Infected with plankjock.com trojan

Status
Not open for further replies.

jmoreno12

New Member
Thread author
Nov 14, 2019
5
I am having issues with a tojan virus called plankjock.com . I have tried running several malware scanning programs(Malwarebytes, SuperAntiSpyware, and HitmanPro) in safe mode with and without network connection to no avail. Does anyone have a solution?

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-11-2019
Ran by jmore_000 (administrator) on COOKYHOME (Hewlett-Packard 27-k350) (15-11-2019 09:29:59)
Running from C:\Users\jmore_000\Downloads
Loaded Profiles: jmore_000 (Available Profiles: jmore_000 & Elite Drivers RGV)
Platform: Windows 10 Home Version 1903 18362.418 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Amazon Services LLC -> Amazon Services LLC) C:\Users\jmore_000\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\Youcam_webcam_camera_video.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(DEVGURU Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client_85.4.155\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\Install\{BEDB41A8-566A-45C5-B976-1400E41F4743}\DropboxClient_85.4.155.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\jmore_000\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Portrait Displays, Inc. -> Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP My Display\DTune.exe
(Portrait Displays, Inc. -> Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP My Display\OSDManager.exe
(Portrait Displays, Inc. -> Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Libs\DTHelper.exe
(Portrait Displays, Inc. -> Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Libs\DTuneSrvc.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Support.com, Inc. -> SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(SurfRight B.V. -> SurfRight B.V.) C:\Program Files\HitmanPro\HitmanPro.exe
(SurfRight B.V. -> SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg_SOUNDEDGE] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1388400 2014-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7611608 2014-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [DT_HPO] => C:\Program Files (x86)\Hewlett-Packard\HP My Display\DTuneStartup.exe [142160 2014-01-28] (Portrait Displays, Inc. -> Hewlett-Packard)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2084920 2019-09-27] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) [File not signed]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [MCM] => C:\Program Files (x86)\Mp3 Convert Master\Mp3ConvertMaster.exe [2456064 2009-08-21] (Power Convert Mp3 Solution Ltd) [File not signed]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [4884016 2019-10-16] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6260544 2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3982568115-4214522293-509568142-1001\...\Run: [Amazon Music] => C:\Users\jmore_000\AppData\Local\Amazon Music\Amazon Music Helper.exe [3051448 2018-09-21] (Amazon Services LLC -> Amazon Services LLC)
HKU\S-1-5-21-3982568115-4214522293-509568142-1001\...\Run: [GoogleChromeAutoLaunch_0781D7BF8184AFF7686900BC204D3A23] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1696920 2019-11-05] (Google LLC -> Google LLC)
HKU\S-1-5-21-3982568115-4214522293-509568142-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9198000 2019-11-11] (Support.com, Inc. -> SUPERAntiSpyware)
HKU\S-1-5-21-3982568115-4214522293-509568142-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5506096 2019-10-16] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3982568115-4214522293-509568142-1001\...\Run: [Amazon Music Helper] => C:\Users\jmore_000\AppData\Local\Amazon Music\Amazon Music Helper.exe [3051448 2018-09-21] (Amazon Services LLC -> Amazon Services LLC)
HKU\S-1-5-21-3982568115-4214522293-509568142-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3982568115-4214522293-509568142-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3982568115-4214522293-509568142-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Ribbons.scr [151552 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.97\Installer\chrmstp.exe [2019-11-07] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> c:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2014-05-13] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-06-02]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
BootExecute: autocheck autochk * bootdelete

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06A208B1-DA71-4186-8470-F4EAE4ED6330} - System32\Tasks\G2MUpdateTask-S-1-5-21-3982568115-4214522293-509568142-1001 => C:\Users\jmore_000\AppData\Local\GoToMeeting\15502\g2mupdate.exe [32256 2019-10-29] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {0D0647DB-AADA-411E-9259-D7687AF8E310} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855944 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {114244E4-61DF-4F14-9120-7BDB0F38FFFE} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-18] (HP Inc. -> )
Task: {1C9E02FF-8D7E-46BB-B386-6B1530EA33D6} - System32\Tasks\YCMServiceAgent => c:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2014-05-13] (CyberLink Corp. -> CyberLink Corp.)
Task: {1E89B579-94A6-4027-9857-1A6C85EF64F9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [250232 2019-10-08] (HP Inc. -> HP Inc.)
Task: {257D3412-C567-4512-9526-936453C07CE7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {271087FD-6D99-4508-8B04-29A39EFE1C28} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-02-02] (Dropbox, Inc -> Dropbox, Inc.)
Task: {2B3270A3-BE26-4037-BA02-1259DECEDA38} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887688 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {381350F9-BF91-4318-80D8-C64D35B67A3A} - System32\Tasks\HPCeeScheduleForjmore_000 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [96568 2015-06-16] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {40AEBDD9-97FD-4E30-9AF5-08A75CE77D06} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {4467756D-F83A-4DD8-B538-EF92D413890C} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887688 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {47F47FD6-4016-4073-86F1-608A9B0AE7D3} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {4E1E52EA-9457-49D6-9F3F-ACEECB817C21} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [3271576 2015-11-03] (McAfee, Inc. -> McAfee, Inc.)
Task: {50930D54-3426-4260-834D-4241A4F2A5D9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367496 2019-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {57B011DB-9C72-468A-A5C3-49D64EFED3BA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-30] (Google Inc -> Google Inc.)
Task: {57C1013F-E8E8-4493-B109-730B8BCFE77E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {592E1516-1348-49F5-A8D9-6E85FCF2F4B6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {59685FA8-BF1F-4E3B-9F08-716B2A31679C} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-jmoreno.3900@yahoo.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [32256 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
Task: {6427ECD5-D5E0-4358-AB54-C8ABBB81EDC7} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1586296 2019-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {65B91AF7-A260-4A64-A718-D7F100ACFF25} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {6F4E1D7D-0619-45FF-B419-2EF17205CB86} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887688 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {720357D6-6DFF-4009-9492-28E7CB71112A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {776157A3-7B4C-48F1-BB84-B5D6EE0D96C0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367496 2019-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {7D3FCA74-2145-4977-9B19-0D7A0B384231} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {8022957D-26F6-4B49-A22E-6B0F37AB3EBA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114720 2019-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {80842597-F29D-425F-BEA9-80EBCFF39BE7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1423680 2019-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {90F62D91-844D-4C2C-BF2C-272DBDDC9D40} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {970071B3-74FD-495A-BE1B-D6D6695C93A5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> No File <==== ATTENTION
Task: {98C6FC37-F0B8-493B-82D9-3041A60915BC} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114720 2019-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {98CCEFBD-9765-4EA7-976B-72B51D0BBC2F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-30] (Google Inc -> Google Inc.)
Task: {9B0ECC70-A4BE-41BB-9715-615229CF71F6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {9B1689EC-4B3C-4A5B-907B-E4080155E51F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {9C000F4B-5737-4DE8-9A23-758935EA099F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {9F94B3C9-B15B-437A-ACEC-AC920E5CC264} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {AF720B13-5850-4A66-8666-4DB490A7CA04} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1094008 2019-10-10] (HP Inc. -> HP Inc.)
Task: {B006DEEF-81A7-412C-8BB7-DA19BF0F7197} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {B1BAD7BC-3EFC-429C-98A3-26D1C37A80D2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [145272 2019-10-31] (HP Inc. -> HP Inc.)
Task: {BA93662C-6E9A-4DE6-87A8-674D3F2B9FA3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1094008 2019-10-10] (HP Inc. -> HP Inc.)
Task: {BD47BCCD-C6C9-4806-96BC-968F0B86489F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [563080 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C76B5168-546B-4A63-A82D-8DB8E7DEE79E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-02-02] (Dropbox, Inc -> Dropbox, Inc.)
Task: {C8662990-DF9F-412A-B95D-81BA57C6E717} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {C8B5E7D1-F1E8-4FD6-A47C-1ECDCD2B1FC7} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [855944 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D13EF4E8-AEE7-4D64-AA7E-1EB316347092} - \WPD\SqmUpload_S-1-5-21-3982568115-4214522293-509568142-1001 -> No File <==== ATTENTION
Task: {D21D5C11-295C-458B-B78B-3025565D25EC} - System32\Tasks\G2MUploadTask-S-1-5-21-3982568115-4214522293-509568142-1001 => C:\Users\jmore_000\AppData\Local\GoToMeeting\15502\g2mupload.exe [32256 2019-10-29] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {D8EB6CB9-BF9A-4F48-A288-301AD673F454} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1423680 2019-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {DB0072F4-1E15-4BF9-860E-D296AEAF006B} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [887688 2018-12-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DCD005E9-3E84-4FBA-85CC-84AD25B0DBB9} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {DE286C01-2C9B-4419-AC17-15A4C7796678} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {E68EDC7A-A709-4669-B540-55F3FB1E7841} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {ED386C54-11A5-4971-9C56-0744EFD048DA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {EE7EFA29-1593-4A8B-B38A-3E528FDB7F01} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3982568115-4214522293-509568142-1001.job => C:\Users\jmore_000\AppData\Local\GoToMeeting\15502\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3982568115-4214522293-509568142-1001.job => C:\Users\jmore_000\AppData\Local\GoToMeeting\15502\g2mupload.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForjmore_000.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 209.18.47.63 209.18.47.61
Tcpip\..\Interfaces\{080e62ea-93a1-4b12-9641-12d4a0056103}: [DhcpNameServer] 209.18.47.63 209.18.47.61
Tcpip\..\Interfaces\{b295b1bb-37a7-4d95-a627-0e0c4c6f0581}: [DhcpNameServer] 209.18.47.63 209.18.47.61

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK14/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK14/1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK14/1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK14/1
HKU\S-1-5-21-3982568115-4214522293-509568142-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3982568115-4214522293-509568142-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK14/1
SearchScopes: HKLM -> {7AA09867-4E54-4A2D-8945-253DC20DF31F} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {7AA09867-4E54-4A2D-8945-253DC20DF31F} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3982568115-4214522293-509568142-1001 -> {7AA09867-4E54-4A2D-8945-253DC20DF31F} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-04-04] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) [File not signed]
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-12-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-04] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: lm1is63s.default
FF ProfilePath: C:\Users\jmore_000\AppData\Roaming\Mozilla\Firefox\Profiles\lm1is63s.default [2019-11-15]
FF Extension: (Invite All (for Facebook)) - C:\Users\jmore_000\AppData\Roaming\Mozilla\Firefox\Profiles\lm1is63s.default\Extensions\jid0-zs24wecdcQo0Lp18D7QOV4WSZFo@jetpack.xpi [2016-04-28] [Legacy]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] (Foxit Corporation -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] (Foxit Corporation -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-07] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-07] (Google Inc -> Google LLC)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2015-04-29] (WildTangent Inc -> )
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-10-16] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-09-27] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\S-1-5-21-3982568115-4214522293-509568142-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\jmore_000\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2019-10-14] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\jmore_000\AppData\Roaming\mozilla\plugins\npatgpc.dll [2017-04-27]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Notifications: Default -> hxxps://cmp.jobs; hxxps://pngio.com; hxxps://spark.adobe.com; hxxps://www.facebook.com; hxxps://www.kansascity.com
CHR Profile: C:\Users\jmore_000\AppData\Local\Google\Chrome\User Data\Default [2019-11-15]
CHR Extension: (SCI Cloud) - C:\Users\jmore_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaefammidooofffpejpgfhojicpganmn [2016-09-25]
CHR Extension: (MySCI - Home) - C:\Users\jmore_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bffdfmikffcojnglkbdihjddnnaefnee [2016-09-25]
CHR Extension: (Home | SCI Help Desk) - C:\Users\jmore_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpgicognapgpckdecnaaoebllniobamk [2016-09-25]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\jmore_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-24]
CHR Extension: (Adobe Acrobat) - C:\Users\jmore_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-10-01]
CHR Extension: (Block Site - Website Blocker for Chrome™) - C:\Users\jmore_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2019-11-07]
CHR Extension: (Google Docs Offline) - C:\Users\jmore_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-10]
CHR Extension: (Halogen) - C:\Users\jmore_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghelaoikfdnbncapmlgheedfiacpgclb [2016-09-25]
CHR Extension: (Time Sheet Calculator) - C:\Users\jmore_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdmcfmnegjaheaniekkiafeidgfhgffe [2016-09-25]
CHR Extension: (Invite All Friends for Facebook™) - C:\Users\jmore_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\iangljcnfgklhlhjkokndlemjddgoifd [2019-10-14]
CHR Extension: (Invite All Friends on Facebook) - C:\Users\jmore_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmmhkeajgflmokoaaoadgkhhmibjbpj [2019-05-22]
CHR Extension: (Cisco Webex Extension) - C:\Users\jmore_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2019-07-11]
CHR Extension: (Electronic Fax Customer Portal) - C:\Users\jmore_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\kafcdhlpmkapnpjfoagkeeknhmpcfhpm [2016-09-25]
CHR Extension: (SCI Help Desk) - C:\Users\jmore_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbfbejmjdfbedjpndibdgcidlegannpp [2016-09-25]
CHR Extension: (Halogen Software) - C:\Users\jmore_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nefjcebppkdbbihkoijdhnnacibanhmf [2016-09-25]
CHR Extension: (Moodle) - C:\Users\jmore_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\niiaaioenkpmemfahidekgjlklmcpjfm [2016-09-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jmore_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-07]
CHR Extension: (Chrome Media Router) - C:\Users\jmore_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-04]
CHR Profile: C:\Users\jmore_000\AppData\Local\Google\Chrome\User Data\System Profile [2019-09-09]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2019-11-11] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [823352 2019-09-27] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11642744 2019-10-25] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-02-02] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-02-02] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-11-14] (Dropbox, Inc -> Dropbox, Inc.)
R2 DTuneSrvc; C:\Program Files (x86)\Common Files\Portrait Displays\Libs\DTuneSrvc.exe [120328 2013-07-17] (Portrait Displays, Inc. -> Portrait Displays, Inc.)
R2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [11776224 2019-11-07] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373824 2015-05-27] (WildTangent Inc -> WildTangent)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [139504 2019-11-14] (SurfRight B.V. -> SurfRight B.V.)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [360312 2019-10-14] (HP Inc. -> HP Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [370560 2018-09-19] (Intel Corporation -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [519904 2019-11-07] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2019-09-23] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [780328 2019-09-23] (DEVGURU Co., Ltd. -> DEVGURU Co., LTD.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-10-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-04-26] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [136040 2019-09-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 EnigmaFileMonDriver; C:\WINDOWS\System32\drivers\EnigmaFileMonDriver.sys [68424 2019-11-15] (EnigmaSoft Limited -> EnigmaSoft Limited)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2019-11-04] (Malwarebytes Corporation -> Malwarebytes)
R3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [55232 2019-11-15] (SurfRight B.V. -> )
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-11-14] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2019-11-15] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2019-11-15] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-11-15] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [116832 2019-11-15] (Malwarebytes Corporation -> Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [118272 2014-04-03] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdc.inf_amd64_1683e6c24d03a407\nvlddmkm.sys [21776528 2019-07-09] (NVIDIA Corporation -> NVIDIA Corporation)
R0 PxHlpa64; C:\WINDOWS\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation -> Corel Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [896768 2016-02-17] (Realtek Semiconductor Corp -> Realtek )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2019-09-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-10-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-10-28] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-10-28] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-15 09:30 - 2019-11-15 09:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-11-15 09:29 - 2019-11-15 09:32 - 000050338 _____ C:\Users\jmore_000\Downloads\FRST.txt
2019-11-15 09:28 - 2019-11-15 09:32 - 000000000 ____D C:\FRST
2019-11-15 09:25 - 2019-11-15 09:26 - 002260480 _____ (Farbar) C:\Users\jmore_000\Downloads\FRST64.exe
2019-11-15 09:18 - 2019-11-15 09:18 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-11-15 09:18 - 2019-11-15 09:18 - 000224408 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-11-15 09:18 - 2019-11-15 09:18 - 000116832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-11-15 09:18 - 2019-11-15 09:18 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-11-14 15:38 - 2019-11-14 15:52 - 000002418 _____ C:\Users\jmore_000\Desktop\Rkill.txt
2019-11-14 15:38 - 2019-11-14 15:38 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\jmore_000\Downloads\rkill.exe
2019-11-14 15:17 - 2019-11-14 15:17 - 000000000 ____D C:\Users\jmore_000\AppData\Local\ElevatedDiagnostics
2019-11-14 14:35 - 2019-11-15 09:28 - 000055232 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2019-11-14 13:52 - 2019-11-14 13:52 - 000753810 _____ C:\WINDOWS\system32\.crusader
2019-11-14 13:38 - 2019-11-14 13:53 - 000000000 ____D C:\ProgramData\HitmanPro
2019-11-14 13:38 - 2019-11-14 13:38 - 011539456 _____ (SurfRight B.V.) C:\Users\jmore_000\Downloads\HitmanPro_x64.exe
2019-11-14 13:38 - 2019-11-14 13:38 - 000001969 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2019-11-14 13:38 - 2019-11-14 13:38 - 000001969 _____ C:\ProgramData\Desktop\HitmanPro.lnk
2019-11-14 13:38 - 2019-11-14 13:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2019-11-14 13:38 - 2019-11-14 13:38 - 000000000 ____D C:\Program Files\HitmanPro
2019-11-14 12:34 - 2019-11-14 12:34 - 000001033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2020.lnk
2019-11-14 12:32 - 2019-11-14 12:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxon
2019-11-14 12:29 - 2019-11-14 12:33 - 000000000 ____D C:\Program Files\Maxon Cinema 4D R21
2019-11-14 12:29 - 2019-11-14 12:29 - 000001257 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2020.lnk
2019-11-14 12:21 - 2019-11-14 12:21 - 000001071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2020.lnk
2019-11-14 11:15 - 2019-11-14 15:35 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-11-14 06:19 - 2019-11-14 06:19 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-11-14 06:19 - 2019-11-14 06:19 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-11-14 06:19 - 2019-11-14 06:19 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-11-14 06:19 - 2019-11-14 06:19 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-11-14 04:21 - 2019-11-14 04:21 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2019-11-14 04:21 - 2019-11-14 04:21 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2019-11-11 10:46 - 2019-11-11 10:46 - 000001149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2020.lnk
2019-11-11 10:29 - 2019-11-11 10:29 - 000001089 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition 2020.lnk
2019-11-11 10:25 - 2019-11-11 10:25 - 000001092 _____ C:\Users\jmore_000\Desktop\Adobe Lightroom Classic.lnk
2019-11-11 10:25 - 2019-11-11 10:25 - 000001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk
2019-11-08 15:53 - 2019-11-08 15:53 - 000001137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2020.lnk
2019-11-08 15:32 - 2019-11-08 15:32 - 000001059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign 2020.lnk
2019-11-08 14:59 - 2019-11-08 14:59 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2020.lnk
2019-11-07 14:56 - 2019-11-15 09:18 - 000068424 _____ (EnigmaSoft Limited) C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys
2019-11-07 14:56 - 2019-11-07 14:56 - 000001062 _____ C:\Users\Public\Desktop\SpyHunter5.lnk
2019-11-07 14:56 - 2019-11-07 14:56 - 000001062 _____ C:\ProgramData\Desktop\SpyHunter5.lnk
2019-11-07 14:56 - 2019-11-07 14:56 - 000000000 ____D C:\sh5ldr
2019-11-07 14:56 - 2019-11-07 14:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2019-11-07 14:56 - 2019-11-07 14:56 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2019-11-07 14:55 - 2019-11-07 14:55 - 006946736 _____ (EnigmaSoft Limited) C:\Users\jmore_000\Downloads\SpyHunter-Installer.exe
2019-11-07 14:55 - 2019-11-07 14:55 - 000000000 ____D C:\Program Files\EnigmaSoft
2019-11-07 14:51 - 2019-11-07 14:51 - 000841241 _____ C:\Users\jmore_000\Downloads\rkill.zip
2019-11-07 10:51 - 2019-11-14 15:16 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-11-04 16:44 - 2019-11-04 16:44 - 000000000 ____D C:\Users\Elite Drivers RGV\AppData\Local\Comms
2019-11-04 16:30 - 2019-11-04 16:31 - 000003390 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3982568115-4214522293-509568142-1005
2019-11-04 16:30 - 2019-11-04 16:31 - 000000000 ___RD C:\Users\Elite Drivers RGV\OneDrive
2019-11-04 16:29 - 2019-11-04 16:29 - 000000000 ____D C:\Users\Elite Drivers RGV\AppData\Local\PlaceholderTileLogoFolder
2019-11-04 16:28 - 2019-11-07 10:54 - 000000000 ____D C:\Users\Elite Drivers RGV\AppData\Local\NVIDIA Corporation
2019-11-04 16:28 - 2019-11-04 16:38 - 000000000 ____D C:\Users\Elite Drivers RGV\AppData\Local\Adobe
2019-11-04 16:28 - 2019-11-04 16:28 - 000000000 ____D C:\Users\Elite Drivers RGV\AppData\Roaming\Apple Computer
2019-11-04 16:28 - 2019-11-04 16:28 - 000000000 ____D C:\Users\Elite Drivers RGV\AppData\Local\Portrait_Displays
2019-11-04 16:28 - 2019-11-04 16:28 - 000000000 ____D C:\Users\Elite Drivers RGV\AppData\Local\IsolatedStorage
2019-11-04 16:28 - 2019-11-04 16:28 - 000000000 ____D C:\Users\Elite Drivers RGV\AppData\Local\D3DSCache
2019-11-04 16:28 - 2019-11-04 16:28 - 000000000 ____D C:\Users\Elite Drivers RGV\AppData\Local\CEF
2019-11-04 16:27 - 2019-11-04 16:27 - 000001450 _____ C:\Users\Elite Drivers RGV\Desktop\Microsoft Edge.lnk
2019-11-04 16:26 - 2019-11-11 15:18 - 000000000 ____D C:\Users\Elite Drivers RGV
2019-11-04 16:26 - 2019-11-07 11:02 - 000000000 ____D C:\Users\Elite Drivers RGV\AppData\Roaming\Adobe
2019-11-04 16:26 - 2019-11-04 16:53 - 000000000 ____D C:\Users\Elite Drivers RGV\AppData\Local\Packages
2019-11-04 16:26 - 2019-11-04 16:31 - 000002446 _____ C:\Users\Elite Drivers RGV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-04 16:26 - 2019-11-04 16:26 - 000000020 ___SH C:\Users\Elite Drivers RGV\ntuser.ini
2019-11-04 16:26 - 2019-11-04 16:26 - 000000000 __SHD C:\Users\Elite Drivers RGV\IntelGraphicsProfiles
2019-11-04 16:26 - 2019-11-04 16:26 - 000000000 ___RD C:\Users\Elite Drivers RGV\3D Objects
2019-11-04 16:26 - 2019-11-04 16:26 - 000000000 ___HD C:\Users\Elite Drivers RGV\MicrosoftEdgeBackups
2019-11-04 16:26 - 2019-11-04 16:26 - 000000000 ____D C:\Users\Elite Drivers RGV\AppData\Local\VirtualStore
2019-11-04 16:26 - 2019-11-04 16:26 - 000000000 ____D C:\Users\Elite Drivers RGV\AppData\Local\Publishers
2019-11-04 16:26 - 2019-11-04 16:26 - 000000000 ____D C:\Users\Elite Drivers RGV\AppData\Local\MicrosoftEdge
2019-11-04 16:26 - 2019-11-04 16:26 - 000000000 ____D C:\Users\Elite Drivers RGV\AppData\Local\mbamtray
2019-11-04 16:26 - 2019-11-04 16:26 - 000000000 ____D C:\Users\Elite Drivers RGV\AppData\Local\Google
2019-11-04 16:26 - 2019-11-04 16:26 - 000000000 ____D C:\Users\Elite Drivers RGV\AppData\Local\ConnectedDevicesPlatform
2019-11-04 16:26 - 2016-09-28 03:18 - 000000000 ____D C:\Users\Elite Drivers RGV\Documents\hp.system.package.metadata
2019-11-04 16:26 - 2016-09-28 03:18 - 000000000 ____D C:\Users\Elite Drivers RGV\Documents\hp.applications.package.appdata
2019-11-04 13:38 - 2019-11-04 17:01 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-11-04 13:38 - 2019-11-04 13:38 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-11-04 13:38 - 2019-11-04 13:38 - 000001919 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2019-11-04 13:38 - 2019-11-04 13:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-11-04 13:38 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-10-31 11:21 - 2019-10-31 11:21 - 012281405 _____ C:\Users\jmore_000\Downloads\graphicriver-EK5I4dhk-rust-photoshop-layer-styles-v1.zip
2019-10-24 22:54 - 2019-10-24 22:54 - 000001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2019.lnk
2019-10-24 16:04 - 2019-10-24 16:04 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-10-24 16:04 - 2019-10-24 16:04 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-10-24 16:04 - 2019-10-24 16:04 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-10-24 16:04 - 2019-10-24 16:04 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-10-24 16:04 - 2019-10-24 16:04 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-10-24 16:04 - 2019-10-24 16:04 - 000065064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-10-24 16:04 - 2019-10-24 16:04 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2019-10-24 16:04 - 2019-10-24 16:04 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-10-24 16:04 - 2019-10-24 16:04 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-10-24 16:04 - 2019-10-24 16:04 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-10-16 14:27 - 2019-10-16 14:27 - 000065176 _____ (Adobe Systems Inc) C:\WINDOWS\system32\AdobePDF.dll
2019-10-16 14:27 - 2019-10-16 14:27 - 000036504 _____ (Adobe Systems Inc.) C:\WINDOWS\system32\AdobePDFUI.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-15 09:33 - 2019-03-18 22:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-11-15 09:31 - 2018-02-02 14:45 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-11-15 09:30 - 2019-10-01 15:31 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-11-15 09:30 - 2019-10-01 15:31 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-11-15 09:28 - 2015-04-24 17:26 - 000000000 ____D C:\Users\jmore_000\Documents\Youcam
2019-11-15 09:27 - 2019-09-27 19:07 - 000004162 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{E85CC172-E69F-48FC-BBCE-D639A55ECDC3}
2019-11-15 09:23 - 2019-09-27 18:52 - 000935156 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-11-15 09:23 - 2019-03-18 22:50 - 000000000 ____D C:\WINDOWS\INF
2019-11-15 09:22 - 2015-04-24 17:49 - 000000000 ___RD C:\Users\jmore_000\Creative Cloud Files
2019-11-15 09:22 - 2015-04-24 17:45 - 000000000 ____D C:\Users\jmore_000\AppData\Local\Adobe
2019-11-15 09:19 - 2017-10-15 13:49 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-11-15 09:19 - 2015-04-24 17:25 - 000000000 __SHD C:\Users\jmore_000\IntelGraphicsProfiles
2019-11-15 09:18 - 2019-09-27 19:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-11-15 09:18 - 2017-10-15 13:50 - 000000000 ____D C:\ProgramData\NVIDIA
2019-11-15 09:16 - 2019-03-18 22:37 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2019-11-15 09:10 - 2019-09-27 18:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-11-14 17:37 - 2019-03-18 22:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-11-14 17:37 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-11-14 17:14 - 2015-07-06 16:54 - 000748816 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-11-14 17:12 - 2015-04-30 04:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-11-14 17:08 - 2015-04-30 04:03 - 128443096 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-11-14 13:52 - 2017-10-15 13:47 - 000000000 ____D C:\ProgramData\HP
2019-11-14 12:55 - 2019-03-18 22:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-11-14 12:55 - 2019-03-18 22:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-11-14 12:55 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-11-14 12:55 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-11-14 12:55 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-11-14 12:55 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-11-14 12:55 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-11-14 12:55 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\DiagTrack
2019-11-14 12:55 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-11-14 12:34 - 2018-12-17 23:29 - 000000000 ___HD C:\adobeTemp
2019-11-14 12:29 - 2015-10-15 21:41 - 000000000 ____D C:\Users\Public\Documents\Adobe
2019-11-14 12:29 - 2015-10-15 21:41 - 000000000 ____D C:\ProgramData\Documents\Adobe
2019-11-14 12:29 - 2015-04-24 18:00 - 000000000 ____D C:\Program Files\Adobe
2019-11-14 12:21 - 2015-05-27 14:29 - 000000000 ____D C:\Users\jmore_000\Documents\Adobe
2019-11-14 12:21 - 2015-04-24 17:49 - 000000000 ____D C:\ProgramData\Adobe
2019-11-14 12:21 - 2015-04-24 17:25 - 000000000 ____D C:\Users\jmore_000\AppData\Roaming\Adobe
2019-11-14 11:16 - 2015-11-06 16:57 - 000001980 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2019-11-14 11:16 - 2015-11-06 16:57 - 000001980 _____ C:\ProgramData\Desktop\SUPERAntiSpyware Free Edition.lnk
2019-11-14 10:56 - 2019-09-03 18:22 - 000000368 _____ C:\WINDOWS\Tasks\HPCeeScheduleForjmore_000.job
2019-11-14 10:44 - 2017-04-05 12:51 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2019-11-14 05:41 - 2019-03-18 22:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-11-11 13:22 - 2019-09-27 19:07 - 000003276 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForjmore_000
2019-11-11 10:51 - 2015-11-06 16:57 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2019-11-11 10:47 - 2019-07-16 13:43 - 000000000 ____D C:\Users\jmore_000\Documents\Elite
2019-11-11 10:34 - 2015-05-06 06:33 - 000000000 ____D C:\Users\jmore_000\Documents\Stock
2019-11-11 09:50 - 2019-09-10 13:18 - 000000000 ____D C:\Users\jmore_000\AppData\Local\GoToMeeting
2019-11-11 09:40 - 2019-09-10 13:18 - 000000678 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3982568115-4214522293-509568142-1001.job
2019-11-11 09:40 - 2019-09-10 13:18 - 000000582 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3982568115-4214522293-509568142-1001.job
2019-11-08 15:01 - 2015-04-24 17:58 - 000000000 ____D C:\Program Files\Common Files\Adobe
2019-11-07 18:26 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-11-07 17:50 - 2018-07-11 16:05 - 000000000 ____D C:\ProgramData\Packages
2019-11-07 14:48 - 2015-09-30 12:34 - 000002380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-07 11:03 - 2019-09-27 19:07 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-11-07 11:03 - 2019-09-27 19:07 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-11-07 10:52 - 2015-04-24 17:33 - 000000000 ____D C:\Program Files (x86)\Google
2019-11-04 16:26 - 2015-04-24 17:08 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-11-04 13:39 - 2015-06-09 07:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-11-04 13:38 - 2019-03-18 22:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-11-04 08:08 - 2014-07-06 21:29 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-10-31 14:07 - 2019-09-27 19:07 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3982568115-4214522293-509568142-1001
2019-10-31 14:07 - 2019-09-27 18:43 - 000002422 _____ C:\Users\jmore_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-31 14:07 - 2015-04-24 17:29 - 000000000 __RDO C:\Users\jmore_000\OneDrive
2019-10-31 11:47 - 2015-05-06 07:29 - 000000000 ____D C:\Users\jmore_000\Documents\buckncrazy
2019-10-30 09:58 - 2018-04-05 08:53 - 000000000 ____D C:\Users\jmore_000\AppData\Local\PlaceholderTileLogoFolder
2019-10-30 09:58 - 2017-12-28 15:48 - 000000000 ____D C:\Users\jmore_000\AppData\Local\Packages
2019-10-29 08:46 - 2019-09-27 19:07 - 000003842 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-3982568115-4214522293-509568142-1001
2019-10-29 08:46 - 2019-09-27 19:07 - 000003746 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-3982568115-4214522293-509568142-1001
2019-10-28 12:33 - 2018-02-26 01:39 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-10-24 13:03 - 2019-09-27 19:07 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2019-10-24 13:00 - 2017-04-05 12:51 - 000002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2019-10-21 14:12 - 2019-10-01 15:31 - 000003518 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2019-10-17 11:09 - 2018-02-02 14:45 - 000000000 ____D C:\Users\jmore_000\AppData\Local\Dropbox
2019-10-17 08:56 - 2018-02-02 14:51 - 000000000 ___RD C:\Users\jmore_000\Dropbox

==================== Files in the root of some directories ========

2015-06-15 20:59 - 2018-08-30 13:08 - 000000033 _____ () C:\Users\jmore_000\AppData\Roaming\AdobeWLCMCache.dat
2018-10-05 14:31 - 2018-10-05 14:31 - 000000000 _____ () C:\Users\jmore_000\AppData\Local\oobelibMkey.log
2015-06-06 07:09 - 2015-06-06 07:09 - 000000000 _____ () C:\Users\jmore_000\AppData\Local\{4B94AA99-F834-43FC-94D6-971E497F0CAE}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2019
Ran by jmore_000 (15-11-2019 09:35:34)
Running from C:\Users\jmore_000\Downloads
Windows 10 Home Version 1903 18362.418 (X64) (2019-09-28 01:09:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3982568115-4214522293-509568142-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3982568115-4214522293-509568142-503 - Limited - Disabled)
Elite Drivers RGV (S-1-5-21-3982568115-4214522293-509568142-1005 - Limited - Enabled) => C:\Users\Elite Drivers RGV
Guest (S-1-5-21-3982568115-4214522293-509568142-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3982568115-4214522293-509568142-1003 - Limited - Enabled)
jmore_000 (S-1-5-21-3982568115-4214522293-509568142-1001 - Administrator - Enabled) => C:\Users\jmore_000
WDAGUtilityAccount (S-1-5-21-3982568115-4214522293-509568142-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4 Elements II (HKLM-x32\...\WTA-666a7241-638e-4ec2-8667-1cc0b6e05d46) (Version: 2.2.0.98 - WildTangent) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.021.20056 - Adobe Systems Incorporated)
Adobe After Effects 2019 (HKLM-x32\...\AEFT_16_1_3) (Version: 16.1.3 - Adobe Systems Incorporated)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_0) (Version: 17.0 - Adobe Systems Incorporated)
Adobe After Effects CC 2015.3 (HKLM-x32\...\AEFT_13_8_1) (Version: 13.8.1 - Adobe Systems Incorporated)
Adobe Audition 2019 (HKLM-x32\...\AUDT_12_1_5) (Version: 12.1.5 - Adobe Systems Incorporated)
Adobe Audition 2020 (HKLM-x32\...\AUDT_13_0) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Audition CC 2018 (HKLM-x32\...\AUDT_11_1_1) (Version: 11.1.1 - Adobe Systems Incorporated)
Adobe Bridge 2019 (HKLM-x32\...\KBRG_9_1) (Version: 9.1 - Adobe Systems Incorporated)
Adobe Bridge 2020 (HKLM-x32\...\KBRG_10_0) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Bridge CC 2015 (HKLM-x32\...\KBRG_6_3_1) (Version: 6.3.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.0.0.354 - Adobe Systems Incorporated)
Adobe Illustrator 2020 (HKLM-x32\...\ILST_24_0) (Version: 24.0 - Adobe Systems Incorporated)
Adobe InDesign 2019 (HKLM-x32\...\IDSN_14_0_3) (Version: 14.0.3 - Adobe Systems Incorporated)
Adobe InDesign 2020 (HKLM-x32\...\IDSN_15_0) (Version: 15.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2015 (HKLM-x32\...\{DBFD0312-6E55-1014-8952-E78D43BC0147}) (Version: 11.4.1.102 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.7 - Adobe Systems Incorporated)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_9_0) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Media Encoder 2019 (HKLM-x32\...\AME_13_1_5) (Version: 13.1.5 - Adobe Systems Incorporated)
Adobe Media Encoder 2020 (HKLM-x32\...\AME_14_0) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015.3 (HKLM-x32\...\AME_10_4_0) (Version: 10.4.0 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_1) (Version: 21.0.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_7) (Version: 18.1.7 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_9) (Version: 19.1.9 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_7) (Version: 20.0.7 - Adobe Systems Incorporated)
Adobe Premiere Pro 2019 (HKLM-x32\...\PPRO_13_1_5) (Version: 13.1.5 - Adobe Systems Incorporated)
Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_0) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015.3 (HKLM-x32\...\PPRO_10_4_0) (Version: 10.4.0 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-3982568115-4214522293-509568142-1001\...\Amazon Amazon Music) (Version: 6.8.0.1378 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ArcSoft Family Paint (HKLM-x32\...\{8393D59B-D45F-470B-90EB-EEA15E664AE7}) (Version: 1.0.5.275 - ArcSoft)
Azkend 2: The World Beneath (HKLM-x32\...\WTA-4ad93b6e-d878-4bd8-9ccc-32920945dde2) (Version: 2.2.0.98 - WildTangent) Hidden
B209a-m (HKLM-x32\...\{EAAAF7C8-7DCA-449E-B618-81B86BA92A20}) (Version: 140.0.851.000 - Hewlett-Packard) Hidden
Barn Yarn Collector's Edition (HKLM-x32\...\WTA-80dfe2b0-ff8f-452d-bd3d-e88cf9ade9e6) (Version: 3.0.2.48 - WildTangent) Hidden
Bejeweled 3 (HKLM-x32\...\WTA-178e194c-547e-4a53-b7d9-426f66542b90) (Version: 3.0.2.59 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 6.30.223.232 - Broadcom Corporation)
Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.0.9130 - Broadcom Corporation)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Build-a-lot Mysteries (HKLM-x32\...\WTA-6d08b880-18d6-405b-8554-06f72e6c8c43) (Version: 3.0.2.51 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Coolmuster Android Assistant (HKU\S-1-5-21-3982568115-4214522293-509568142-1001\...\Coolmuster Android Assistant) (Version: 4.3.538 - Coolmuster)
Cozi (HKLM-x32\...\{EC8228E5-80A1-42EE-BA03-DE19D8D5A1E0}) (Version: 2.0.8722.42485 - Cozi Group, Inc.)
Curse at Twilight (HKLM-x32\...\WTA-10b6bc15-1cb3-4871-a118-f3522284ca8e) (Version: 3.0.2.51 - WildTangent) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.7.4023 - CyberLink Corp.)
CyberLink MediaEspresso 6.7 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.7.2.5214 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.2.5405 - CyberLink Corp.) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.2.5405 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4.4119 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.7.4016 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.1.3004 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.1.3004 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.4.4113 - CyberLink Corp.)
Delicious - Emily's Wonder Wedding Premium Edition (HKLM-x32\...\WTA-dcbfa798-bbb0-42ac-ae33-8cd52fe2b4b7) (Version: 3.0.2.48 - WildTangent) Hidden
Denon and Marantz Professional DMP Mark Editor 1.1.0 (HKLM-x32\...\{4348C33D-122A-458E-AA1A-C69DC7A8ED87}) (Version: 1.1.0 - Denon and Marantz Professional)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 85.4.155 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.3 (HKLM-x32\...\{E461B1AC-BC3C-11E3-B5B8-00163E98E7D6}) (Version: 5.3.0.3360 - Evernote Corp.)
Farm Frenzy (HKLM-x32\...\WTA-5f421856-1689-44fa-b0d2-a39bb8902065) (Version: 3.0.2.59 - WildTangent) Hidden
Farmington Tales 2 - Winter Crop (HKLM-x32\...\WTA-47d78052-7545-45b7-8249-7d419af28201) (Version: 3.0.2.59 - WildTangent) Hidden
Fishdom 3: Collector's Edition (HKLM-x32\...\WTA-487bb28e-a4cc-4a0b-9894-a297ae80af8b) (Version: 3.0.2.38 - WildTangent) Hidden
FiveNights2_Install (HKU\S-1-5-21-3982568115-4214522293-509568142-1001\...\FiveNights2_Install) (Version: - )
Fort Defense (HKLM-x32\...\WTA-80f377e2-2f01-47b1-8ff9-f6a2caf014a8) (Version: 3.0.2.51 - WildTangent) Hidden
Foxit PhantomPDF (HKLM-x32\...\{00CD7D62-056A-4F0F-9143-44522D44E6DD}) (Version: 6.0.32.507 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.97 - Google LLC)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
GoTo Opener (HKLM-x32\...\{27288E10-7B6A-4EAD-BF7D-C40F86C3C751}) (Version: 1.0.527 - LogMeIn, Inc.)
GoToMeeting 10.3.0.15502 (HKU\S-1-5-21-3982568115-4214522293-509568142-1001\...\GoToMeeting) (Version: 10.3.0.15502 - LogMeIn, Inc.)
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-116190c4-fad8-4c3a-bc8b-9e174325449c) (Version: 3.0.2.59 - WildTangent) Hidden
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.15.306 - SurfRight B.V.)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Documentation (HKLM-x32\...\{2BCA9FBB-9606-4689-8BAA-F63981F674FC}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP My Display (HKLM-x32\...\{448286F7-9BCC-4254-A6DC-CB40DC852F55}) (Version: 2.08.20.0 - Portrait Displays, Inc.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Photosmart Plus B209a-m All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{E5BC8CEA-6C57-491E-83C0-4D0FA958C7F3}) (Version: 14.0 - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.8.24.33 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.13.42.1 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.11 - Softex Inc.) Hidden
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.1.1000 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5058 - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
Jewel Match 3 (HKLM-x32\...\WTA-e38ae5c7-7ec5-4f55-b91b-0a6c9a32abf8) (Version: 3.0.2.59 - WildTangent) Hidden
Joining Hands 2 (HKLM-x32\...\WTA-f7ed15b5-2b32-45e4-973b-72589c8ae27d) (Version: 3.0.2.51 - WildTangent) Hidden
Jo's Dream Organic Coffee 2 (HKLM-x32\...\WTA-591e9750-e376-406c-a1c6-6e12d2489c5c) (Version: 3.0.2.59 - WildTangent) Hidden
King Oddball (HKLM-x32\...\WTA-9d6e1a49-776f-4ad5-914e-27c6e340911d) (Version: 3.0.2.48 - WildTangent) Hidden
Lost in Reefs 2 (HKLM-x32\...\WTA-159dcf7a-c13a-407f-81a0-6d4a1274f79d) (Version: 3.0.2.51 - WildTangent) Hidden
LUXOR Evolved (HKLM-x32\...\WTA-3620bb09-d6fd-482f-9f57-f8b570d99d71) (Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
MarketResearch (HKLM-x32\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Maxon Cinema 4D R21 (HKLM\...\Maxon Cinema 4D R21) (Version: R21 - Maxon)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.12130.20272 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3982568115-4214522293-509568142-1001\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Monopoly version 1.615863 (HKLM-x32\...\{d176ba37-928e-4b25-9a62-78b2c73331f8}_is1) (Version: 1.615863 - EA)
Movavi Screen Recorder 10 (HKU\S-1-5-21-3982568115-4214522293-509568142-1001\...\Movavi Screen Recorder 10) (Version: 10.4.0 - Movavi)
Mozilla Firefox 64.0 (x64 en-US) (HKLM\...\Mozilla Firefox 64.0 (x64 en-US)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 64.0.0.6914 - Mozilla)
Mp3 Convert Master v1.1.1.555 (HKLM-x32\...\Mp3 Convert Master_is1) (Version: - Power Convert Mp3 Solution Ltd.)
Mystery P.I. - Curious Case of Counterfeit Cove (HKLM-x32\...\WTA-1468a5d0-33db-4f5a-9df3-c55dbd8388a0) (Version: 3.0.2.59 - WildTangent) Hidden
Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.306.000 - Hewlett-Packard) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Update 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12130.20272 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12130.20272 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12130.20272 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12130.20272 - Microsoft Corporation) Hidden
Peggle Nights (HKLM-x32\...\WTA-6db8013e-40d5-4547-a19d-35dd5dd4fa45) (Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (HKLM-x32\...\WTA-7ff21405-7749-4aed-93f8-4ccd454c9315) (Version: 3.0.2.59 - WildTangent) Hidden
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-4b3baf86-8cc7-4a09-82c0-13b9f2ad43d9) (Version: 3.0.2.51 - WildTangent) Hidden
Polar Bowler 1st Frame (HKLM-x32\...\WTA-82871413-56f8-4ef3-a89b-cbbeb9e1f553) (Version: 3.0.2.59 - WildTangent) Hidden
PS_AIO_06_B209a-m_SW_Min (HKLM-x32\...\{020D1D55-604C-4808-BFE2-E536E2A35A59}) (Version: 140.0.863.000 - Hewlett-Packard) Hidden
Quicken 2012 (HKLM-x32\...\{0A1E0BDA-5E8F-436d-8BE5-7E97C5CB899D}) (Version: 21.1.7.18 - Intuit)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
QuickTransfer (HKLM-x32\...\{E517094C-06B6-419F-8FFD-EF4F57972130}) (Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29080 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.31.423.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7261 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.0.7316 - CyberLink Corp.) Hidden
Riffstation (HKU\S-1-5-21-3982568115-4214522293-509568142-1001\...\{a52cee3c-18de-4818-9493-de3bd16a2200}) (Version: 1.6.3 - Sonic Ladder Ltd.)
Roads of Rome 3 (HKLM-x32\...\WTA-255a670e-54c6-46ac-92c8-70364d7120fe) (Version: 2.2.0.98 - WildTangent) Hidden
Roblox Player for jmore_000 (HKU\S-1-5-21-3982568115-4214522293-509568142-1001\...\roblox-player) (Version: - Roblox Corporation)
ROBLOX Studio for jmore_000 (HKU\S-1-5-21-3982568115-4214522293-509568142-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.17.0 - Samsung Electronics Co., Ltd.)
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.19091.5 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.19091.5 - Samsung Electronics Co., Ltd.)
Solitaire Mystery Four Seasons (HKLM-x32\...\WTA-a328e147-733b-4797-8d50-7f25cbf8519f) (Version: 3.0.2.51 - WildTangent) Hidden
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Sparkle 2 (HKLM-x32\...\WTA-1ad92c16-97af-4fd3-a443-f6ed5d8558c1) (Version: 3.0.2.51 - WildTangent) Hidden
SpyHunter 5 (HKLM-x32\...\SpyHunter5) (Version: 5.7.22.151 - EnigmaSoft Limited)
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1208 - SUPERAntiSpyware.com)
Tales of Lagoona (HKLM-x32\...\WTA-4e32be96-e5d0-4533-971c-1a1fe6022062) (Version: 2.2.0.110 - WildTangent) Hidden
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Viking Saga (HKLM-x32\...\WTA-c3d80ff7-0a21-4582-ac77-f24b9617d2e4) (Version: 3.0.2.48 - WildTangent) Hidden
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.11.9 - WildTangent) Hidden
Youda Jewel Shop (HKLM-x32\...\WTA-92a38901-8a15-4ffe-a49f-c2dd0e985e89) (Version: 3.0.2.51 - WildTangent) Hidden
Zoom (HKU\S-1-5-21-3982568115-4214522293-509568142-1001\...\ZoomUMX) (Version: 4.5 - Zoom Video Communications, Inc.)

Packages:
=========
- Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2015-06-27] (WildTangent Games)
AccuWeather - Weather for Life -> C:\Program Files\WindowsApps\AccuWeather.AccuWeatherforWindows8_10.0.348.1000_x64__8zz2pj9h1h1d8 [2018-04-07] (AccuWeather) [MS Ad]
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-01-29] (Adobe Systems Incorporated)
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2019-07-23] (Adobe Systems Incorporated)
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2811.0_x64__343d40qqvtj1t [2018-06-28] (Amazon.com)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.151.300.0_x86__kgqvnymyfvs32 [2019-11-07] (king.com)
Disney Fairies Hidden Treasures - Lite -> C:\Program Files\WindowsApps\Microsoft.DisneyFairiesHiddenTreasures-Lite_1.2.0.25768_x86__8wekyb3d8bbwe [2015-04-28] (Microsoft Studios)
Display Brightness Control -> C:\Program Files\WindowsApps\63518DeviceApps.DisplayBrightnessControl_1.1.0.0_x64__d42rpqwnhtzqj [2019-09-09] (Device Apps)
Fingertapps Instruments for HP -> C:\Program Files\WindowsApps\FingertappsLimited.FingertappsInstrumentsforHP_2.0.7.2622_x86__xyaa4br1qtzw0 [2014-07-06] (Fingertapps Limited)
Getting Started with Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6 [2015-04-28] (Hewlett-Packard Company)
HP Classic Board Games -> C:\Program Files\WindowsApps\JoystickInteractiveCorp.HPClassicBoardGames_0.1.0.22_x86__xp31en7mws8xe [2014-07-06] (Joystick Interactive Corp)
HP Connected Drive -> C:\Program Files\WindowsApps\AD2F1837.HPFileViewer_4.4.32.190_x64__v10z8vjag6ke6 [2016-01-06] (HP Inc.)
HP Connected Music -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedMusic_1.5.0.253_x86__v10z8vjag6ke6 [2015-10-31] (Hewlett-Packard Company)
HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.166_neutral__v10z8vjag6ke6 [2015-04-28] (Hewlett-Packard Company)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.618.0_x64__v10z8vjag6ke6 [2019-10-22] (HP Inc.)
Jigswar for HP -> C:\Program Files\WindowsApps\FingertappsLimited.JigswarforHP_1.0.0.922_x86__xyaa4br1qtzw0 [2014-07-06] (Fingertapps Limited)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20368.0_x64__8wekyb3d8bbwe [2019-11-07] (Microsoft Corporation) [MS Ad]
McAfee® Central for HP -> C:\Program Files\WindowsApps\2703103D.McAfeeCentral_5.0.177.1_x64__4ehj4w4frejdr [2018-04-03] (.-McAfee Inc-.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_3.9.9231.0_x64__8wekyb3d8bbwe [2019-10-01] (Microsoft Studios) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-13] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.11052.0_x64__8wekyb3d8bbwe [2019-11-11] (Microsoft Studios) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-17] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-17] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-21] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-21] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-17] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
mysms - Text from Computer, Messaging -> C:\Program Files\WindowsApps\UptoElevenDigitalSolution.mysms-Textanywhere_3.2.0.0_x64__c9d6r4qvva5x8 [2019-02-01] (Up to Eleven Digital Solutions GmbH)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-24] (Netflix, Inc.)
Pachisi - HP -> C:\Program Files\WindowsApps\b-interaktiveHP.-HP_1.1.0.10_neutral__e2dtjgtkcf0j0 [2014-07-06] (b-interaktive) [MS Ad]
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-08-06] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-30] (Microsoft Corporation)
Snapfish -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedPhotopoweredbySnapfish_6.1.736.0_x86__v10z8vjag6ke6 [2018-08-04] (Snapfish)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0 [2019-11-07] (Spotify AB) [Startup Task]
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2016-11-24] (TripAdvisor LLC)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-07] (Twitter Inc.)
Xbox 360 SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe [2015-09-30] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3982568115-4214522293-509568142-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-40489E406DB9} -> [Creative Cloud Files] => C:\Users\jmore_000\Creative Cloud Files [2015-04-24 17:49]
CustomCLSID: HKU\S-1-5-21-3982568115-4214522293-509568142-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\jmore_000\AppData\Local\GoToMeeting\14316\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.)
CustomCLSID: HKU\S-1-5-21-3982568115-4214522293-509568142-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\jmore_000\Dropbox [2018-02-02 14:51]
CustomCLSID: HKU\S-1-5-21-3982568115-4214522293-509568142-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-04-16] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2014-05-13] (Foxit Corporation -> Foxit Corporation)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-04-16] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2018-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-06-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\jmore_000\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonShopping.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://www.amazon.com/gp/bit/amazonbookmark.html?tag=hp2-desktop-us-20&partner=HP
ShortcutWithArgument: C:\Users\Public\Desktop\Get Dropbox Offer.lnk -> C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=all&c=143&locale=en_us&pf=cndt&s=db_dticon&tp=dropbox

==================== Loaded Modules (Whitelisted) =============

2014-03-28 14:31 - 2014-03-28 14:31 - 002110464 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-28 14:27 - 2014-03-28 14:27 - 000021504 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-28 14:27 - 2014-03-28 14:27 - 000055296 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-28 14:27 - 2014-03-28 14:27 - 000035328 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2018-10-24 04:37 - 2018-03-07 19:48 - 002286592 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\jmore_000\AppData\Local\Amazon Music\QtCore4.dll
2018-10-24 04:37 - 2018-03-07 19:52 - 006324224 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\jmore_000\AppData\Local\Amazon Music\QtGui4.dll
2018-10-24 04:37 - 2018-03-07 19:49 - 000808448 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\jmore_000\AppData\Local\Amazon Music\QtNetwork4.dll
2011-04-29 18:08 - 2011-04-29 18:08 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.rsc
2011-08-18 00:29 - 2011-08-18 00:29 - 001039360 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll
2014-03-28 14:47 - 2014-03-28 14:47 - 000646656 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OpBHO64.dll
2014-03-28 14:29 - 2014-03-28 14:29 - 000692224 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\storeng.dll
2014-03-28 14:32 - 2014-03-28 14:32 - 001107968 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\userdata.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2010-11-18 22:08 - 2010-11-18 22:08 - 000086016 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2019-09-27 21:27 - 2019-09-27 21:27 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2019-09-27 21:26 - 2019-09-27 21:26 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
2014-03-28 14:48 - 2014-03-28 14:48 - 000712080 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-03-28 14:48 - 2014-03-28 14:48 - 000367504 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-28 14:48 - 2014-03-28 14:48 - 000759184 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\hdddrv.dll
2014-03-28 14:48 - 2014-03-28 14:48 - 001204112 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\Wbf.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mbamchameleon => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 07:25 - 2013-08-22 07:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Program Files\Broadcom\Broadcom 802.11;;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Hewlett-Packard\SimplePass\;C:\Program Files (x86)\QuickTime\QTSystem\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3982568115-4214522293-509568142-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jmore_000\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 209.18.47.63 - 209.18.47.61
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{5E41376B-C9F4-4E68-83A5-1069C22F82A3}C:\users\jmore_000\appdata\local\amazon music\amazon music helper.exe] => (Block) C:\users\jmore_000\appdata\local\amazon music\amazon music helper.exe (Amazon Services LLC -> Amazon Services LLC)
FirewallRules: [TCP Query User{BBA2EC49-361A-4842-890B-122B7C973A00}C:\users\jmore_000\appdata\local\amazon music\amazon music helper.exe] => (Block) C:\users\jmore_000\appdata\local\amazon music\amazon music helper.exe (Amazon Services LLC -> Amazon Services LLC)
FirewallRules: [{A59A548A-0565-4212-9659-2B618FB0E104}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9D843BF8-426B-4784-86F6-0431A110A526}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A1439BFD-7D64-42FB-9599-FAAE216624D1}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE No File
FirewallRules: [{F61C840E-40C1-4F49-BD9E-457C6BAB3260}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{2CE4FF3E-7A8D-461B-A809-61E9FD3ED143}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe No File
FirewallRules: [{AB6313DD-C430-4CE6-A8E7-CC75777313BE}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe No File
FirewallRules: [{75C3AAC8-DB36-4176-B90D-7756C702F16F}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe No File
FirewallRules: [{FA08107B-3FDB-4FDD-8C29-7E046500CF73}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{428D28FE-96D0-4BC1-B94B-10831971C99C}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe No File
FirewallRules: [{069663C3-1325-4195-8C9C-8FC97A7F3133}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3FBE3416-6DD1-4795-9574-D03BAB7C045A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B0EFFAA4-AD96-416B-BDC8-75BFFE668D40}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1E55C833-45E8-4AB1-A417-DFDE6980EFC3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F4400339-EDD3-46A3-8F62-BFDBB533822B}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{E3E30AC2-DD51-45D3-9563-75B3918985B7}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{DD3B3D50-E258-48AC-85AE-864C1948B0C1}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FEEF010D-EE3C-4847-8ABB-3F25628F944A}] => (Allow) C:\Users\jmore_000\AppData\Local\Temp\7zS2ECD\setup\hpznui40.exe No File
FirewallRules: [{5EB96549-369C-42B5-BA89-26524048FDC3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{B49D3D3D-1904-4B4A-B731-99F82BA62020}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{7F9A6A2A-2F04-46E4-AA71-F772D6B70601}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{7D5FC4F6-86C2-4842-A9DA-2B17A6415505}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{0A955A54-313E-4F81-922F-35FC99A40AE4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{A39D509B-CABA-4603-80D5-EBD0504CABC4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{4F888503-5561-4709-A052-3EC8CDE6625C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{27AA689E-588B-44F0-B6A9-137E82110A03}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{E1E33887-4225-4C56-AE82-AC80FDDC9422}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett Packard -> Hewlett-Packard)
FirewallRules: [{9F67C18E-B4EE-4CA3-BD1C-2774CBB8FC78}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{F09B66E7-A801-42B2-8B9A-CEBB2B7B70EA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{A2B5807F-B6FD-4D07-AF72-30EF228E1B7A}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{BD96E1AD-FE0D-4898-BF11-2DFFBB943A44}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{2B025D04-B4A3-44B7-9E4D-DF5A6238BB3E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{898E31B9-5E2D-4027-AF53-C988E8374BBE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{C16DA8E6-4782-4D89-A38D-A97C43B86B21}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{75B80222-A672-4507-90FF-5EB33B84DF1A}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe No File
FirewallRules: [{5AF79B47-12B6-40FB-894C-4F33DCFC1F60}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe No File
FirewallRules: [{BDBFCAD3-6CE2-47AE-90C2-82672EEC42D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe No File
FirewallRules: [TCP Query User{36FF3221-DA5B-4604-A3DA-CD9432E72486}C:\program files\adobe\adobe photoshop cc 2017\photoshop.exe] => (Allow) C:\program files\adobe\adobe photoshop cc 2017\photoshop.exe (Adobe Inc. -> Adobe Systems, Incorporated)
FirewallRules: [UDP Query User{25BB8347-96CA-4F5E-ADD8-15B986B26A21}C:\program files\adobe\adobe photoshop cc 2017\photoshop.exe] => (Allow) C:\program files\adobe\adobe photoshop cc 2017\photoshop.exe (Adobe Inc. -> Adobe Systems, Incorporated)
FirewallRules: [{C8508749-A740-437D-9962-DE3EACA227FF}] => (Allow) C:\Users\jmore_000\AppData\Local\Temp\7zS7F22\HPDiagnosticCoreUI.exe No File
FirewallRules: [{A5F877F1-EBF0-4A6E-ABBF-6AC80D59784E}] => (Allow) C:\Users\jmore_000\AppData\Local\Temp\7zS7F22\HPDiagnosticCoreUI.exe No File
FirewallRules: [TCP Query User{58E17A3C-8758-46EA-9550-287E40A4D69C}C:\windows\system32\sihost.exe] => (Block) C:\windows\system32\sihost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{E83DBBC1-57DE-4313-8F17-FD1EEDEF2A98}C:\windows\system32\sihost.exe] => (Block) C:\windows\system32\sihost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8F76202F-7A57-4B1C-A624-C519E5D0E748}] => (Allow) C:\Users\jmore_000\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{93BC0CE6-44E9-4B4C-8EFF-590A8BB78487}] => (Allow) C:\Users\jmore_000\AppData\Roaming\Zoom\bin\airhost.exe No File
FirewallRules: [{AD7327D9-83A7-4E91-BE23-C58B99BD2FC9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{777B212C-73CF-4F3A-9160-D3E2C0057B76}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C6093CEA-D4F6-44F4-A50E-788B5D41CB5F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C95A33EC-6CD9-45A4-9119-E9C4B946CC42}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FADD8B3C-6147-4220-930F-562A1810EDA9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F03328D6-3294-4FA4-9125-E271FE212294}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CF17E3CD-90A6-4A0D-8418-359F52D3E5CA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AFE9DD4C-13A4-4DA9-B354-B8D57329AF77}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F8BABA40-D91E-4DB8-ACDA-8893D14E2635}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ADF3E62D-1590-49E1-B741-32487141BCD4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D903FE17-3650-4647-9F06-88F0E61C6E53}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{20614A90-9C25-4F33-9BE3-616CE0CCF1A1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{00015EAE-40EC-4002-BB92-C0EC13B6B1BE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{656FDBE6-621C-41C1-855A-2207847B6CF6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{673D9AE3-AD4F-40B5-8147-C8881DA00205}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{96151326-95CB-4053-AE13-927490C19070}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2C73C15D-3A0D-4867-882B-1C7D21225D2F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A6F8899E-2732-4C8D-B5F2-E32903E1BA95}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.119.480.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{85539152-C363-4800-9673-62112E985538}C:\users\jmore_000\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\jmore_000\appdata\local\amazon music\amazon music helper.exe (Amazon Services LLC -> Amazon Services LLC)
FirewallRules: [UDP Query User{86BCD395-DE1D-4F10-A546-D855985BD29B}C:\users\jmore_000\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\jmore_000\appdata\local\amazon music\amazon music helper.exe (Amazon Services LLC -> Amazon Services LLC)
FirewallRules: [{C73B049E-83F9-442B-A583-044CBA71BB2D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

==================== Restore Points =========================

14-11-2019 04:20:25 Windows Update

==================== Faulty Device Manager Devices ============

Name: Photosmart Plus B209a-m
Description: Photosmart Plus B209a-m
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (11/15/2019 09:29:55 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

Error: (11/15/2019 09:29:55 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

Error: (11/15/2019 09:23:50 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program AdobeNotificationClient.exe version 4.9.0.484 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2618

Start Time: 01d59bc87f7a684b

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc\AdobeNotificationClient.exe

Report Id: c134a018-61b5-4197-8f3c-8f0a7fc64560

Faulting package full name: AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc

Faulting package-relative application ID: App

Hang type: Quiesce

Error: (11/15/2019 09:11:30 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 10400 and the required size was 38744.

Error: (11/14/2019 05:43:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3308,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (11/14/2019 05:25:13 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8884,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (11/14/2019 05:11:11 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6124,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (11/14/2019 05:02:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HitmanPro.exe, version: 3.8.15.306, time stamp: 0x5d0b8035
Faulting module name: HitmanPro.exe, version: 3.8.15.306, time stamp: 0x5d0b8035
Exception code: 0xc0000005
Fault offset: 0x00000000002c4fb1
Faulting process id: 0x1798
Faulting application start time: 0x01d59b3386723333
Faulting application path: C:\Program Files\HitmanPro\HitmanPro.exe
Faulting module path: C:\Program Files\HitmanPro\HitmanPro.exe
Report Id: b9bcaee9-1933-4b5c-b92e-559554c0ab62
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (11/15/2019 09:22:50 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Delivery Optimization service hung on starting.

Error: (11/15/2019 09:15:31 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (11/15/2019 09:15:31 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (11/15/2019 09:15:31 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (11/15/2019 09:15:10 AM) (Source: DCOM) (EventID: 10010) (User: COOKYHOME)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (11/15/2019 09:15:09 AM) (Source: DCOM) (EventID: 10010) (User: COOKYHOME)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (11/15/2019 09:15:09 AM) (Source: DCOM) (EventID: 10010) (User: COOKYHOME)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (11/15/2019 09:15:09 AM) (Source: DCOM) (EventID: 10010) (User: COOKYHOME)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.


Windows Defender:
===================================
Date: 2019-11-07 17:22:28.787
Description:
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Adware:JS/InjectorAd.A
ID: 258409
Severity: High
Category: Adware
Path: file:_C:\Users\jmore_000\Documents\Stock\Chris Castro_files\20c1f9347f59cf976e.js.download
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
Security intelligence Version: AV: 1.305.1613.0, AS: 1.305.1613.0, NIS: 1.305.1613.0
Engine Version: AM: 1.1.16500.1, NIS: 1.1.16500.1

Date: 2019-11-07 13:21:39.759
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {52B9A261-9BA0-43EF-BB6E-BFC86421711D}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-10-28 13:30:53.713
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {C3AD98CD-E122-4883-B18D-A5979FF1CA5E}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-10-22 13:32:38.610
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {3645004B-60F4-4279-9014-6FC7082A159C}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-10-21 14:41:31.426
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {E8CF584D-7034-467F-86A2-AB5B65894977}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-11-14 15:45:25.149
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.305.1688.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16500.1
Error code: 0x8007043c
Error description: This service cannot be started in Safe Mode

Date: 2019-11-14 15:35:21.687
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2019-11-14 15:26:10.178
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.305.1688.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16500.1
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2019-11-14 15:26:10.178
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.305.1688.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16500.1
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2019-11-14 15:26:10.178
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.305.1688.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16500.1
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

CodeIntegrity:
===================================

Date: 2019-11-15 09:19:38.632
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-11-15 09:18:24.193
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.

Date: 2019-11-15 09:11:05.230
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-11-14 17:04:05.773
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.

Date: 2019-11-14 15:06:00.375
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-11-14 15:04:52.967
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.

Date: 2019-11-14 13:55:14.732
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-11-14 13:54:04.912
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\spoolsv.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\AdobePDF.dll that did not meet the Unchecked signing level requirements.

==================== Memory info ===========================

BIOS: AMI 80.00 06/11/2014
Motherboard: Hewlett-Packard 2B2B
Processor: Intel(R) Core(TM) i5-4570T CPU @ 2.90GHz
Percentage of memory in use: 49%
Total physical RAM: 12178.45 MB
Available physical RAM: 6104.97 MB
Total Virtual: 24978.45 MB
Available Virtual: 18521.03 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:911.51 GB) (Free:473.75 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Recovery Image) (Fixed) (Total:17.66 GB) (Free:2.25 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{67ddf778-8ec5-4784-ab8f-86933f7e8850}\ (Windows RE tools) (Fixed) (Total:1 GB) (Free:0.66 GB) NTFS
\\?\Volume{2533208e-8e65-4185-a208-9685eb23d734}\ () (Fixed) (Total:0.86 GB) (Free:0.4 GB) NTFS
\\?\Volume{3efa91fb-210e-4ec0-89b4-ab139742b172}\ (SYSTEM) (Fixed) (Total:0.35 GB) (Free:0.28 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8D27E95C)

Partition: GPT.

==================== End of Addition.txt =======================
 
  • Like
Reactions: Venustus

nasdaq

Moderator
Verified
Staff Member
Nov 5, 2019
1,425
Hello, Welcome to MalwareTips.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The Computer will restart when the fix is completed.

It will create a log (Fixlog.txt) please post it to your reply.
===

Edge Syncing.
If the problem persists and you are Syncing Edge with other devices reset it.

===

Let me know if your problem is solved.
 

Attachments

  • fixlist.txt
    4.9 KB · Views: 4

jmoreno12

New Member
Thread author
Nov 14, 2019
5
Fix result of Farbar Recovery Scan Tool (x64) Version: 14-11-2019
Ran by jmore_000 (18-11-2019 10:03:20) Run:1
Running from C:\Users\jmore_000\Downloads
Loaded Profiles: jmore_000 (Available Profiles: jmore_000 & Elite Drivers RGV)
Boot Mode: Normal
==============================================

fixlist content:
*****************
SystemRestore: On
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
HKLM\ DisallowedCertificates: AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947 (AVG Technologies CZ) <==== ATTENTION
HKLM\ DisallowedCertificates: AD4C5429E10F4FF6C01840C20ABA344D7401209F (Avast Antivirus/Software) <==== ATTENTION
HKLM\ DisallowedCertificates: DB77E5CFEC34459146748B667C97B185619251BA (Avast Antivirus/Software) <==== ATTENTION
HKLM\ DisallowedCertificates: E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF (AVG Technologies CZ) <==== ATTENTION
ShortcutTarget: IQTray.lnk -> C:\Program Files (x86)\IQ Option\IQTray.exe (No File)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-48790505-1987507193-3152163807-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-10.0.1\bin\ssv.dll => No File
S3 EnigmaFileMonDriver; \??\C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys [X]
S1 mqyfyyez; \??\C:\WINDOWS\system32\drivers\mqyfyyez.sys [X]
S1 vqohirma; \??\C:\WINDOWS\system32\drivers\vqohirma.sys [X]
S1 ZAM; \??\C:\WINDOWS\System32\drivers\zam64.sys [X]
CustomCLSID: HKU\S-1-5-21-48790505-1987507193-3152163807-1002_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2019\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-48790505-1987507193-3152163807-1002_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2019\Inventor Server\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-48790505-1987507193-3152163807-1002_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2019\Inventor Server\Bin\TestServer.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [486]
FirewallRules: [UDP Query User{8D528795-3F34-40F6-9994-42F6740453C8}C:\users\november\desktop\ps4-exploit-host\ps4-exploit-host.exe] => (Allow) C:\users\november\desktop\ps4-exploit-host\ps4-exploit-host.exe No File
FirewallRules: [TCP Query User{0FA8506F-F488-492E-A10E-A474F38695C5}C:\users\november\desktop\ps4-exploit-host\ps4-exploit-host.exe] => (Allow) C:\users\november\desktop\ps4-exploit-host\ps4-exploit-host.exe No File
FirewallRules: [UDP Query User{8A9E3305-C46A-4135-AB37-DCFCE690B251}C:\program files\fifa18\fifa18.exe] => (Allow) C:\program files\fifa18\fifa18.exe No File
FirewallRules: [TCP Query User{60CD9B1D-597C-47F0-84AE-EB09CE2EE136}C:\program files\fifa18\fifa18.exe] => (Allow) C:\program files\fifa18\fifa18.exe No File
FirewallRules: [{1BDE976E-5AD2-40BC-AEEF-2A618DB48B0C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{84D8F0E0-4421-43E3-BBAD-92770B9D767E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{35101BA4-4998-487E-9F54-F6639EBFF235}] => (Allow) C:\WINDOWS\iUdCEzQxAiDiI.exe (Microsoft Corporation) [File not signed]
FirewallRules: [{1EE75DF2-755E-4368-AB12-42D61C9EE78E}] => (Allow) C:\Program Files (x86)\YozsoA.exe No File
FirewallRules: [{36D830F0-4933-4E12-9A38-8AB89933544B}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe No File
FirewallRules: [{3126FE82-F7B9-4EB3-BB59-AC7F7261831A}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe No File
FirewallRules: [{9456ADF2-B562-4133-B219-D1E12CF5067A}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\TInst.exe No File
FirewallRules: [{1D0E042C-24C2-4529-A9A3-971714EFDFC7}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\bugreport.exe No File
FirewallRules: [{974653E0-16A2-4E3A-AD1C-0D278E12437B}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\QQExternal.exe No File
FirewallRules: [{A4847472-7013-4EF3-87AF-D2C5EFF61492}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\GameDownload.exe No File
FirewallRules: [{53B7B4CC-AB1E-49FD-B572-15E5D1C60B5F}] => (Allow) C:\Program Files\TxGameAssistant\AppMarket\GF186\TUpdate.exe No File
FirewallRules: [{A0A07857-0ED6-49EA-A9F3-F33C5FACD51E}] => (Allow) C:\Users\November\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe No File
FirewallRules: [{012FF5DC-5C36-4BE1-A446-4AAA04779349}] => (Allow) C:\Users\November\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe No File
FirewallRules: [{811F3343-27F7-446D-BC98-9B33E968201B}] => (Allow) C:\Users\November\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe No File
FirewallRules: [{1D020264-CA24-472D-AC91-921C04410569}] => (Allow) C:\Users\November\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe No File
FirewallRules: [{11C2965A-91A9-4E15-BBCC-1A59EFE17444}] => (Allow) C:\Users\November\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe No File
FirewallRules: [{CE52F5E5-355B-46C1-B701-549D5A0A81D8}] => (Allow) C:\Users\November\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe No File
FirewallRules: [{763043FA-32C7-4F3B-8AFE-DC6064E50728}] => (Allow) C:\Program Files\TxGameAssistant\UI\AndroidEmulator.exe No File
FirewallRules: [{3BB94D54-9E44-499B-A087-F6F5262E2DE7}] => (Allow) C:\Program Files\TxGameAssistant\UI\adb.exe No File
FirewallRules: [{F394EA84-20E8-4FEF-A893-B8BCA530DC24}] => (Allow) C:\Program Files\TxGameAssistant\UI\TInst.exe No File
FirewallRules: [{454A8544-8DF2-424E-AFCC-5E84B38422B9}] => (Allow) C:\Program Files\TxGameAssistant\UI\bugreport.exe No File
FirewallRules: [{87F0BE1B-3263-4220-8D14-1A98CE06CDF7}] => (Allow) C:\Program Files\TxGameAssistant\UI\TxGaDcc.exe No File
FirewallRules: [{5C58393F-A2B0-4FD0-B084-6455EF604D07}] => (Allow) C:\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{948DB328-3B85-4F55-9C97-9E515FA9F4E3}] => (Allow) C:\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{EC35992A-C711-443E-832C-6A3C57DC9ED2}] => (Allow) C:\Grand Theft Auto V\GTA5.exe No File
FirewallRules: [{02A52E2C-DE1A-44F0-A7DF-17D91409C40D}] => (Allow) C:\Grand Theft Auto V\GTA5.exe No File
C:\WINDOWS\iUdCEzQxAiDiI.exe

*****************

SystemRestore: On => completed
Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\AB7E760DA2485EA9EF5A6EEE7647748D4BA6B947 => not found
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\AD4C5429E10F4FF6C01840C20ABA344D7401209F => not found
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\DB77E5CFEC34459146748B667C97B185619251BA => not found
HKLM\Software\Microsoft\SystemCertificates\Disallowed\Certificates\E513EAB8610CFFD7C87E00BCA15C23AAB407FCEF => not found
"C:\Program Files (x86)\IQ Option\IQTray.exe" => not found
HKLM\SOFTWARE\Policies\Mozilla => not found
"HKU\S-1-5-21-48790505-1987507193-3152163807-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => not found
EnigmaFileMonDriver => Unable to stop service.
HKLM\System\CurrentControlSet\Services\EnigmaFileMonDriver => removed successfully
EnigmaFileMonDriver => service removed successfully
mqyfyyez => service not found.
vqohirma => service not found.
ZAM => service not found.
"HKU\S-1-5-21-48790505-1987507193-3152163807-1002_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}" => not found
"HKU\S-1-5-21-48790505-1987507193-3152163807-1002_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}" => not found
"HKU\S-1-5-21-48790505-1987507193-3152163807-1002_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avg => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"C:\Users\Public\Shared Files" => ":VersionCache" ADS not found.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8D528795-3F34-40F6-9994-42F6740453C8}C:\users\november\desktop\ps4-exploit-host\ps4-exploit-host.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0FA8506F-F488-492E-A10E-A474F38695C5}C:\users\november\desktop\ps4-exploit-host\ps4-exploit-host.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8A9E3305-C46A-4135-AB37-DCFCE690B251}C:\program files\fifa18\fifa18.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{60CD9B1D-597C-47F0-84AE-EB09CE2EE136}C:\program files\fifa18\fifa18.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1BDE976E-5AD2-40BC-AEEF-2A618DB48B0C}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{84D8F0E0-4421-43E3-BBAD-92770B9D767E}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{35101BA4-4998-487E-9F54-F6639EBFF235}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1EE75DF2-755E-4368-AB12-42D61C9EE78E}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{36D830F0-4933-4E12-9A38-8AB89933544B}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3126FE82-F7B9-4EB3-BB59-AC7F7261831A}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9456ADF2-B562-4133-B219-D1E12CF5067A}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1D0E042C-24C2-4529-A9A3-971714EFDFC7}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{974653E0-16A2-4E3A-AD1C-0D278E12437B}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A4847472-7013-4EF3-87AF-D2C5EFF61492}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{53B7B4CC-AB1E-49FD-B572-15E5D1C60B5F}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A0A07857-0ED6-49EA-A9F3-F33C5FACD51E}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{012FF5DC-5C36-4BE1-A446-4AAA04779349}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{811F3343-27F7-446D-BC98-9B33E968201B}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1D020264-CA24-472D-AC91-921C04410569}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{11C2965A-91A9-4E15-BBCC-1A59EFE17444}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CE52F5E5-355B-46C1-B701-549D5A0A81D8}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{763043FA-32C7-4F3B-8AFE-DC6064E50728}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3BB94D54-9E44-499B-A087-F6F5262E2DE7}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F394EA84-20E8-4FEF-A893-B8BCA530DC24}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{454A8544-8DF2-424E-AFCC-5E84B38422B9}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{87F0BE1B-3263-4220-8D14-1A98CE06CDF7}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5C58393F-A2B0-4FD0-B084-6455EF604D07}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{948DB328-3B85-4F55-9C97-9E515FA9F4E3}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EC35992A-C711-443E-832C-6A3C57DC9ED2}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{02A52E2C-DE1A-44F0-A7DF-17D91409C40D}" => not found
"C:\WINDOWS\iUdCEzQxAiDiI.exe" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 229921494 B
Java, Flash, Steam htmlcache => 43936109 B
Windows/system/drivers => 3544468 B
Edge => 6632557 B
Chrome => 875975629 B
Firefox => 443079103 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 52998 B
NetworkService => 153878 B
jmore_000 => 632512275 B
Elite Drivers RGV => 735796796 B

RecycleBin => 201201885 B
EmptyTemp: => 3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:09:46 ====
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top