokaofllcadenjdckhinm]

CHR HKLM-x32\...\Chrome\Extension: [klekeajafkkpokaofllcadenjdckhinm]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [338312 2016-09-27] (Qualcomm Atheros -> Windows ® Win 7 DDK provider)

S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc -> Autodesk, Inc.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12111288 2022-07-20] (Microsoft Corporation -> Microsoft Corporation)

S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.)

R2 DAX2API; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [163328 2016-01-27] () [File not signed]

S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncHelper.exe [3381632 2022-07-13] (Microsoft Corporation -> Microsoft Corporation)

R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [File not signed]

S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [File not signed]

S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.131.0619.0001\OneDriveUpdaterService.exe [3822496 2022-07-13] (Microsoft Corporation -> Microsoft Corporation)

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [14621592 2022-07-13] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1049464 2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)

R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [314744 2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)

R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-22] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31032 2017-10-20] (Acer Incorporated -> Acer Incorporated)

R3 MpKslea398e9e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A2A2B18F-4F9B-47E2-AC2A-8E4B21E0AA23}\MpKslDrv.sys [141576 2022-07-27] (Microsoft Windows -> Microsoft Corporation)

R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25400 2017-10-20] (Acer Incorporated -> Acer Incorporated)

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)

S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

(Video) How to Remove Viruses From Your Computer

S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)

R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-22] (Microsoft Windows -> Microsoft Corporation)

R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-22] (Microsoft Windows -> Microsoft Corporation)

S3 MpKsl776272b7; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E7C44AD5-2483-458F-86FE-CB274B29A219}\MpKslDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-07-27 20:52 - 2022-07-27 21:05 - 000028808 _____ C:\Users\fishe\Downloads\FRST.txt

2022-07-27 20:49 - 2022-07-27 20:59 - 000000000 ____D C:\FRST

2022-07-27 20:48 - 2022-07-27 20:48 - 002369536 _____ (Farbar) C:\Users\fishe\Downloads\FRST64.exe

2022-07-27 20:46 - 2022-07-27 20:46 - 002073600 _____ (Farbar) C:\Users\fishe\Downloads\FRST.exe

2022-07-27 19:59 - 2022-07-27 19:59 - 000000000 ___HD C:\$WinREAgent

2022-07-26 21:46 - 2022-07-26 21:46 - 000000000 ____D C:\WINDOWS\system32\IntelSSTAPO

2022-07-26 21:39 - 2016-11-11 08:18 - 003299824 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll

2022-07-26 21:39 - 2016-11-11 08:18 - 002190992 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll

2022-07-26 21:39 - 2016-11-11 08:18 - 001382240 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll

2022-07-26 21:39 - 2016-11-11 08:18 - 001337648 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll

2022-07-26 21:39 - 2016-11-11 08:18 - 000962136 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll

2022-07-26 21:39 - 2016-11-11 08:18 - 000873464 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll

2022-07-26 21:39 - 2016-11-11 08:18 - 000601152 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll

2022-07-26 21:39 - 2016-11-11 08:18 - 000532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll

2022-07-26 21:39 - 2016-11-11 08:18 - 000447184 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll

2022-07-26 21:39 - 2016-11-11 08:18 - 000166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll

2022-07-26 21:39 - 2016-11-11 08:18 - 000158704 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll

2022-07-26 21:39 - 2016-11-11 08:18 - 000075544 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll

2022-07-26 21:39 - 2016-11-11 08:17 - 001435144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll

2022-07-26 21:39 - 2016-11-11 08:17 - 000381416 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll

2022-07-26 21:39 - 2016-11-11 08:17 - 000341152 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll

2022-07-26 21:39 - 2016-11-11 08:17 - 000341152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll

2022-07-26 21:39 - 2016-11-11 08:17 - 000221968 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll

2022-07-26 21:39 - 2016-11-11 08:17 - 000209536 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll

2022-07-26 21:39 - 2016-11-11 08:16 - 002995008 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll

2022-07-26 21:39 - 2016-11-11 08:16 - 001003336 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll

2022-07-26 21:39 - 2016-11-11 08:16 - 000984920 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll

2022-07-26 21:39 - 2016-11-11 08:16 - 000965032 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll

2022-07-26 21:39 - 2016-11-11 08:16 - 000859224 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll

2022-07-26 21:39 - 2016-11-11 08:16 - 000231920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll

2022-07-26 21:39 - 2016-11-11 08:16 - 000090920 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll

2022-07-26 21:39 - 2016-11-11 08:16 - 000083632 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll

2022-07-26 21:39 - 2016-11-11 08:15 - 003283248 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll

2022-07-26 21:39 - 2016-11-11 08:15 - 000865920 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll

2022-07-26 21:39 - 2016-11-11 08:15 - 000850416 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll

2022-07-26 21:39 - 2016-11-11 08:15 - 000721808 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll

2022-07-26 21:39 - 2016-11-11 08:15 - 000689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll

2022-07-26 21:39 - 2016-11-11 08:15 - 000499160 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll

2022-07-26 21:39 - 2016-11-11 08:15 - 000387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll

2022-07-26 21:39 - 2016-11-11 08:15 - 000343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll

2022-07-26 21:39 - 2016-11-11 08:15 - 000214832 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll

2022-07-26 21:39 - 2016-11-11 08:15 - 000192984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll

2022-07-26 21:39 - 2016-11-11 08:15 - 000110984 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll

2022-07-26 21:39 - 2016-11-11 08:15 - 000088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll

2022-07-26 21:39 - 2016-11-11 08:14 - 006198144 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV3apo.dll

2022-07-26 21:39 - 2016-11-11 08:14 - 005793528 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll

2022-07-26 21:39 - 2016-11-11 08:14 - 002818792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll

2022-07-26 21:39 - 2016-11-11 08:14 - 001360520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll

2022-07-26 21:39 - 2016-11-11 08:14 - 000447720 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll

2022-07-26 21:39 - 2016-11-11 08:14 - 000321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll

2022-07-26 21:39 - 2016-11-11 08:14 - 000321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll

2022-07-26 21:39 - 2016-11-11 08:14 - 000151792 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll

2022-07-26 21:39 - 2016-11-11 08:14 - 000134200 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll

2022-07-26 21:39 - 2016-11-11 08:14 - 000084616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll

2022-07-26 21:39 - 2016-11-11 08:13 - 013122584 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll

2022-07-26 21:39 - 2016-11-11 08:13 - 005593616 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll

2022-07-26 21:39 - 2016-11-11 08:13 - 000677672 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll

2022-07-26 21:39 - 2016-11-11 08:12 - 001334384 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll

2022-07-26 21:39 - 2016-11-11 08:12 - 000999856 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll

2022-07-26 21:39 - 2016-11-11 08:11 - 001422928 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll

2022-07-26 21:39 - 2016-11-11 08:11 - 001213664 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll

2022-07-26 21:39 - 2016-11-11 08:11 - 001166160 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll

2022-07-26 21:39 - 2016-11-11 08:11 - 000678184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll

2022-07-26 21:39 - 2016-11-11 08:11 - 000330568 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll

2022-07-26 21:39 - 2016-11-11 08:10 - 010532056 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSSTAPO.dll

2022-07-26 21:39 - 2016-11-11 08:10 - 003295072 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll

2022-07-26 21:39 - 2016-11-11 08:10 - 001780624 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll

2022-07-26 21:39 - 2016-11-11 08:10 - 000727440 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll

2022-07-26 21:39 - 2016-11-11 08:10 - 000708312 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll

2022-07-26 21:39 - 2016-11-11 08:10 - 000618192 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll

2022-07-26 21:39 - 2016-11-11 08:10 - 000514528 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll

2022-07-26 21:39 - 2016-11-11 08:10 - 000500560 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll

2022-07-26 21:39 - 2016-11-11 08:10 - 000472312 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll

2022-07-26 21:39 - 2016-11-11 08:10 - 000428232 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll

2022-07-26 21:39 - 2016-11-11 08:10 - 000366128 _____ (Windows ® Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll

2022-07-26 21:39 - 2016-11-11 08:10 - 000360352 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll

2022-07-26 21:39 - 2016-11-11 08:10 - 000203848 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll

2022-07-26 21:39 - 2016-11-11 08:10 - 000190936 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll

2022-07-26 21:39 - 2016-11-11 08:10 - 000190936 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll

2022-07-26 21:39 - 2016-11-11 08:10 - 000179600 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll

2022-07-26 21:39 - 2016-11-11 08:09 - 002444696 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll

2022-07-26 21:39 - 2016-11-11 08:09 - 001959608 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll

2022-07-26 21:39 - 2016-11-11 08:09 - 001591064 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll

2022-07-26 21:39 - 2016-11-11 08:09 - 001508936 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll

2022-07-26 21:39 - 2016-11-11 08:09 - 000743968 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll

2022-07-26 21:39 - 2016-11-11 08:09 - 000504312 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll

2022-07-26 21:39 - 2016-11-11 08:09 - 000445400 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll

2022-07-26 21:39 - 2016-11-11 08:09 - 000441272 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll

2022-07-26 21:39 - 2016-11-11 08:09 - 000362056 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll

2022-07-26 21:39 - 2016-11-11 08:09 - 000327456 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll

2022-07-26 21:39 - 2016-11-11 08:09 - 000253904 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll

2022-07-26 21:39 - 2016-11-11 08:09 - 000253864 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll

2022-07-26 21:39 - 2016-11-11 08:09 - 000252880 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll

2022-07-26 21:39 - 2016-11-11 08:08 - 001618776 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll

2022-07-26 21:39 - 2016-11-11 08:08 - 001529144 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64Proxy.dll

2022-07-26 21:39 - 2016-11-11 08:08 - 000574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll

2022-07-26 21:39 - 2016-11-11 08:08 - 000310424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll

2022-07-26 21:39 - 2016-11-11 08:08 - 000272720 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll

2022-07-26 21:39 - 2016-11-11 08:08 - 000118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll

2022-07-26 21:39 - 2016-11-11 08:03 - 002110600 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll

2022-07-26 21:39 - 2016-11-11 08:02 - 072520720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat

2022-07-26 21:39 - 2016-11-11 08:02 - 003204104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll

2022-07-26 21:39 - 2016-11-11 08:02 - 000258864 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll

2022-07-26 21:39 - 2016-11-11 08:00 - 014057256 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll

2022-07-26 21:39 - 2016-11-11 08:00 - 001186824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelSstCApoPropPage.dll

2022-07-26 21:39 - 2016-11-11 08:00 - 001003856 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll

2022-07-26 21:39 - 2016-11-11 08:00 - 000931624 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll

2022-07-26 21:39 - 2016-11-11 08:00 - 000416512 _____ (Harman) C:\WINDOWS\system32\HMUI.dll

2022-07-26 21:39 - 2016-11-11 08:00 - 000378392 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll

2022-07-26 21:39 - 2016-11-11 08:00 - 000154368 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll

2022-07-26 21:39 - 2016-11-11 07:58 - 000105312 _____ C:\WINDOWS\system32\audioLibVc.dll

2022-07-26 21:39 - 2016-11-11 07:56 - 012988352 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO4064.dll

2022-07-26 21:39 - 2016-11-11 07:56 - 002825104 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO7064.dll

2022-07-26 21:39 - 2016-11-11 07:56 - 002706864 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll

2022-07-26 21:39 - 2016-11-11 07:56 - 001965816 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll

2022-07-26 21:39 - 2016-11-11 07:56 - 000923744 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll

2022-07-26 21:39 - 2016-11-11 07:56 - 000467160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll

2022-07-26 21:39 - 2016-11-11 07:56 - 000088328 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll

2022-07-26 21:39 - 2016-11-11 07:52 - 007172920 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll

2022-07-26 21:39 - 2016-11-11 07:52 - 007096192 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll

2022-07-26 21:39 - 2016-11-11 07:52 - 006264640 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll

2022-07-26 21:39 - 2016-11-11 07:52 - 003014152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl

2022-07-26 21:39 - 2016-11-11 07:52 - 002201096 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll

2022-07-26 21:39 - 2016-11-11 07:52 - 002050184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll

2022-07-26 21:39 - 2016-11-11 07:52 - 001133592 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll

2022-07-26 21:39 - 2016-11-11 07:52 - 000122320 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll

2022-07-26 21:39 - 2016-11-11 07:52 - 000118592 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll

2022-07-26 21:39 - 2016-11-11 06:18 - 001921016 _____ C:\WINDOWS\system32\Drivers\rtkSSTsetting.dat

2022-07-26 21:39 - 2016-11-11 06:17 - 007400293 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT

2022-07-26 21:30 - 2022-07-26 21:30 - 000000000 ____D C:\WINDOWS\Firmware

2022-07-26 19:45 - 2022-07-26 19:46 - 008551608 _____ (Malwarebytes) C:\Users\fishe\Downloads\adwcleaner.exe

2022-07-17 20:14 - 2022-07-17 20:14 - 030827549 _____ C:\Users\fishe\Desktop\Fwd_ Presbyterian Church of the Moriches.zip

2022-07-17 20:13 - 2022-07-17 20:14 - 030827549 _____ C:\Users\fishe\Downloads\Fwd_ Presbyterian Church of the Moriches.zip

2022-07-17 16:24 - 2022-07-17 16:24 - 016832988 _____ C:\Users\fishe\Desktop\MorichesPresby.pdf

2022-07-15 20:02 - 2022-07-15 20:02 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll

2022-07-15 20:02 - 2022-07-15 20:02 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe

2022-07-15 20:02 - 2022-07-15 20:02 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com

2022-07-15 20:02 - 2022-07-15 20:02 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll

2022-07-15 20:02 - 2022-07-15 20:02 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com

2022-07-15 20:02 - 2022-07-15 20:02 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com

2022-07-15 20:01 - 2022-07-15 20:01 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe

2022-07-15 20:01 - 2022-07-15 20:01 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll

2022-07-15 20:01 - 2022-07-15 20:01 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll

2022-07-15 20:01 - 2022-07-15 20:01 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com

2022-07-15 20:01 - 2022-07-15 20:01 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com

2022-07-15 20:01 - 2022-07-15 20:01 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com

2022-07-15 20:01 - 2022-07-15 20:01 - 000011811 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim

2022-07-15 20:00 - 2022-07-15 20:00 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll

2022-07-15 19:59 - 2022-07-15 19:59 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll

2022-07-15 19:58 - 2022-07-15 19:58 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll

2022-07-15 19:58 - 2022-07-15 19:58 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll

2022-07-15 19:58 - 2022-07-15 19:58 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll

2022-07-15 19:58 - 2022-07-15 19:58 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll

2022-07-12 18:59 - 2022-07-12 18:59 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job

2022-07-12 18:51 - 2022-07-12 18:51 - 000000000 ____D C:\WINDOWS\pss

2022-07-06 21:12 - 2022-07-12 18:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox

2022-06-28 18:52 - 2022-06-28 18:52 - 000137600 _____ (Zoom Video Communications, Inc.) C:\Users\fishe\Downloads\Zoom_cm_fo42anktZ9vvrZo4_m5LHzMkMUZARbbDkHz+AFkYzSyo4eOWPLkEs@g8tbguf-vE8ZP0Ib_k04936d0fe9d865f1_.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-07-27 21:12 - 2022-01-22 11:01 - 000000000 ____D C:\Users\fishe\AppData\LocalLow\Mozilla

2022-07-27 21:03 - 2018-06-03 21:00 - 000000000 ____D C:\Program Files (x86)\TeamViewer

2022-07-27 21:03 - 2017-03-29 19:32 - 000000000 ____D C:\Program Files (x86)\Google

2022-07-27 20:57 - 2020-06-15 01:12 - 000003508 _____ C:\WINDOWS\system32\Tasks\DashlaneUpgradeCheck

2022-07-27 20:24 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2022-07-27 20:01 - 2020-06-15 00:19 - 000005978 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2022-07-27 19:59 - 2022-02-11 21:01 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38

2022-07-27 19:59 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp

2022-07-27 19:59 - 2017-04-29 08:16 - 000000000 ____D C:\Program Files\CCleaner

2022-07-27 19:56 - 2017-03-27 20:27 - 000000000 __SHD C:\Users\fishe\IntelGraphicsProfiles

2022-07-27 19:54 - 2020-06-15 01:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2022-07-27 19:54 - 2020-06-15 00:00 - 000008192 ___SH C:\DumpStack.log.tmp

2022-07-27 19:54 - 2020-05-28 19:01 - 000008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat

2022-07-27 19:54 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ServiceState

2022-07-27 19:49 - 2019-12-07 05:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI

2022-07-27 19:03 - 2020-06-15 00:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2022-07-26 21:51 - 2020-06-15 00:08 - 000000000 ____D C:\Users\fishe

2022-07-26 21:47 - 2021-12-17 20:54 - 000001398 _____ C:\Users\fishe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk

2022-07-26 21:47 - 2021-12-17 20:54 - 000000000 ____D C:\Users\fishe\AppData\Local\PCHealthCheck

2022-07-26 21:46 - 2017-06-29 23:07 - 000000000 ____D C:\ProgramData\rtkSSTSetting

2022-07-26 21:43 - 2017-06-29 23:07 - 002011894 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip

2022-07-26 21:42 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF

(Video) How to Remove Trojan Virus from Windows?

2022-07-26 21:42 - 2017-06-29 23:07 - 000000000 ____D C:\WINDOWS\system32\DAX2

2022-07-26 21:40 - 2017-06-29 23:07 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM

2022-07-26 21:35 - 2017-06-29 23:07 - 000000000 ____D C:\WINDOWS\SysWOW64\sda

2022-07-26 20:08 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports

2022-07-26 20:08 - 2017-03-29 19:26 - 000000000 ____D C:\Users\fishe\AppData\Local\CrashDumps

2022-07-26 19:34 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness

2022-07-26 19:14 - 2020-12-11 20:53 - 000000000 ____D C:\Program Files\SUPERAntiSpyware

2022-07-24 17:35 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps

2022-07-24 07:47 - 2020-06-16 21:11 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk

2022-07-24 07:47 - 2020-06-16 21:11 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk

2022-07-20 19:05 - 2021-12-07 01:45 - 000000000 ____D C:\Program Files\Microsoft Office

2022-07-20 18:59 - 2017-03-29 19:33 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2022-07-20 18:57 - 2020-06-16 21:08 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA

2022-07-20 18:57 - 2020-06-16 21:08 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

2022-07-17 02:15 - 2020-06-15 00:02 - 001792272 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2022-07-17 02:14 - 2021-12-09 22:07 - 000000000 ____D C:\Program Files\Microsoft OneDrive

2022-07-17 02:11 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata

2022-07-17 02:11 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources

2022-07-17 02:10 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\PrintDialog

2022-07-17 02:10 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel

2022-07-17 02:10 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata

2022-07-17 02:10 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\setup

2022-07-17 02:10 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe

2022-07-17 02:10 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\es-MX

2022-07-17 02:10 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\DDFs

2022-07-17 02:10 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellExperiences

2022-07-17 02:10 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellComponents

2022-07-17 02:10 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr

2022-07-15 19:57 - 2020-06-15 00:08 - 003010560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

2022-07-15 18:28 - 2017-03-29 21:31 - 000000000 ____D C:\WINDOWS\system32\MRT

2022-07-15 18:21 - 2017-03-29 21:30 - 146546848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2022-07-13 20:49 - 2021-12-10 22:06 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1462537330-2448890953-4029325140-1001

2022-07-13 20:49 - 2021-12-07 02:00 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task

2022-07-13 20:49 - 2021-12-07 02:00 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2022-07-12 18:56 - 2016-11-12 09:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2022-07-10 21:54 - 2017-10-01 09:27 - 000000000 ____D C:\Users\fishe\AppData\Local\ElevatedDiagnostics

2022-07-07 18:38 - 2022-01-22 11:00 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla

==================== Files in the root of some directories ========

2017-03-27 21:04 - 2014-04-16 18:08 - 000658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall248480.exe

2018-07-28 07:19 - 2019-05-18 08:01 - 000000033 _____ () C:\Users\fishe\AppData\Roaming\redline2stapler.tmp

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-07-2022

Ran by fishe (27-07-2022 21:14:47)

Running from C:\Users\fishe\Downloads

Microsoft Windows 10 Home Version 21H1 19043.1826 (X64) (2020-06-15 05:15:11)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1462537330-2448890953-4029325140-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-1462537330-2448890953-4029325140-503 - Limited - Disabled)

fishe (S-1-5-21-1462537330-2448890953-4029325140-1001 - Administrator - Enabled) => C:\Users\fishe

Guest (S-1-5-21-1462537330-2448890953-4029325140-501 - Limited - Disabled)

WDAGUtilityAccount (S-1-5-21-1462537330-2448890953-4029325140-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: McAfee VirusScan (Enabled - Up to date) {4DE344F8-6897-65B4-CED0-82B3AF2591B4}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.07.2004 - Acer Incorporated)

abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)

Amazon Kindle (HKU\S-1-5-21-1462537330-2448890953-4029325140-1001\...\Amazon Kindle) (Version: 1.20.1.47037 - Amazon)

AutoCAD 2015 - English (HKLM\...\{5783F2D7-E001-0000-0102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden

Autodesk 360 (HKLM\...\{556966D9-F7F6-421B-9707-D07901604DDF}) (Version: 5.2.3.1000 - Autodesk)

Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)

Autodesk AutoCAD 2015 - English (HKLM\...\AutoCAD 2015 - English) (Version: 20.0.51.0 - Autodesk)

Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)

Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk)

Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)

Autodesk Content Service Language Pack (HKLM-x32\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden

Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.5.154 - Autodesk)

Autodesk Featured Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)

Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)

Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)

Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.3.1.39 - Autodesk)

BidTacher (HKLM-x32\...\{B928F8DD-A3C0-4100-8DB6-95E1B8FCF8FB}) (Version: 6.2.4 - Specialty Software Group, LLC)

BidTacherLite (HKLM-x32\...\{4EDC25C3-8ADD-4A6A-8162-E98304E06D0E}) (Version: 2.0.0 - Specialty Software Group, LLC.)

Bluebeam Localization x64 (HKLM\...\{2626F549-DAE5-4838-BB4E-347C4B81487F}) (Version: 16.1.0 - Bluebeam Software, Inc.) Hidden

Bluebeam Revu x64 2016.1 (HKLM\...\{50464486-13F5-41CA-AF25-AD56C0DC1D02}) (Version: 16.1.0 - Bluebeam Software, Inc.)

Bluebeam Revu x64 2018 (HKLM\...\{7F5E49F6-A466-4553-B9E0-53D7380944E3}) (Version: 18.0.3 - Bluebeam, Inc.)

Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)

CCleaner (HKLM\...\CCleaner) (Version: 6.01 - Piriform)

Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.17.0 - Dashlane, Inc.)

Dolby Audio X2 Windows API SDK (HKLM\...\{6A478BF2-F67F-4ABC-A7F1-B6B5BA862371}) (Version: 0.6.3.44 - Dolby Laboratories, Inc.)

Dolby Audio X2 Windows APP (HKLM\...\{7DA57EF8-9D20-4126-AF15-D0CC97D0C017}) (Version: 0.6.3.48 - Dolby Laboratories, Inc.)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 103.0.5060.134 - Google LLC)

Intel® Chipset Device Software (HKLM\...\{12CB6BC1-4E71-4890-AA0E-26CED6AD7EDD}) (Version: 10.1.1.13 - Intel Corporation) Hidden

Intel® Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel® Corporation) Hidden

Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.5.0.1015 - Intel Corporation)

Intel® Management Engine Components (HKLM\...\{8E1338CD-2B65-47CB-94F1-8092443EC46B}) (Version: 1.0.0.0 - Intel Corporation) Hidden

Intel® Management Engine Components (HKLM\...\{E04E7192-DD1D-4266-80F3-D5C94E264B9D}) (Version: 11.5.0.1015 - Intel Corporation) Hidden

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4691 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM\...\{B66F70B4-34E5-429A-9F55-7129E0833A45}) (Version: 14.8.0.1042 - Intel Corporation) Hidden

Intel® Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.0.21 - Intel Corporation)

Intel® Wireless Bluetooth® (HKLM-x32\...\{00000050-0210-1033-84C8-B8D95FA3C8C3}) (Version: 21.50.0.1 - Intel Corporation)

Intel® Security Assist (HKLM-x32\...\{8B08DDA1-FDE7-4897-8EB6-E0B048A6D88B}) (Version: 1.0.1.618 - Intel Corporation)

Intel® Trusted Connect Service Client (HKLM\...\{3973721B-C2ED-4505-98B6-752897ECF2F1}) (Version: 1.42.680.1 - Intel Corporation) Hidden

Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)

Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.71 - Microsoft Corporation)

Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 103.0.1264.71 - Microsoft Corporation)

Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden

Microsoft Office Professional Plus 2021 - en-us (HKLM\...\ProPlus2021Retail - en-us) (Version: 16.0.15330.20264 - Microsoft Corporation)

Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.131.0619.0001 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)

Microsoft Support and Recovery Assistant (HKU\S-1-5-21-1462537330-2448890953-4029325140-1001\...\a1a734b8150c1d83) (Version: 17.0.7513.25 - Microsoft Corporation)

Microsoft Teams (HKU\S-1-5-21-1462537330-2448890953-4029325140-1001\...\Teams) (Version: 1.3.00.3564 - Microsoft Corporation)

Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)

Microsoft VC++ redistributables repacked. (HKLM\...\{4AF02DE3-3947-42DF-851B-DDC8D188F456}) (Version: 12.0.0.0 - Intel Corporation) Hidden

Microsoft VC++ redistributables repacked. (HKLM-x32\...\{139E6421-AE9D-4D73-9DD5-F8E8B5E86FB4}) (Version: 12.0.0.0 - Intel Corporation) Hidden

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)

Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215 (HKLM\...\{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}) (Version: 14.0.24215 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215 (HKLM\...\{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}) (Version: 14.0.24215 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM-x32\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM-x32\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden

Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 102.0.1 (x64 en-US)) (Version: 102.0.1 - Mozilla)

Mozilla Firefox 54.0 (x64 en-US) (HKLM\...\Mozilla Firefox 54.0 (x64 en-US)) (Version: 54.0 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 96.0.2 - Mozilla)

Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15330.20230 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15330.20230 - Microsoft Corporation) Hidden

Optimum (HKU\S-1-5-21-1462537330-2448890953-4029325140-1001\...\4155378504.optimumapp.iptv.optimum.net) (Version: - optimumapp.iptv.optimum.net)

Optimum App for Laptop 4.5 (HKLM\...\{6082AB31-92B1-4832-AC89-3B2E6D8C14FE}) (Version: 4.5 - Cablevision)

Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10260 - Qualcomm Atheros)

Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.281 - Qualcomm Atheros)

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7977 - Realtek Semiconductor Corp.)

SketchUp Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)

Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)

SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 10.0.1216 - SUPERAntiSpyware.com)

Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.19572 - Microsoft Corporation)

TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.32.3 - TeamViewer)

Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)

Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Hidden

Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-5) (Version: 1.0.42.0 - LunarG, Inc.)

WD Drive Utilities (HKLM-x32\...\{48996CDD-DD81-4197-93FE-0971E73C5CA7}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.) Hidden

WD Drive Utilities (HKLM-x32\...\{eab1fb93-61fb-48de-b815-b4e9b68d2ef1}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.)

WD Quick View (HKLM-x32\...\{F4F2EF32-EAFE-4F87-B7DC-E19C9F8E76FC}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)

WD Security (HKLM-x32\...\{919ADA61-13BF-43C4-A2DD-8BA49A244FC8}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)

WD SmartWare (HKLM\...\{515B34CA-1229-4EDA-AE7C-53CBA68B8A7A}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)

WD SmartWare Installer (HKLM-x32\...\{4555885d-a64c-4234-9aac-72a8a6b5590b}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)

Windows PC Health Check (HKLM\...\{014B7442-C784-45D3-A152-F7D2C651F28A}) (Version: 3.3.2110.22002 - Microsoft Corporation)

Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)

Windows PC Health Check (HKLM\...\{804A0628-543B-4984-896C-F58BF6A54832}) (Version: 3.7.2204.15001 - Microsoft Corporation)

WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)

Zoom (HKU\S-1-5-21-1462537330-2448890953-4029325140-1001\...\ZoomUMX) (Version: 5.9.3 (3169) - Zoom Video Communications, Inc.)

Zoom Outlook Plugin (HKLM-x32\...\{E3C9EEAA-9686-442D-BDDC-1F36D338EDBF}) (Version: 5.8.0 - Zoom)

Packages:

=========

Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2020-02-18] (Amazon.com)

Audiobooks from Audible -> C:\Program Files\WindowsApps\AudibleInc.AudibleforWindowsPhone_10.5.67.0_x64__xns73kv1ymhp2 [2021-02-10] (Audible Inc)

Citrix Workspace -> C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_22.6.22.0_x86__hmf6bx7z76t54 [2022-07-14] (Citrix) [Startup Task]

Dropbox for S mode -> C:\Program Files\WindowsApps\C27EB4BA.DROPBOX_22.4.17.0_x64__xbfy0k16fey96 [2022-07-10] (Dropbox Inc.)

LastPass for Windows Desktop -> C:\Program Files\WindowsApps\LastPass.LastPass_4.9.0.0_x64__qq0fmhteeht3j [2022-06-29] (LastPass)

LastPass: Free Password Manager -> C:\Program Files\WindowsApps\LastPass.LastPassFreePasswordManager_4.69.0.0_neutral__qq0fmhteeht3j [2021-04-10] (LastPass)

Libby, by OverDrive -> C:\Program Files\WindowsApps\2FA138F6.LibbybyOverDrive_1.4.2.0_x64__daecb9042jmvt [2019-06-22] (OverDrive Inc.)

LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2018-06-26] (LinkedIn)

Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-06-15] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]

Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.1817.0_x64__8wekyb3d8bbwe [2021-12-15] (Microsoft Corporation)

Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7040.0_x64__8wekyb3d8bbwe [2022-07-12] (Microsoft Studios) [MS Ad]

OverDrive - Library eBooks & Audiobooks -> C:\Program Files\WindowsApps\2FA138F6.OverDriveMediaConsole_3.8.0.5_neutral__daecb9042jmvt [2019-06-22] (OverDrive Inc.)

Par 72 Golf -> C:\Program Files\WindowsApps\28861RESETgame.Par72Golf_3.1.6.0_x64__35b8x47qztent [2021-12-04] (RESETgame)

Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-22] (Microsoft Corporation)

Roku -> C:\Program Files\WindowsApps\1319C185.Roku_3.1.1.0_x64__gz11xxydh4gg8 [2017-10-07] (Roku)

Sirius XM Radio Inc. -> C:\Program Files\WindowsApps\SiriusXM.SiriusXM_4.7.0.0_x64__rb1gq5s0htdrw [2020-10-31] (Sirius XM Radio Inc)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{0008E670-DC62-38AD-82D3-8C42FB538F4D}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\BidTacherLite\BidTacher_Lite.DLL (Specialty Software Group, LLC.) [File not signed]

(Video) How to Fix Trojan Blocks Internet 💉 ~ Virus Blocks My Internet | Remove Trojan | Nico Knows Tech

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{011E32F7-D5B0-36FF-B35C-53533542F5F1}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\Specialty Software Group, LLC\BidTacher\BidTacher.DLL (Specialty Software Group, LLC) [File not signed]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{03CEE2BB-7F65-3B95-A729-4D19B4404C6B}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\Specialty Software Group, LLC\BidTacher\BidTacher.DLL (Specialty Software Group, LLC) [File not signed]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{04271989-4A69-F6F9-7582-C4541FE482C2} -> [OneDrive - Technical Glazing Solutions] => C:\Users\fishe\OneDrive - Technical Glazing Solutions [2021-03-21 16:01]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{04271989-C4D2-2C42-357A-5FD48D40E751} -> [OneDrive - Above All Storefronts] => C:\Users\fishe\OneDrive - Above All Storefronts [2017-04-05 21:11]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc -> Autodesk, Inc.)

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{137E8F9A-4BFB-3B86-88A2-D0204CB3369E}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\Specialty Software Group, LLC\BidTacher\BidTacher.DLL (Specialty Software Group, LLC) [File not signed]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{13943253-0381-382A-AB76-606E619B1128}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\Specialty Software Group, LLC\BidTacher\BidTacher.DLL (Specialty Software Group, LLC) [File not signed]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc -> Autodesk, Inc.)

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\fishe\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19350.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{242A56EF-2EBF-3E70-B3C8-4BD64B0FB930}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\Specialty Software Group, LLC\BidTacher\BidTacher.DLL (Specialty Software Group, LLC) [File not signed]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{2E59E1C3-3C9E-3B05-98E7-9DC46F4F6D6A}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\Specialty Software Group, LLC\BidTacher\BidTacher.DLL (Specialty Software Group, LLC) [File not signed]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{30836FFB-3BAA-49EE-A52A-627ABB3AD7EB}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\BidTacherLite\adxloader64.dll () [File not signed]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{4CDC34E4-AB73-40B6-9525-437D0253DD73}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\Specialty Software Group, LLC\BidTacher\adxloader64.dll () [File not signed]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{62150B0D-F6CC-4979-952B-D8D69DA740BD}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\Specialty Software Group, LLC\BidTacher\BidTacher.DLL (Specialty Software Group, LLC) [File not signed]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{6988CEDF-426A-3A72-997F-7AC168A9052E}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\Specialty Software Group, LLC\BidTacher\BidTacher.DLL (Specialty Software Group, LLC) [File not signed]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{7BD60F1D-0C63-36D1-9BF1-EB5E7F311572}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\Specialty Software Group, LLC\BidTacher\BidTacher.DLL (Specialty Software Group, LLC) [File not signed]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{7FC7BA11-10F7-3AC1-8E12-157EA7475FE0}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\BidTacherLite\BidTacher_Lite.DLL (Specialty Software Group, LLC.) [File not signed]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{8ADCCEA1-D96E-3062-801C-A625A2677578}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\Specialty Software Group, LLC\BidTacher\BidTacher.DLL (Specialty Software Group, LLC) [File not signed]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{8D9514EA-A254-333B-811C-8DEB2E8891A6}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\Specialty Software Group, LLC\BidTacher\BidTacher.DLL (Specialty Software Group, LLC) [File not signed]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{A4FAC1B5-AE35-3CFE-AAF5-69519AC67E98}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\Specialty Software Group, LLC\BidTacher\BidTacher.DLL (Specialty Software Group, LLC) [File not signed]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{AA6D482C-B6CD-3226-B910-D9D67821E134}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\Specialty Software Group, LLC\BidTacher\BidTacher.DLL (Specialty Software Group, LLC) [File not signed]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{AFECE42B-75DD-3098-92F2-27DE15D40F1B}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\Specialty Software Group, LLC\BidTacher\BidTacher.DLL (Specialty Software Group, LLC) [File not signed]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{B059733B-DD51-3457-AA10-3561EE23B653}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\Specialty Software Group, LLC\BidTacher\BidTacher.DLL (Specialty Software Group, LLC) [File not signed]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{B2A08C13-C5D1-3701-9491-3693E24FFB40}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\Specialty Software Group, LLC\BidTacher\BidTacher.DLL (Specialty Software Group, LLC) [File not signed]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{B6D82CA8-7743-3BF9-BE84-D9645A2F177B}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\Specialty Software Group, LLC\BidTacher\BidTacher.DLL (Specialty Software Group, LLC) [File not signed]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{C7395B2F-B50E-3EA4-8520-3B4A3A06C809}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\Specialty Software Group, LLC\BidTacher\BidTacher.DLL (Specialty Software Group, LLC) [File not signed]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{CAA7EEC6-1A17-33D2-8189-55B9BEA046B8}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\Specialty Software Group, LLC\BidTacher\BidTacher.DLL (Specialty Software Group, LLC) [File not signed]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\fishe\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19350.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{CEE5A437-2CA7-3A69-B08F-ACBC8DEBA3D9}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\Specialty Software Group, LLC\BidTacher\BidTacher.DLL (Specialty Software Group, LLC) [File not signed]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{D522F43B-7CBD-34CC-8225-78DC9EA30FEF}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\Specialty Software Group, LLC\BidTacher\BidTacher.DLL (Specialty Software Group, LLC) [File not signed]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{E08C87BD-9B11-3FB7-A651-D0659CACA532}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\Specialty Software Group, LLC\BidTacher\BidTacher.DLL (Specialty Software Group, LLC) [File not signed]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2015\en-US\acadficn.dll (Autodesk, Inc -> Autodesk, Inc.)

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{EC6DC1E2-FF06-35BC-8D2D-35A6D16FD6E8}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\Specialty Software Group, LLC\BidTacher\BidTacher.DLL (Specialty Software Group, LLC) [File not signed]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{EFCC6742-AA94-35B1-8BD5-5B883127BB12}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\Specialty Software Group, LLC\BidTacher\BidTacher.DLL (Specialty Software Group, LLC) [File not signed]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{F86C4F5B-C761-39A6-A5D3-3AD514E70352}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\Specialty Software Group, LLC\BidTacher\BidTacher.DLL (Specialty Software Group, LLC) [File not signed]

CustomCLSID: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001_Classes\CLSID\{FD26A18E-7D15-36FA-A401-B2DBF2E3C8F5}\InprocServer32 -> C:\Users\fishe\AppData\Roaming\Specialty Software Group, LLC\BidTacher\BidTacher.DLL (Specialty Software Group, LLC) [File not signed]

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-13] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-13] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-13] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-13] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-13] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-13] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-13] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)

ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)

ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc -> Autodesk, Inc.)

ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-13] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-13] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-13] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-13] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-13] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-13] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-13] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-13] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File

ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2014-02-07] (Autodesk, Inc -> Autodesk)

ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File

ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File

ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)

ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File

ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-13] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File

ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncShell64.dll [2022-07-13] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82548830eadb8221\igfxDTCM.dll [2017-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File

ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)

ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\fishe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Solitaire.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=lkbhppfbabandkdmgjmifahoabeodiep

==================== Loaded Modules (Whitelisted) =============

2016-04-19 12:02 - 2016-04-19 12:02 - 001006080 ____R (Robert Simpson, et al.) [File not signed] [File is in use] C:\Program Files (x86)\Western Digital\WD SmartWare\System.Data.SQLite.dll

2022-06-17 19:02 - 2022-06-17 19:02 - 000670720 _____ (Telerik) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\EQATEC.Anal6924f0b8#\80276ca3bebb766390e4bdef5f779030\EQATEC.Analytics.Monitor.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-1462537330-2448890953-4029325140-1001\Software\Classes\.scr: AutoCADScriptFile =>

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\S-1-5-21-1462537330-2448890953-4029325140-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\S-1-5-21-1462537330-2448890953-4029325140-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)

Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)

Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-07-09] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1462537330-2448890953-4029325140-1001\...\sharepoint.com -> hxxps://aboveallstorefronts-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 03:24 - 2015-10-30 03:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2017-10-07 15:10 - 2020-07-06 19:57 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

69.254.40.106 DESKTOP-3QU7A8Q.mshome.net # 2025 3 5 14 16 44 10 973

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\

HKU\S-1-5-21-1462537330-2448890953-4029325140-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\fishe\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg

DNS Servers: 192.168.1.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"

HKLM\...\StartupApproved\Run: => "RTHDVCPL"

HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"

HKLM\...\StartupApproved\Run: => "IAStorIcon"

HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"

HKLM\...\StartupApproved\Run: => "DAX2_APP"

HKLM\...\StartupApproved\Run: => "WindowsDefender"

HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"

HKLM\...\StartupApproved\Run32: => "WD Drive Unlocker"

HKLM\...\StartupApproved\Run32: => "DriveUtilitiesHelper"

HKLM\...\StartupApproved\Run32: => "WD Quick View"

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"

HKU\S-1-5-21-1462537330-2448890953-4029325140-1001\...\StartupApproved\Run: => "Autodesk Sync"

HKU\S-1-5-21-1462537330-2448890953-4029325140-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

HKU\S-1-5-21-1462537330-2448890953-4029325140-1001\...\StartupApproved\Run: => "OneDrive"

HKU\S-1-5-21-1462537330-2448890953-4029325140-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F82204F8-DA53-460D-B218-449E212FB63B}] => (Allow) C:\Users\fishe\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FirewallRules: [{DA6B94E5-BBC5-438E-8FB5-F4056BA2FA25}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{DB740ADC-ECC5-4D9C-92B2-9037299CCD63}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{C404ACCF-AC8E-40E2-934E-453B404F512B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{0AFB47B2-2619-477A-9300-C076A0E547C1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{87F2F7C9-63BC-409F-8F53-3AAE9C0EBC26}] => (Allow) LPort=50248

FirewallRules: [{89849632-F1DC-4B0E-B459-ECABEA011769}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{BBC50E50-7D2E-4195-8EDF-139F65B055A0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{7A5A9BDC-CC20-4928-9D86-15712AB2E3C6}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)

FirewallRules: [{E82A1ED1-FB53-402E-BAF1-73E44D5D638E}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)

FirewallRules: [{4A42EC62-0E0B-4130-A21B-846CB4620101}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)

FirewallRules: [{23375DCA-7AE6-4017-8521-202E086FBC15}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)

FirewallRules: [{A99734DB-C3E7-4061-8CF3-0E80D0B1483F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)

FirewallRules: [{C30BDB53-0777-40C5-8F0E-EB3BFB9F0BBE}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)

FirewallRules: [{E972F377-759A-4DAB-BB9B-256427CCA2B3}] => (Block) C:\Program Files\Bluebeam Software\Bluebeam Revu\2016\Revu\Revu.exe (Bluebeam Software, Inc. -> Bluebeam Software, Inc.)

FirewallRules: [{4E567F76-5552-4E4E-BA41-81BC2F534896}] => (Block) C:\Program Files\Bluebeam Software\Bluebeam Revu\2016\Revu\Revu.exe (Bluebeam Software, Inc. -> Bluebeam Software, Inc.)

FirewallRules: [{C2F40E40-81E1-411B-B547-16F68165C9E5}] => (Block) C:\Program Files\Bluebeam Software\Bluebeam Revu\2016\Revu\WIAShell.exe (Bluebeam Software, Inc.) [File not signed]

FirewallRules: [{CAF6F3F9-FA52-4A87-8E59-F0CA30CC3AF4}] => (Block) C:\Program Files\Bluebeam Software\Bluebeam Revu\2016\Revu\WIAShell.exe (Bluebeam Software, Inc.) [File not signed]

FirewallRules: [{FFF8F56B-4AC9-4501-9E3E-00EF125616C8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe => No File

FirewallRules: [{4F6C813E-4C8E-4F38-B8B0-B030CAB5DB36}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe => No File

FirewallRules: [{DADF8962-A9D9-4401-9C06-FC9C19B132CC}] => (Block) C:\Program Files\Bluebeam Software\Bluebeam Revu\2018\Revu\Revu.exe (Bluebeam, Inc. -> Bluebeam, Inc.)

FirewallRules: [{C0F08BC3-FA62-47D0-A346-B63AE7A6370A}] => (Block) C:\Program Files (x86)\Bluebeam Software\Bluebeam Revu\2018\Revu\Revu32.exe (Bluebeam, Inc. -> Bluebeam, Inc.)

FirewallRules: [{6758A46B-60D2-4D4F-8DA7-2DD0D2459371}] => (Block) C:\Program Files (x86)\Bluebeam Software\Bluebeam Revu\2018\Revu\Revu32.exe (Bluebeam, Inc. -> Bluebeam, Inc.)

FirewallRules: [{1C978C97-4B20-4C96-B3EC-0E031E0BABC1}] => (Block) C:\Program Files\Bluebeam Software\Bluebeam Revu\2018\Revu\Revu.exe (Bluebeam, Inc. -> Bluebeam, Inc.)

FirewallRules: [{9BAFA4C5-7CC8-47E4-989C-4788371473CC}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)

FirewallRules: [{0BB122F6-AF0F-44C1-B712-81DE7477BD08}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)

FirewallRules: [{F98CA075-957B-4E7F-BA80-54B34B903176}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{6CB6AAC4-DF25-44EB-9AB9-73838AE03DD6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{AF3C347D-3380-43B4-A52C-C6A7EFB220BA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{A14DDC90-9F26-48E4-B5AB-244489B2A116}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{EF1AC46B-05F8-407D-83F2-1B95B9C89022}] => (Allow) C:\Users\fishe\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FirewallRules: [{0D8C3527-6A6A-4888-A050-C30B7236F804}] => (Allow) C:\Users\fishe\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FirewallRules: [{D06DADB4-6797-4C7F-9B52-CB6A6FED7D4D}] => (Allow) C:\Users\fishe\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FirewallRules: [{5D79A45E-B072-4B9E-B505-6F02A99A746B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{D20FAF6B-9D31-44BB-B130-E3E79741334A}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_22.6.22.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)

FirewallRules: [{0DD26656-4390-4582-B4AD-A4C22FF0293B}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_22.6.22.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)

FirewallRules: [{15CF6CB4-BA26-42A1-84B2-E5C5B8D8BDBC}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_22.6.22.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)

FirewallRules: [{121BBED8-77E2-46A2-9CF0-77FA24E4A2A6}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_22.6.22.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)

FirewallRules: [{A695B0E4-843A-4BA4-A137-2177D91E364B}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_22.6.22.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)

FirewallRules: [{548428DA-9209-4441-BBE9-4B79215E6BAE}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_22.6.22.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)

FirewallRules: [{F56C3010-B028-4AC9-BBA2-B9DFC2794BF3}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_22.6.22.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)

FirewallRules: [{A6A2E777-CAB5-4BF3-8C6E-733D78CEE6B6}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_22.6.22.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)

FirewallRules: [{A4B06732-DF14-441E-AEAB-8C302BDFB056}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_22.6.22.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)

FirewallRules: [{14B4CE83-4E15-48E2-938E-A43D19A42F96}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_22.6.22.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)

FirewallRules: [{4A587A81-9EC9-4FBF-8998-C514E43C7F10}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{8C7B0399-163D-455E-963E-5578603E0D91}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{5028344F-466E-44B7-BFD4-9E66ACD8F090}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{405E7843-C3DE-4812-A594-F04E28DD6AD1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{B019A370-6DAC-402B-A057-2DDCC854F93B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

FirewallRules: [{7D313C92-7556-4314-AC6C-00F8A1ADADCA}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\103.0.1264.71\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{153B1F7B-128C-4EBC-A955-43BEC684E79D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{568E3F41-2CA6-45D9-9445-18BE4FD2722E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{8109A105-AA14-4DA8-A674-B4D3FFC8A5FE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{29338EE0-1D8F-467C-B920-C1F6A609B166}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

==================== Restore Points =========================

(Video) How to Remove Virus from Windows 11

23-07-2022 09:30:26 Scheduled Checkpoint

26-07-2022 21:41:24 Installed Windows PC Health Check

26-07-2022 21:48:50 Windows Modules Installer

26-07-2022 22:09:53 Windows Modules Installer

27-07-2022 20:00:02 Windows Modules Installer

==================== Faulty Device Manager Devices ============

Name: Bluetooth USB Module

Description: Bluetooth USB Module

Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}

Manufacturer: Qualcomm Atheros Communications

Service: BTHUSB

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver

==================== Event log errors: ========================

Application errors:

==================

Error: (07/27/2022 08:35:58 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program SystemSettings.exe version 10.0.19041.1566 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 547c

Start Time: 01d8a219b25af69b

Termination Time: 4294967295

Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

Report Id: 611d68dc-6021-4747-aafd-94fba460e96d

Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel

Hang type: Quiesce

Error: (07/27/2022 08:24:47 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program Microsoft.Photos.exe version 2022.30060.30007.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 23c0

Start Time: 01d8a2149ea8d266

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2022.30060.30007.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

Report Id: 518e959a-cb90-4949-b7de-e9fb69e39bb0

Faulting package full name: Microsoft.Windows.Photos_2022.30060.30007.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: App

Hang type: Quiesce

Error: (07/27/2022 08:01:34 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (07/27/2022 08:01:34 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (07/26/2022 09:54:33 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: wuauclt.exe, version: 10.0.19041.1806, time stamp: 0x17884906

Faulting module name: KERNELBASE.dll, version: 10.0.19041.1826, time stamp: 0x299341e8

Exception code: 0xc0000409

Fault offset: 0x000000000010fb62

Faulting process id: 0x5258

Faulting application start time: 0x01d8a15b002e6de5

Faulting application path: C:\WINDOWS\system32\wuauclt.exe

Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll

Report Id: 465a185b-a94a-4dc1-ad84-042f6517bcfa

Faulting package full name:

Faulting package-relative application ID:

Error: (07/26/2022 09:47:26 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program drvinst.exe version 10.0.19041.1620 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 676c

Start Time: 01d8a159d9f7f18f

Termination Time: 14

Application Path: C:\Windows\System32\drvinst.exe

Report Id: 5ffe2dbb-2fca-484d-be8f-fd193de463da

Faulting package full name:

Faulting package-relative application ID:

Hang type: Unknown

Error: (07/26/2022 09:34:46 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)

Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (07/26/2022 09:34:46 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)

Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

System errors:

=============

Error: (07/27/2022 08:58:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Device Setup Manager service failed to start due to the following error:

The service did not respond to the start or control request in a timely fashion.

Error: (07/27/2022 08:58:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Device Setup Manager service to connect.

Error: (07/27/2022 08:02:05 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: The Downloaded Maps Manager service hung on starting.

Error: (07/27/2022 07:54:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Autodesk Content Service service failed to start due to the following error:

The service did not respond to the start or control request in a timely fashion.

Error: (07/27/2022 07:54:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (45000 milliseconds) while waiting for the Autodesk Content Service service to connect.

Error: (07/27/2022 07:48:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: The Microsoft Defender Antivirus Service service terminated with the following error:

%%2147943515 = A system shutdown is in progress.

Error: (07/27/2022 07:48:23 PM) (Source: Service Control Manager) (EventID: 7043) (User: )

Description: The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.

Error: (07/27/2022 07:46:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Autodesk Content Service service failed to start due to the following error:

The service did not respond to the start or control request in a timely fashion.

Windows Defender:

================

Date: 2022-07-26 20:42:51

Description:

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2022-07-24 21:04:41

Description:

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2022-07-24 20:04:54

Description:

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2022-07-23 19:14:14

Description:

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2022-07-22 20:13:11

Description:

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

Event[0]:

Date: 2022-07-26 19:53:38

Description:

Microsoft Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version:

Previous security intelligence Version: 1.371.770.0

Update Source: Microsoft Malware Protection Center

Security intelligence Type: AntiVirus

Update Type: Full

Current Engine Version:

Previous Engine Version: 1.1.19400.3

Error code: 0x80070102

Error description: The wait operation timed out.

Date: 2022-07-26 19:31:17

Description:

Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.

Feature: On Access

Error Code: 0x80004005

Error description: Unspecified error

Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.

Date: 2022-07-24 19:21:16

Description:

Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.

Feature: On Access

Error Code: 0x80004005

Error description: Unspecified error

Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.

Date: 2022-07-12 18:57:44

Description:

Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.

Feature: On Access

Error Code: 0x8007043c

Error description: This service cannot be started in Safe Mode

Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2022-07-09 08:16:37

Description:

Microsoft Defender Antivirus has encountered an error trying to update security intelligence.

New security intelligence Version:

Previous security intelligence Version: 1.369.1030.0

Update Source: Microsoft Malware Protection Center

Security intelligence Type: AntiVirus

Update Type: Full

Current Engine Version:

Previous Engine Version: 1.1.19300.2

Error code: 0x8050a003

Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support.

CodeIntegrity:

===============

Date: 2022-07-27 20:34:25

Description:

Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82548830eadb8221\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-07-26 20:41:47

Description:

Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: Insyde Corp. V1.09 11/24/2017

Motherboard: Acer Megatron_SK

Processor: Intel® Core™ i5-7200U CPU @ 2.50GHz

Percentage of memory in use: 70%

Total physical RAM: 8060.13 MB

Available physical RAM: 2362.13 MB

Total Virtual: 11132.13 MB

Available Virtual: 4788.07 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:930.4 GB) (Free:781.56 GB) (Model: ST1000LM035-1RK172) NTFS

\\?\Volume{7eb56a98-cf59-41e6-ac99-e7cf9c5e081a}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.49 GB) NTFS

\\?\Volume{c72fc6a3-70ad-44be-ac5d-ae6c70dae0c6}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================

Disk: 0 (Size: 931.5 GB) (Disk ID: 6ADF85EA)

Partition: GPT.

==================== End of Addition.txt =======================


Edited by millworkman, 27 July 2022 - 08:29 PM.

Videos

1. This Will Clean Your Computer Viruses (Malware)
(Hardware Savvy)
2. How to Remove a Trojan/Virus/Miner (Windows)
(SensorsTechForum)
3. How to remove computer virus, malware, spyware, full computer clean and maintenance 2021
(Full Speed Mac & PC)
4. How to Remove ANY Virus from Windows 10 in ONE STEP in 2021
(Nico Knows Tech)
5. How To Remove All Mac Viruses, Malware, Adware, & Spyware | Full Deep Clean & Maintenance 2022
(Full Speed Mac & PC)
6. How to remove a virus or spyware from a computer (technician method)
(jarcom tech)

You might also like

Latest Posts

Article information

Author: Gregorio Kreiger

Last Updated: 08/28/2022

Views: 5639

Rating: 4.7 / 5 (77 voted)

Reviews: 92% of readers found this page helpful

Author information

Name: Gregorio Kreiger

Birthday: 1994-12-18

Address: 89212 Tracey Ramp, Sunside, MT 08453-0951

Phone: +9014805370218

Job: Customer Designer

Hobby: Mountain biking, Orienteering, Hiking, Sewing, Backpacking, Mushroom hunting, Backpacking

Introduction: My name is Gregorio Kreiger, I am a tender, brainy, enthusiastic, combative, agreeable, gentle, gentle person who loves writing and wants to share my knowledge and understanding with you.