Go Back   Cyber Tech Help Support Forums > Operating Systems > Windows 10
Reload this Page Cleaning out Context Menu
Register FAQ Calendar Today's Active Topics Search

Notices

Windows 10 Problem solving for the Windows 10 Operating System.

Reply
Page 2 of 3 1 2 3
 
Topic Tools
  #16  
Old January 5th, 2020, 08:28 PM
sebastian42 sebastian42 is offline
Senior Member
  
Join Date: May 2007
Posts: 125
The text that you have entered is too long (140167 characters). Please shorten it to 50000 characters long.

I'm going to have to find a way to get around this problem. I really don't know how to even break a text file onto half - I presume I can send you 4 halves.
Last edited by sebastian42; January 5th, 2020 at 08:38 PM.
Reply With Quote
  #17  
Old January 5th, 2020, 10:22 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
  
Join Date: Dec 2004
Posts: 52,284
Yes, you have to break it down into pieces. If you take a chunk of the log and highlight it, right click and select cut, then post what you have back here. Then do another cut, and post. When you're done, click don't save and the log will just be restored to its full size on your computer.
Reply With Quote
  #18  
Old January 6th, 2020, 03:45 AM
sebastian42 sebastian42 is offline
Senior Member
  
Join Date: May 2007
Posts: 125
What you have instructed is rather obvious - my (unstated) difficulty was with finding the halfway mark, the obviously safest place to break the file in two. Some programs have character count - could see where that leads.
My text editor had line numbers so could break at the middle line.

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01-01-2020
Ran by Joe (06-01-2020 06:29:49)
Running from C:\Program Files\Farbar
Microsoft Windows 10 Pro Version 1909 18363.535 (X86) (2019-12-05 14:47:55)
Boot Mode: Normal
================================================== ========


==================== Accounts: =============================

Administrator (S-1-5-21-198903158-1304534811-4163729061-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-198903158-1304534811-4163729061-503 - Limited - Disabled)
Guest (S-1-5-21-198903158-1304534811-4163729061-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-198903158-1304534811-4163729061-1002 - Limited - Enabled)
Joe (S-1-5-21-198903158-1304534811-4163729061-1000 - Administrator - Enabled) => C:\Users\Joe
WDAGUtilityAccount (S-1-5-21-198903158-1304534811-4163729061-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM\...\uTorrent) (Version: 2.2.1 - )
4K Video Downloader 4.9 (HKLM\...\{5AD5FB20-5563-4551-B6EC-9716E5F4AA8C}) (Version: 4.9.0.3032 - Open Media LLC)
8GadgetPack (HKLM\...\{A6ED7695-0EDF-47C6-BD79-669FA92C6E78}) (Version: 26.0.0 - 8GadgetPack.net)
Active Desktop Calendar 7.96 (HKLM\...\Active Desktop Calendar_is1) (Version: - XemiComputers)
Actual Window Manager 8.14 (HKLM\...\Actual Windows Manager_is1) (Version: 8.14 - Actual Tools)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.303 - Adobe)
Aidfile recovery software professional version 3.6.6.0 (HKLM\...\{456B239A-C1E0-4178-810E-8E8F09B06877}_is1) (Version: 3.6.6.0 - Mitusoft, Inc.)
********* HD Video Converter 8.1.18 (HKLM\...\{3039577D-975E-42fc-89FC-2F1FF42F3FCA}_is1) (Version: 8.1.18 - ********* Studio)
********* MP4 Video Converter 8.1.10 (HKLM\...\{75CE1C3D-5B84-4e3b-BC17-246607907E6B}_is1) (Version: 8.1.10 - ********* Studio)
********* Total Media Converter 6.2.86 (HKLM\...\{42087B24-ECD8-41d2-8053-E6EB99E5083F}_is1) (Version: 6.2.86 - ********* Studio)
********* Total Video Converter 9.2.28 (HKLM\...\********* Total Video Converter_is1) (Version: 9.2.28 - ********* Studio)
********* Video Converter Ultimate 9.2.38 (HKLM\...\{BD446D04-7426-4a27-9B0B-33B0C386F71B}_is1) (Version: 9.2.38 - ********* Studio)
********* Video Converter Ultimate 9.2.62 (HKLM\...\********* Video Converter Ultimate_is1) (Version: 9.2.62 - lrepacks.ru)
Akamai NetSession Interface (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Allavsoft 3.17.7.7150 (HKLM\...\{6EBED4D8-13D9-4270-8D44-B57DDB7A787C}_is1) (Version: - Allavsoft Corporation)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMP Calendar (HKLM\...\AMP Calendar) (Version: - )
Annotator version 2.0.0.12 (HKLM\...\{A6ACFC1B-361C-430B-94DA-51467B7D6E7E}_is1) (Version: 2.0.0.12 - IPEVO)
ANT Drivers Installer x86 (HKLM\...\{41C1CDFA-BD68-480E-819C-A06112DA457B}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ANT Drivers Installer x86 (HKLM\...\{D8E7F472-86F6-4E62-AAFB-283D238FEED0}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Any Video Converter Professional 6.2.9 (HKLM\...\Any Video Converter Professional_is1) (Version: - Any-Video-Converter.com)
AnyMP4 MP4 Converter 7.2.8 (HKLM\...\{116DCE20-DA28-44fb-9C04-DDE2AD05AC8C}_is1) (Version: 7.2.8 - AnyMP4 Studio)
AOMEI Backupper Professional (HKLM\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: - AOMEI Technology Co., Ltd.)
AOMEI Partition Assistant 8.6 (HKLM\...\{04F850ED-FD0F-4ED1-AE1B-4498165BF3D2}_is1) (Version: - AOMEI Technology Co., Ltd.)
Apowersoft Video Converter Studio V4.8.3 (HKLM\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.8.3 - APOWERSOFT LIMITED)
AutoHotkey 1.1.30.03 (HKLM\...\AutoHotkey) (Version: 1.1.30.03 - Lexikos)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
AVS Video Converter 12.0.2 (HKLM\...\AVS4YOU Video Converter 7_is1) (Version: 12.0.2.652 - Online Media Technologies Ltd.)
Belarc Advisor 9.0 (HKLM\...\Belarc Advisor) (Version: 9.0.0.0 - Belarc Inc.)
Bigasoft Video Downloader Pro 3.17.9.7200 (HKLM\...\{C7056BA6-D954-43A2-ABBA-AB2E8E777730}_is1) (Version: - Bigasoft Corporation)
Boilsoft Video Joiner 6.57 (HKLM\...\{FD39EF4B-0B5C-4B33-8D57-2EE865A80EB1}_is1) (Version: - Boilsoft, Inc.)
Boilsoft Video Splitter 6.33 (HKLM\...\{24549038-9956-4EE5-976D-4419AAEA7DD5}_is1) (Version: - Boilsoft, Inc.)
Brother HL-2040 (HKLM\...\{AF5BED47-32A2-4FAE-9706-8F0E0462E838}) (Version: 1.00 - Brother)
CapsLord 1.0 (remove only) (HKLM\...\CapsLord) (Version: - )
Casper 8.0 (HKLM\...\{6A58EB2E-5883-4515-910D-699C4396797B}) (Version: 8.0.4422 - Future Systems Solutions, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Clipboard Magic version 5.05 (HKLM\...\Clipboard Magic_is1) (Version: 5.05 - CyberMatrix Corporation, Inc.)
CloseAll (HKLM\...\CloseAll) (Version: 2.0 - NTWind Software)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
CPUID CPU-Z 1.90 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.90 - CPUID, Inc.)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
EaseUS Partition Master 13.0 Trial Edition (HKLM\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS)
EasiestSoft Video Converter 3.3.1 (HKLM\...\{62540757-EAF0-B027-F7F8-CD5A8A0DC9BA}_is1) (Version: 3.3.1 - EasiestSoft International LLC.)
Eassos PartitionGuru 4.9.5 (HKLM\...\{FC4FF5F4-2265-4E18-8BBC-12CBA9794388}_is1) (Version: - Eassos Co., Ltd.)
Easy Video Splitter 1.28 (HKLM\...\Easy Video Splitter_is1) (Version: - DoEasier Tech Inc)
Elevated Installer (HKLM\...\{D65F0A69-836E-419F-B817-A82A1A0B04A3}) (Version: 6.17.0.0 - Garmin Ltd or its subsidiaries) Hidden
EmEditor (32-bit) (HKLM\...\{87E57ED7-E591-4DFD-8FD5-0F253EF425B3}) (Version: 19.0.0 - Emurasoft, Inc.)
EmEditor Help (English) (HKLM\...\{613A955D-A807-4489-B423-1CEDE0676739}) (Version: 15.7.1 - Emurasoft, Inc.)
Epic Pen version v3.6.0.0 (HKLM\...\Epic Pen_is1) (Version: v3.6.0.0 - TANK Studios)
Evaer Video Recorder for Skype 1.6.5.11 (HKLM\...\Evaer Video Recorder for Skype) (Version: 1.6.5.11 - Evaer Technology)
Faasoft Video Converter 5.2.24.5621 (HKLM\...\{C6FE6897-0A65-4474-8EF7-E7AF11F8F239}_is1) (Version: - Faasoft Corporation)
FileSeek 6.2.1 (32-bit) (HKLM\...\44953928-E730-4e8c-A2B2-3A85BC96A3D0_is1) (Version: 6.2.1.0 - Binary Fortress Software)
Firefox Preloader (HKLM\...\Firefox Preloader_is1) (Version: 1.0.366.0 - 6XGate Incorporated)
Folder Size Explorer (HKLM\...\{7C3E7EA4-DCEC-4E49-8459-B6F15DBD9795}) (Version: 1.7.1 - Bazwise)
FormatFactory 4.8.0.0 (HKLM\...\FormatFactory) (Version: 4.8.0.0 - Free Time)
FotoTagger 2.13.0.1 (HKLM\...\FotoTagger) (Version: 2.13.0.1 - Cogitum)
Free Launch Bar (HKLM\...\{1574CBD4-1656-420c-B553-E16F01E74C0F}) (Version: 2.0 - Tordex)
Free M4a to MP3 Converter 9.7 (HKLM\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Free MPG Player (HKLM\...\{254E7ACE-402F-4CA4-951F-9C5F0B00AF1A}) (Version: 1.0.0 - Free MPG Player)
Free Video Flip and Rotate version 2.1.6.128 (HKLM\...\Free Video Flip and Rotate_is1) (Version: 2.1.6.128 - DVDVideoSoft Ltd.)
Free Video Joiner (HKLM\...\{14FA6DD9-92ED-493D-A937-81A78870E08A}_is1) (Version: - FreeVideoJoiner.com)
Free WebM to MP3 Converter (32-bit) 1.2 (HKLM\...\{E359DE7A-892A-4E9F-B2D6-7487C4AA7FB6}_is1) (Version: 1.2 - Jacek Pazera)
Freemake Video Converter version 4.1.10 (HKLM\...\Freemake Video Converter_is1) (Version: 4.1.10 - Mixbyte Inc.)
Freemake Video Downloader (HKLM\...\Freemake Video Downloader_is1) (Version: 3.8.3 - Ellora Assets Corporation)
Garmin City Navigator Aus and NZ NT 2017.20 (HKLM\...\{3E711870-B474-4277-AE21-481DEAD361B3}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin City Navigator Australia And New Zealand NT 2012.40 Update (HKLM\...\{5E34337E-9BE4-4D72-9C61-77769BD72855}) (Version: 12.40.0.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM\...\{4A1D1574-78D4-48E5-A587-84392EEA5C8A}) (Version: 6.17.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM\...\{624907e5-2ad8-4617-a97f-9e051f9179dd}) (Version: 6.17.0.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{E31435FE-F0B7-4A62-BE46-BD166A1EEFFB}) (Version: 2.3.1.1 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM\...\{5EF98E1C-3912-40EA-A8C1-25772D9F1762}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries) Hidden
Garmin WebUpdater (HKLM\...\{f1c8f03d-88bd-432d-80d1-782d4fac96b2}) (Version: 2.5.7 - Garmin Ltd or its subsidiaries)
Glary Utilities PRO 5.134 (HKLM\...\Glary Utilities 5) (Version: 5.134.0.160 - Glarysoft Ltd)
GOM Player (HKLM\...\GOM Player) (Version: 2.3.42.5304 - GOM & Company)
Google Chrome (HKLM\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Earth Pro (HKLM\...\{9D524A1E-F2FC-444D-B12A-7592CEB56EB5}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
HandBrake 1.0.7 (HKLM\...\HandBrake) (Version: 1.0.7 - )
Hard Disk Sentinel PRO (HKLM\...\Hard Disk Sentinel_is1) (Version: 5.40 - Janos Mathe)
HD Video Converter Factory Pro 17.1 (HKLM\...\HD Video Converter Factory Pro_is1) (Version: 17.1 - lrepacks.ru)
HD Video Converter Factory Pro 18.6 (HKLM\...\HD Video Converter Factory Pro) (Version: 18.6 - WonderFox Soft, Inc.)
Helium Audio Joiner (build 331) (HKLM\...\{1C7BCE67-6479-4D56-AD92-E50479028171}_is1) (Version: 1.9.0.331 - Imploded Software)
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.16.310 - SurfRight B.V.)
Ico Converter 1.3 (HKLM\...\IcoConverter) (Version: - Tomatosoft)
ICQ (version 10.0.12417) (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\icq.desktop) (Version: 10.0.12417 - ICQ)
iDealshare VideoGo 7.0.4.6443 (HKLM\...\{CC4C06C4-7C78-4AAB-B5AF-33FB11CCD860}_is1) (Version: - iDealshare Corporation)
ImTOO MP4 to MP3 Converter 6 (HKLM\...\ImTOO MP4 to MP3 Converter 6) (Version: 6.8.0.1101 - ImTOO)
Ink2Go (HKLM\...\{6F884302-FE97-4024-ADE3-6415E0F3D372}) (Version: 1.6.0 - EyePower Games)
Internet Download Manager (HKLM\...\Internet Download Manager) (Version: 6.32.8 - Tonek Inc.)
IrfanView 4.53 (32-bit) (HKLM\...\IrfanView) (Version: 4.53 - Irfan Skiljan)
iSkysoft Helper Compact 2.5.2 (HKLM\...\{9BF12010-8799-41A5-A671-E9CFDE9E79F3}_is1) (Version: 2.5.2 - iSkysoft)
iSkysoft Video Converter Ultimate(Build 11.5.0.24) (HKLM\...\iSkysoft Video Converter Ultimate_is1) (Version: 11.5.0.24 - iSkysoft Software)
ISO2Disc 1.10 (HKLM\...\ISO2Disc_is1) (Version: - Top Password Software, Inc.)
JPG to PDF Converter 1.1 (HKLM\...\JPG to PDF Converter) (Version: 1.1 - )
Junk Mail filter update (HKLM\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kleptomania version 5.0 (HKLM\...\{59C08933-1E83-4A8B-A2A9-FD895CFCC95D}_is1) (Version: 5.0 - StructuRise)
K-Lite Codec Pack 15.3.2 Basic (HKLM\...\KLiteCodecPack_is1) (Version: 15.3.2 - KLCP)
KMPlayer (HKLM\...\The KMPlayer) (Version: 4.2.2.35 - *******TV)
Linksys Wireless-G PCI Adapter Driver - WMP54Gv4.1 (HKLM\...\{4DDC3BED-CC68-44AA-B435-D727B620CA5B}) (Version: 1.0 - Linksys, A Division of Cisco Systems, Inc.)
Macro Express Pro (HKLM\...\Macro Express Pro) (Version: 4.3.0.1 - Insight Software Solutions, Inc.)
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
MediaHuman Audio Converter version 1.9.6.6 (HKLM\...\MHAudioConverter_is1) (Version: 1.9.6.6 - MediaHuman)
MediaInfo 18.12 (HKLM\...\MediaInfo) (Version: 18.12 - MediaArea.net)
Messenger for Desktop (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\{4e2a4302-5df4-5868-a685-36c844414384}) (Version: 3.0.14 - MFD LABS LTD)
Messenger for Desktop (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\4e2a4302-5df4-5868-a685-36c844414384) (Version: 3.0.8 - MFD LABS LTD)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM\...\{C6DB958A-50CC-481B-9ED8-3BAD236F7B49}) (Version: 7601 - Microsoft)
Microsoft Works 6-9 Converter (HKLM\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
MightyText (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\MightyText) (Version: 4.3.0 - MightyText)
MKV to MP3 Converter 5.0.1 (HKLM\...\MKV to MP3 Converter) (Version: 5.0.1 - FreeStar)
Movavi Video Converter 20 Premium (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Movavi Video Converter 20 Premium) (Version: 20.0.0 - Movavi)
Movie Maker (HKLM\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 50.0 (x86 en-US) (HKLM\...\Mozilla Firefox 50.0 (x86 en-US)) (Version: 50.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 50.0 - Mozilla)
Mp3tag v2.99a (HKLM\...\Mp3tag) (Version: 2.99a - Florian Heidenreich)
MP4 Downloader Pro 3 (HKLM\...\MP4 Downloader Pro_is1) (Version: - Tomabo)
MPC-HC 1.7.13 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.13 - MPC-HC Team)
NetWorx 5.5.5 (HKLM\...\NetWorx_is1) (Version: - Softperfect)
NirSoft RegScanner (HKLM\...\NirSoft RegScanner) (Version: - )
NirSoft ShellExView (HKLM\...\NirSoft ShellExView) (Version: - )
Nitro Pro (HKLM\...\{94E40F4E-D482-499D-9239-D70AE64E9618}) (Version: 13.2.3.26 - Nitro)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
PicPick (HKLM\...\PicPick) (Version: 5.0.7 - NGWIN)
Platform (HKLM\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.40 - VIA Technologies, Inc.) Hidden
Point Position 1.0 (HKLM\...\Point Position 1.0) (Version: 1.0 - Vasilios Applications)
PowerISO (HKLM\...\PowerISO) (Version: 6.3 - Power Software Ltd)
Presentation Assistant V3.0.1 (HKLM\...\Presentation Assistant_is1) (Version: - www.presentation-assistant.com)
Pushbullet version 338 (HKLM\...\{7578F204-49E7-4830-B051-14C23F408BFE}_is1) (Version: 338 - Pushbullet Inc)
Readiris 17 (HKLM\...\{8ACAE85F-B250-4543-9AD8-734474B3BA20}) (Version: 17.01.11945 - I.R.I.S.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealUpgrade 1.1 (HKLM\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recover My Files (HKLM\...\Recover My Files v5_is1) (Version: 5.2.1.1964 - GetData Pty Ltd)
Registrar Registry Manager 8.60 (HKLM\...\Registrar32_is1) (Version: - Resplendence Software Projects Sp.)
Revo Uninstaller Pro 4.2.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.2.0 - VS Revo Group, Ltd.)
Screenpresso (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Screenpresso) (Version: 1.7.0.0 - Learnpulse)
Security Task Manager 2.3c (HKLM\...\Security Task Manager) (Version: 2.3c - Neuber Software)
Skype version 8.55 (HKLM\...\Skype_is1) (Version: 8.55 - Skype Technologies S.A.)
SMPlayer 19.10.0 (HKLM\...\SMPlayer) (Version: 19.10.0 - Ricardo Villalba)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Spotify (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Spotify) (Version: 1.1.16.522.g55a4b852 - Spotify AB)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
Spybot Anti-Beacon (HKLM\...\{419A7FCF-93E1-474D-BFE9-987CF3F90C88}_is1) (Version: 1.5 - Safer-Networking Ltd.)
Stellar Repair for Video (HKLM\...\Stellar Repair for Video_is1) (Version: 4.0.0.0 - Stellar Information Technology Pvt Ltd.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1038 - SUPERAntiSpyware.com)
Tame version 6.0d (remove only) (HKLM\...\Tame 6.0d) (Version: - )
TeamViewer (HKLM\...\TeamViewer) (Version: 15.0.8397 - TeamViewer)
Telegram Desktop version 1.9.3 (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.9.3 - Telegram FZ-LLC)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version: - Code Sector)
Text Monkey Lite (HKLM\...\Text Monkey Lite) (Version: - )
TreeSize V7.1.3 (HKLM\...\TreeSize_is1) (Version: 7.1.3 - JAM Software)
Ultra Video Joiner 6.4.1010 (HKLM\...\Ultra Video Joiner_is1) (Version: - Aone Software)
Ultra Video Splitter 6.4.1010 (HKLM\...\Ultra Video Splitter_is1) (Version: - Aone Software)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
UpdateService (HKLM\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
VC 9.0 Runtime (HKLM\...\{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}) (Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
vDosWP (HKLM\...\{49883946-559B-4FE0-866F-7674B9516A75}_is1) (Version: 2018.10.14 - wpdos.org)
VIA Platform Device Manager (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.40 - VIA Technologies, Inc.)
Viber (HKLM\...\{D65DDA75-2C0A-46BA-807D-127BD5638490}) (Version: 6.0.1.5 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\{acc83058-83b0-41e2-b372-266672a1af16}) (Version: 6.0.1.5 - Viber Media Inc.)
Video Downloader (HKLM\...\{8B6202FD-3790-4DD4-B343-51736F7FF4E5}) (Version: 1.2.0 - RealNetworks) Hidden
VideoProc (HKLM\...\VideoProc) (Version: 3.5 - Digiarty, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VSDC Free Video Editor version 6.3.6.17 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.3.6.17 - Flash-Integro LLC)
VSO ConvertXToDVD (HKLM\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.3.0.40 - VSO Software)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Winaero Tweaker (HKLM\...\Winaero Tweaker_is1) (Version: 0.16.1.0 - Winaero)
WinAVI Video Converter (HKLM\...\WinAVI Video Converter) (Version: 11.5.1.4360 - ZJMedia Digital Technology Ltd.)
Windows 7 Games for Windows 10 and 8 (HKLM\...\Win7Games) (Version: 2.0 - hxxp://winaero.com)
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46 ) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152 ) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2 ) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Winja version 4.1.0 (HKLM\...\Winja_is1) (Version: 4.1.0 - Phrozen SAS)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 35.5.2017.8 - Ruiware)
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.80 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
WinX HD Video Converter Deluxe 5.15.5 (HKLM\...\WinX HD Video Converter Deluxe_is1) (Version: - Digiarty Software, Inc.)
WinX YouTube Downloader (HKLM\...\WinX YouTube Downloader) (Version: 5.2 - Digiarty, Inc.)
WinX YouTube Downloader 4.0.10 (HKLM\...\WinX YouTube Downloader_is1) (Version: - Digiarty Software, Inc.)
Wireless-G PCI Adapter (HKLM\...\{88742616-A6E9-4C7E-9665-B625799541FB}) (Version: - )
Wise Duplicate Finder 1.3.4.42 (HKLM\...\Wise Duplicate Finder_is1) (Version: 1.3.4.42 - lrepacks.ru)
WonderFox DVD Video Converter 18.0 (HKLM\...\WonderFox DVD Video Converter) (Version: 18.0 - WonderFox Soft, Inc.)
Wondershare AllMyTube(Build 7.4.5.0) (HKLM\...\AllMyTube_is1) (Version: 7.4.5.0 - Wondershare)
Wondershare Helper Compact 2.5.3 (HKLM\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
Xilisoft Video Converter Ultimate (HKLM\...\Xilisoft Video Converter Ultimate) (Version: 7.8.23.20180925 - Xilisoft)
Xperia Companion (HKLM\...\{5b7c1b25-5fb6-442c-a1b5-cb8dfc2267bf}) (Version: 2.8.3.0 - Sony)
Xperia Companion (HKLM\...\{66EABD35-6233-4926-9AB1-AB31CC6BC7D9}) (Version: 2.8.3.0 - Sony) Hidden
Xperia Companion Service (HKLM\...\{E41065E8-67E2-448F-940C-FF9D7C51E4E3}) (Version: 2.8.3.0 - Sony) Hidden
Xvid MPEG-4 Video Codec (HKLM\...\xvid) (Version: - Xvid Development Team)

Packages:
=========
IDM Integration Module -> C:\Program Files\WindowsApps\TonecInc.IDMIntegrationModule_6. 30.6.0_neutral__e7b5mm5d3r6v2 [2019-04-01] (Tonec Inc.)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_41.1788.5 0991.0_x86__8xx8rvfyw5nnt [2018-12-09] (Instagram)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_16005.11029.20108.0_x86__8wekyb3d8bbwe [2019-12-06] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 08.3.0_x86__8wekyb3d8bbwe [2019-12-06] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireColl ection_4.2.11280.0_x86__8wekyb3d8bbwe [2019-12-06] (Microsoft Studios) [MS Ad]
mysms - Text from Computer, Messaging -> C:\Program Files\WindowsApps\UptoElevenDigitalSolution.mysms-Textanywhere_3.2.0.0_x86__c9d6r4qvva5x8 [2019-12-22] (Up to Eleven Digital Solutions GmbH)
Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.9.49.0_ x86__43tkc6nmykmb6 [2019-12-24] (Ookla)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-198903158-1304534811-4163729061-1000_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Joe\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboa rder32.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-198903158-1304534811-4163729061-1000_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Joe\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.3 2.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-198903158-1304534811-4163729061-1000_Classes\CLSID\{DFA0CC7F-D36B-47D1-8EF5-415C1DA53F57}\InprocServer32 -> C:\Users\Joe\AppData\Local\Programs\EmEditor\emeds hl.dll (Emurasoft, Inc. -> Emurasoft, Inc.)
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2018-05-12] (Tonec Inc. -> Tonec Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => -> No File
ContextMenuHandlers1: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers1: [Tomabo.MP4Converter] -> [CC]{67A979E9-C5A6-4C0F-B0B7-FB516406FA9E} => -> No File
ContextMenuHandlers1: [Tomabo.MP4Player] -> [CC]{DA4F8B8B-91CF-43AD-BB0B-B52BF770DA3E} => -> No File
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {55D63393-DB17-4A2B-9052-15D85B4B1344} => -> No File
ContextMenuHandlers2: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-05] () [File not signed]
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => -> No File
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers4: [TeraCopy] -> [CC]{A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacmxx.dll [2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [Actual Window Manager] -> {CE577978-3FCA-430D-B0CE-D637788F9C5A} => C:\Program Files\Actual Window Manager\ActualWindowManagerShellExtension.dll [2019-05-15] (Actual Tools (Mikhail Yurievich Tretyakov IP) -> Actual Tools)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-05] () [File not signed]
ContextMenuHandlers1_S-1-5-21-198903158-1304534811-4163729061-1000: [EmEditor] -> {DFA0CC7F-D36B-47D1-8EF5-415C1DA53F57} => C:\Users\Joe\AppData\Local\Programs\EmEditor\emeds hl.dll [2019-07-30] (Emurasoft, Inc. -> Emurasoft, Inc.)
ContextMenuHandlers2_S-1-5-21-198903158-1304534811-4163729061-1000: [EmEditor] -> [CC]{DFA0CC7F-D36B-47D1-8EF5-415C1DA53F57} => -> No File

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.divxa32] => C:\WINDOWS\system32\msaud32_divx.acm [186368 2003-02-03] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.MPG4] => C:\WINDOWS\system32\mpg4c32.dll [413760 2001-01-07] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.MP42] => C:\WINDOWS\system32\mpg4c32.dll [413760 2001-01-07] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.MP43] => C:\WINDOWS\system32\mpg4c32.dll [413760 2001-01-07] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.voxacm160] => C:\WINDOWS\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\WINDOWS\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\WINDOWS\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lame] => C:\WINDOWS\system32\lame.ax [245760 2005-08-01] () [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [vidc.XVID] => C:\WINDOWS\system32\xvidvfw.dll [236544 2011-12-19] () [File not signed]
HKLM\...\Drivers32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Joe\Desktop\Clear Quicklaunch.lnk -> C:\Data\Batch Files\DOS or CMD\Clear_Q.L.bat ()
Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\autohotkey.lnk -> C:\Data\Batch Files\Autohotkey\autohotkey.bat ()
Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\Cleanup.lnk -> C:\Data\Batch Files\DOS or CMD\Cleanup.bat ()
Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\Firefox Preloader.lnk -> C:\Program Files\FirefoxPreloader\FirefoxPreloader.exe (6XGate Incorporated)
Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\AWMClipboard.lnk -> C:\Data\Batch Files\Macro Express\Clipboard_AWM.bat ()
Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\close & copy ADC.lnk -> C:\Data\Batch Files\Copy Data\Autohotkey\close & copy ADC.bat ()
Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Greenshot.lnk -> C:\Data\Batch Files\Macro Express\Greenshot.bat ()
Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\KillGreenshot.lnk -> C:\Data\Batch Files\DOS or CMD\KillGreenshot.bat ()
Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MultiLaunch.lnk -> C:\Data\Batch Files\DOS or CMD\MultiLaunch.bat ()
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Creating an internet shortcut fails _.._.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=djcnpbhjfgpighcllplapphngaaockbd
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\draw.io Desktop.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=pebppomjfocnoigkeepgbmcifnnlndla
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Gmail (1).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kmhopmchchfpfdcdjodmpfaaphdclmlj
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kmhopmchchfpfdcdjodmpfaaphdclmlj
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Google Hangouts.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Hangouts (1).lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=deigijodonbmdapahgkdjljmcngipaab
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Hangouts.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=deigijodonbmdapahgkdjljmcngipaab
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\MightyTextTest.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=andmpiilbgodiefijhcneadhegcolaoe
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Pushbullet Settings.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jinnpgkhgbkooiphbamlonfpcedokdah
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\SendLeap.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=phnjmiobjppgfeicepedmfnpjjmfjlha
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\sydney time.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=dahalpfpibpddfpdcfgmpjelnldolich
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Telegram.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=clhhggbfdinjmjhajaheehoeibfljjno
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Todoist for Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=bgjohebimpjdhhocbknplfelpmdhifhd
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=adnlfjpnmidfimlkaohpidplnoimahfh
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\fd4d8e7501576f3f\Pushb ullet.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=chlffgpmiacpedhhbkiomidkjlcfhogd
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Googl e Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Comms\Hangouts.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Comms\SendLeap.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=phnjmiobjppgfeicepedmfnpjjmfjlha
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ Rare\MightyText Test.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=andmpiilbgodiefijhcneadhegcolaoe

==================== Loaded Modules (Whitelisted) =============

2020-01-06 06:13 - 2020-01-06 06:13 - 000379904 _____ () [File not signed] \\?\C:\Users\Joe\AppData\Local\Temp\BD93.tmp.node
2020-01-06 06:13 - 2020-01-06 06:13 - 000379904 _____ () [File not signed] \\?\C:\Users\Joe\AppData\Local\Temp\C6E9.tmp.node
2017-12-03 09:37 - 2017-10-16 01:21 - 003420672 _____ () [File not signed] C:\Program Files\Kleptomania\TextractSmart.dll
2017-01-02 17:19 - 2016-09-19 12:08 - 000622080 _____ () [File not signed] C:\Program Files\NetWorx\sqlite.dll
2012-01-10 08:22 - 2011-11-23 15:59 - 000035840 _____ () [File not signed] C:\Program Files\XemiComputers\Active Desktop Calendar\MouseHook.dll
2019-07-09 12:21 - 2019-07-09 12:21 - 001702400 _____ () [File not signed] C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\ffmpeg.dll
2019-07-09 12:21 - 2019-07-09 12:21 - 000015872 _____ () [File not signed] C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\libegl.dll
2019-07-09 12:21 - 2019-07-09 12:21 - 002517504 _____ () [File not signed] C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\libglesv2.dll
2016-07-29 13:05 - 2005-01-19 13:15 - 000028672 _____ (6XGate Systems, Inc.) [File not signed] C:\WINDOWS\SYSTEM32\regclass.dll
2019-08-01 17:55 - 2016-11-15 18:30 - 000122880 _____ (Allavsoft Corporation) [File not signed] C:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.17.7.7150\BVDFirefoxExt\com ponents\BVDFirefoxPlugin.dll
2019-03-14 17:44 - 2018-04-28 11:09 - 000580096 _____ (Helmut Buhler) [File not signed] C:\Program Files\Windows Sidebar\dwmapi.dll
2019-12-06 01:26 - 2019-12-06 01:26 - 000065536 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.openmp_1fc8b3 b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vc omp.dll
2019-07-09 12:21 - 2019-07-09 12:21 - 014393344 _____ (Node.js) [File not signed] C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\node.dll
2016-02-13 03:17 - 2016-02-13 03:17 - 001170944 _____ (TameDOS) [File not signed] C:\WINDOWS\System32\TameVdd.Dll
2009-04-14 09:14 - 2009-04-14 09:14 - 001527808 _____ (TrueSoft) [File not signed] C:\Program Files\FreeLaunchBar\flb.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\garmin.com -> hxxps://my.garmin.com
IE trusted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\123simsen.com -> www.123simsen.com

There are 7945 more sites.


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 13:04 - 2019-11-21 09:45 - 000455737 ____R C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
Reply With Quote
  #19  
Old January 6th, 2020, 03:47 AM
sebastian42 sebastian42 is offline
Senior Member
  
Join Date: May 2007
Posts: 125
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01-01-2020
Ran by Joe (06-01-2020 06:29:49)
Running from C:\Program Files\Farbar
Microsoft Windows 10 Pro Version 1909 18363.535 (X86) (2019-12-05 14:47:55)
Boot Mode: Normal
================================================== ========


==================== Accounts: =============================

Administrator (S-1-5-21-198903158-1304534811-4163729061-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-198903158-1304534811-4163729061-503 - Limited - Disabled)
Guest (S-1-5-21-198903158-1304534811-4163729061-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-198903158-1304534811-4163729061-1002 - Limited - Enabled)
Joe (S-1-5-21-198903158-1304534811-4163729061-1000 - Administrator - Enabled) => C:\Users\Joe
WDAGUtilityAccount (S-1-5-21-198903158-1304534811-4163729061-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM\...\uTorrent) (Version: 2.2.1 - )
4K Video Downloader 4.9 (HKLM\...\{5AD5FB20-5563-4551-B6EC-9716E5F4AA8C}) (Version: 4.9.0.3032 - Open Media LLC)
8GadgetPack (HKLM\...\{A6ED7695-0EDF-47C6-BD79-669FA92C6E78}) (Version: 26.0.0 - 8GadgetPack.net)
Active Desktop Calendar 7.96 (HKLM\...\Active Desktop Calendar_is1) (Version: - XemiComputers)
Actual Window Manager 8.14 (HKLM\...\Actual Windows Manager_is1) (Version: 8.14 - Actual Tools)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.303 - Adobe)
Aidfile recovery software professional version 3.6.6.0 (HKLM\...\{456B239A-C1E0-4178-810E-8E8F09B06877}_is1) (Version: 3.6.6.0 - Mitusoft, Inc.)
********* HD Video Converter 8.1.18 (HKLM\...\{3039577D-975E-42fc-89FC-2F1FF42F3FCA}_is1) (Version: 8.1.18 - ********* Studio)
********* MP4 Video Converter 8.1.10 (HKLM\...\{75CE1C3D-5B84-4e3b-BC17-246607907E6B}_is1) (Version: 8.1.10 - ********* Studio)
********* Total Media Converter 6.2.86 (HKLM\...\{42087B24-ECD8-41d2-8053-E6EB99E5083F}_is1) (Version: 6.2.86 - ********* Studio)
********* Total Video Converter 9.2.28 (HKLM\...\********* Total Video Converter_is1) (Version: 9.2.28 - ********* Studio)
********* Video Converter Ultimate 9.2.38 (HKLM\...\{BD446D04-7426-4a27-9B0B-33B0C386F71B}_is1) (Version: 9.2.38 - ********* Studio)
********* Video Converter Ultimate 9.2.62 (HKLM\...\********* Video Converter Ultimate_is1) (Version: 9.2.62 - lrepacks.ru)
Akamai NetSession Interface (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Allavsoft 3.17.7.7150 (HKLM\...\{6EBED4D8-13D9-4270-8D44-B57DDB7A787C}_is1) (Version: - Allavsoft Corporation)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMP Calendar (HKLM\...\AMP Calendar) (Version: - )
Annotator version 2.0.0.12 (HKLM\...\{A6ACFC1B-361C-430B-94DA-51467B7D6E7E}_is1) (Version: 2.0.0.12 - IPEVO)
ANT Drivers Installer x86 (HKLM\...\{41C1CDFA-BD68-480E-819C-A06112DA457B}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ANT Drivers Installer x86 (HKLM\...\{D8E7F472-86F6-4E62-AAFB-283D238FEED0}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Any Video Converter Professional 6.2.9 (HKLM\...\Any Video Converter Professional_is1) (Version: - Any-Video-Converter.com)
AnyMP4 MP4 Converter 7.2.8 (HKLM\...\{116DCE20-DA28-44fb-9C04-DDE2AD05AC8C}_is1) (Version: 7.2.8 - AnyMP4 Studio)
AOMEI Backupper Professional (HKLM\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: - AOMEI Technology Co., Ltd.)
AOMEI Partition Assistant 8.6 (HKLM\...\{04F850ED-FD0F-4ED1-AE1B-4498165BF3D2}_is1) (Version: - AOMEI Technology Co., Ltd.)
Apowersoft Video Converter Studio V4.8.3 (HKLM\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 4.8.3 - APOWERSOFT LIMITED)
AutoHotkey 1.1.30.03 (HKLM\...\AutoHotkey) (Version: 1.1.30.03 - Lexikos)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
AVS Video Converter 12.0.2 (HKLM\...\AVS4YOU Video Converter 7_is1) (Version: 12.0.2.652 - Online Media Technologies Ltd.)
Belarc Advisor 9.0 (HKLM\...\Belarc Advisor) (Version: 9.0.0.0 - Belarc Inc.)
Bigasoft Video Downloader Pro 3.17.9.7200 (HKLM\...\{C7056BA6-D954-43A2-ABBA-AB2E8E777730}_is1) (Version: - Bigasoft Corporation)
Boilsoft Video Joiner 6.57 (HKLM\...\{FD39EF4B-0B5C-4B33-8D57-2EE865A80EB1}_is1) (Version: - Boilsoft, Inc.)
Boilsoft Video Splitter 6.33 (HKLM\...\{24549038-9956-4EE5-976D-4419AAEA7DD5}_is1) (Version: - Boilsoft, Inc.)
Brother HL-2040 (HKLM\...\{AF5BED47-32A2-4FAE-9706-8F0E0462E838}) (Version: 1.00 - Brother)
CapsLord 1.0 (remove only) (HKLM\...\CapsLord) (Version: - )
Casper 8.0 (HKLM\...\{6A58EB2E-5883-4515-910D-699C4396797B}) (Version: 8.0.4422 - Future Systems Solutions, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Clipboard Magic version 5.05 (HKLM\...\Clipboard Magic_is1) (Version: 5.05 - CyberMatrix Corporation, Inc.)
CloseAll (HKLM\...\CloseAll) (Version: 2.0 - NTWind Software)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
ConvertHelper 3.2 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
CPUID CPU-Z 1.90 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.90 - CPUID, Inc.)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
EaseUS Partition Master 13.0 Trial Edition (HKLM\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS)
EasiestSoft Video Converter 3.3.1 (HKLM\...\{62540757-EAF0-B027-F7F8-CD5A8A0DC9BA}_is1) (Version: 3.3.1 - EasiestSoft International LLC.)
Eassos PartitionGuru 4.9.5 (HKLM\...\{FC4FF5F4-2265-4E18-8BBC-12CBA9794388}_is1) (Version: - Eassos Co., Ltd.)
Easy Video Splitter 1.28 (HKLM\...\Easy Video Splitter_is1) (Version: - DoEasier Tech Inc)
Elevated Installer (HKLM\...\{D65F0A69-836E-419F-B817-A82A1A0B04A3}) (Version: 6.17.0.0 - Garmin Ltd or its subsidiaries) Hidden
EmEditor (32-bit) (HKLM\...\{87E57ED7-E591-4DFD-8FD5-0F253EF425B3}) (Version: 19.0.0 - Emurasoft, Inc.)
EmEditor Help (English) (HKLM\...\{613A955D-A807-4489-B423-1CEDE0676739}) (Version: 15.7.1 - Emurasoft, Inc.)
Epic Pen version v3.6.0.0 (HKLM\...\Epic Pen_is1) (Version: v3.6.0.0 - TANK Studios)
Evaer Video Recorder for Skype 1.6.5.11 (HKLM\...\Evaer Video Recorder for Skype) (Version: 1.6.5.11 - Evaer Technology)
Faasoft Video Converter 5.2.24.5621 (HKLM\...\{C6FE6897-0A65-4474-8EF7-E7AF11F8F239}_is1) (Version: - Faasoft Corporation)
FileSeek 6.2.1 (32-bit) (HKLM\...\44953928-E730-4e8c-A2B2-3A85BC96A3D0_is1) (Version: 6.2.1.0 - Binary Fortress Software)
Firefox Preloader (HKLM\...\Firefox Preloader_is1) (Version: 1.0.366.0 - 6XGate Incorporated)
Folder Size Explorer (HKLM\...\{7C3E7EA4-DCEC-4E49-8459-B6F15DBD9795}) (Version: 1.7.1 - Bazwise)
FormatFactory 4.8.0.0 (HKLM\...\FormatFactory) (Version: 4.8.0.0 - Free Time)
FotoTagger 2.13.0.1 (HKLM\...\FotoTagger) (Version: 2.13.0.1 - Cogitum)
Free Launch Bar (HKLM\...\{1574CBD4-1656-420c-B553-E16F01E74C0F}) (Version: 2.0 - Tordex)
Free M4a to MP3 Converter 9.7 (HKLM\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Free MPG Player (HKLM\...\{254E7ACE-402F-4CA4-951F-9C5F0B00AF1A}) (Version: 1.0.0 - Free MPG Player)
Free Video Flip and Rotate version 2.1.6.128 (HKLM\...\Free Video Flip and Rotate_is1) (Version: 2.1.6.128 - DVDVideoSoft Ltd.)
Free Video Joiner (HKLM\...\{14FA6DD9-92ED-493D-A937-81A78870E08A}_is1) (Version: - FreeVideoJoiner.com)
Free WebM to MP3 Converter (32-bit) 1.2 (HKLM\...\{E359DE7A-892A-4E9F-B2D6-7487C4AA7FB6}_is1) (Version: 1.2 - Jacek Pazera)
Freemake Video Converter version 4.1.10 (HKLM\...\Freemake Video Converter_is1) (Version: 4.1.10 - Mixbyte Inc.)
Freemake Video Downloader (HKLM\...\Freemake Video Downloader_is1) (Version: 3.8.3 - Ellora Assets Corporation)
Garmin City Navigator Aus and NZ NT 2017.20 (HKLM\...\{3E711870-B474-4277-AE21-481DEAD361B3}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin City Navigator Australia And New Zealand NT 2012.40 Update (HKLM\...\{5E34337E-9BE4-4D72-9C61-77769BD72855}) (Version: 12.40.0.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM\...\{4A1D1574-78D4-48E5-A587-84392EEA5C8A}) (Version: 6.17.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM\...\{624907e5-2ad8-4617-a97f-9e051f9179dd}) (Version: 6.17.0.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{E31435FE-F0B7-4A62-BE46-BD166A1EEFFB}) (Version: 2.3.1.1 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM\...\{5EF98E1C-3912-40EA-A8C1-25772D9F1762}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries) Hidden
Garmin WebUpdater (HKLM\...\{f1c8f03d-88bd-432d-80d1-782d4fac96b2}) (Version: 2.5.7 - Garmin Ltd or its subsidiaries)
Glary Utilities PRO 5.134 (HKLM\...\Glary Utilities 5) (Version: 5.134.0.160 - Glarysoft Ltd)
GOM Player (HKLM\...\GOM Player) (Version: 2.3.42.5304 - GOM & Company)
Google Chrome (HKLM\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Earth Pro (HKLM\...\{9D524A1E-F2FC-444D-B12A-7592CEB56EB5}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
HandBrake 1.0.7 (HKLM\...\HandBrake) (Version: 1.0.7 - )
Hard Disk Sentinel PRO (HKLM\...\Hard Disk Sentinel_is1) (Version: 5.40 - Janos Mathe)
HD Video Converter Factory Pro 17.1 (HKLM\...\HD Video Converter Factory Pro_is1) (Version: 17.1 - lrepacks.ru)
HD Video Converter Factory Pro 18.6 (HKLM\...\HD Video Converter Factory Pro) (Version: 18.6 - WonderFox Soft, Inc.)
Helium Audio Joiner (build 331) (HKLM\...\{1C7BCE67-6479-4D56-AD92-E50479028171}_is1) (Version: 1.9.0.331 - Imploded Software)
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.16.310 - SurfRight B.V.)
Ico Converter 1.3 (HKLM\...\IcoConverter) (Version: - Tomatosoft)
ICQ (version 10.0.12417) (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\icq.desktop) (Version: 10.0.12417 - ICQ)
iDealshare VideoGo 7.0.4.6443 (HKLM\...\{CC4C06C4-7C78-4AAB-B5AF-33FB11CCD860}_is1) (Version: - iDealshare Corporation)
ImTOO MP4 to MP3 Converter 6 (HKLM\...\ImTOO MP4 to MP3 Converter 6) (Version: 6.8.0.1101 - ImTOO)
Ink2Go (HKLM\...\{6F884302-FE97-4024-ADE3-6415E0F3D372}) (Version: 1.6.0 - EyePower Games)
Internet Download Manager (HKLM\...\Internet Download Manager) (Version: 6.32.8 - Tonek Inc.)
IrfanView 4.53 (32-bit) (HKLM\...\IrfanView) (Version: 4.53 - Irfan Skiljan)
iSkysoft Helper Compact 2.5.2 (HKLM\...\{9BF12010-8799-41A5-A671-E9CFDE9E79F3}_is1) (Version: 2.5.2 - iSkysoft)
iSkysoft Video Converter Ultimate(Build 11.5.0.24) (HKLM\...\iSkysoft Video Converter Ultimate_is1) (Version: 11.5.0.24 - iSkysoft Software)
ISO2Disc 1.10 (HKLM\...\ISO2Disc_is1) (Version: - Top Password Software, Inc.)
JPG to PDF Converter 1.1 (HKLM\...\JPG to PDF Converter) (Version: 1.1 - )
Junk Mail filter update (HKLM\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kleptomania version 5.0 (HKLM\...\{59C08933-1E83-4A8B-A2A9-FD895CFCC95D}_is1) (Version: 5.0 - StructuRise)
K-Lite Codec Pack 15.3.2 Basic (HKLM\...\KLiteCodecPack_is1) (Version: 15.3.2 - KLCP)
KMPlayer (HKLM\...\The KMPlayer) (Version: 4.2.2.35 - *******TV)
Linksys Wireless-G PCI Adapter Driver - WMP54Gv4.1 (HKLM\...\{4DDC3BED-CC68-44AA-B435-D727B620CA5B}) (Version: 1.0 - Linksys, A Division of Cisco Systems, Inc.)
Macro Express Pro (HKLM\...\Macro Express Pro) (Version: 4.3.0.1 - Insight Software Solutions, Inc.)
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
MediaHuman Audio Converter version 1.9.6.6 (HKLM\...\MHAudioConverter_is1) (Version: 1.9.6.6 - MediaHuman)
MediaInfo 18.12 (HKLM\...\MediaInfo) (Version: 18.12 - MediaArea.net)
Messenger for Desktop (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\{4e2a4302-5df4-5868-a685-36c844414384}) (Version: 3.0.14 - MFD LABS LTD)
Messenger for Desktop (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\4e2a4302-5df4-5868-a685-36c844414384) (Version: 3.0.8 - MFD LABS LTD)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM\...\{C6DB958A-50CC-481B-9ED8-3BAD236F7B49}) (Version: 7601 - Microsoft)
Microsoft Works 6-9 Converter (HKLM\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
MightyText (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\MightyText) (Version: 4.3.0 - MightyText)
MKV to MP3 Converter 5.0.1 (HKLM\...\MKV to MP3 Converter) (Version: 5.0.1 - FreeStar)
Movavi Video Converter 20 Premium (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Movavi Video Converter 20 Premium) (Version: 20.0.0 - Movavi)
Movie Maker (HKLM\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 50.0 (x86 en-US) (HKLM\...\Mozilla Firefox 50.0 (x86 en-US)) (Version: 50.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 50.0 - Mozilla)
Mp3tag v2.99a (HKLM\...\Mp3tag) (Version: 2.99a - Florian Heidenreich)
MP4 Downloader Pro 3 (HKLM\...\MP4 Downloader Pro_is1) (Version: - Tomabo)
MPC-HC 1.7.13 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.13 - MPC-HC Team)
NetWorx 5.5.5 (HKLM\...\NetWorx_is1) (Version: - Softperfect)
NirSoft RegScanner (HKLM\...\NirSoft RegScanner) (Version: - )
NirSoft ShellExView (HKLM\...\NirSoft ShellExView) (Version: - )
Nitro Pro (HKLM\...\{94E40F4E-D482-499D-9239-D70AE64E9618}) (Version: 13.2.3.26 - Nitro)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
PicPick (HKLM\...\PicPick) (Version: 5.0.7 - NGWIN)
Platform (HKLM\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.40 - VIA Technologies, Inc.) Hidden
Point Position 1.0 (HKLM\...\Point Position 1.0) (Version: 1.0 - Vasilios Applications)
PowerISO (HKLM\...\PowerISO) (Version: 6.3 - Power Software Ltd)
Presentation Assistant V3.0.1 (HKLM\...\Presentation Assistant_is1) (Version: - www.presentation-assistant.com)
Pushbullet version 338 (HKLM\...\{7578F204-49E7-4830-B051-14C23F408BFE}_is1) (Version: 338 - Pushbullet Inc)
Readiris 17 (HKLM\...\{8ACAE85F-B250-4543-9AD8-734474B3BA20}) (Version: 17.01.11945 - I.R.I.S.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealUpgrade 1.1 (HKLM\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recover My Files (HKLM\...\Recover My Files v5_is1) (Version: 5.2.1.1964 - GetData Pty Ltd)
Registrar Registry Manager 8.60 (HKLM\...\Registrar32_is1) (Version: - Resplendence Software Projects Sp.)
Revo Uninstaller Pro 4.2.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.2.0 - VS Revo Group, Ltd.)
Screenpresso (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Screenpresso) (Version: 1.7.0.0 - Learnpulse)
Security Task Manager 2.3c (HKLM\...\Security Task Manager) (Version: 2.3c - Neuber Software)
Skype version 8.55 (HKLM\...\Skype_is1) (Version: 8.55 - Skype Technologies S.A.)
SMPlayer 19.10.0 (HKLM\...\SMPlayer) (Version: 19.10.0 - Ricardo Villalba)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Spotify (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Spotify) (Version: 1.1.16.522.g55a4b852 - Spotify AB)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
Spybot Anti-Beacon (HKLM\...\{419A7FCF-93E1-474D-BFE9-987CF3F90C88}_is1) (Version: 1.5 - Safer-Networking Ltd.)
Stellar Repair for Video (HKLM\...\Stellar Repair for Video_is1) (Version: 4.0.0.0 - Stellar Information Technology Pvt Ltd.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1038 - SUPERAntiSpyware.com)
Tame version 6.0d (remove only) (HKLM\...\Tame 6.0d) (Version: - )
TeamViewer (HKLM\...\TeamViewer) (Version: 15.0.8397 - TeamViewer)
Telegram Desktop version 1.9.3 (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.9.3 - Telegram FZ-LLC)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version: - Code Sector)
Text Monkey Lite (HKLM\...\Text Monkey Lite) (Version: - )
TreeSize V7.1.3 (HKLM\...\TreeSize_is1) (Version: 7.1.3 - JAM Software)
Ultra Video Joiner 6.4.1010 (HKLM\...\Ultra Video Joiner_is1) (Version: - Aone Software)
Ultra Video Splitter 6.4.1010 (HKLM\...\Ultra Video Splitter_is1) (Version: - Aone Software)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
UpdateService (HKLM\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
VC 9.0 Runtime (HKLM\...\{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}) (Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
vDosWP (HKLM\...\{49883946-559B-4FE0-866F-7674B9516A75}_is1) (Version: 2018.10.14 - wpdos.org)
VIA Platform Device Manager (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.40 - VIA Technologies, Inc.)
Viber (HKLM\...\{D65DDA75-2C0A-46BA-807D-127BD5638490}) (Version: 6.0.1.5 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\{acc83058-83b0-41e2-b372-266672a1af16}) (Version: 6.0.1.5 - Viber Media Inc.)
Video Downloader (HKLM\...\{8B6202FD-3790-4DD4-B343-51736F7FF4E5}) (Version: 1.2.0 - RealNetworks) Hidden
VideoProc (HKLM\...\VideoProc) (Version: 3.5 - Digiarty, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VSDC Free Video Editor version 6.3.6.17 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.3.6.17 - Flash-Integro LLC)
VSO ConvertXToDVD (HKLM\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.3.0.40 - VSO Software)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Winaero Tweaker (HKLM\...\Winaero Tweaker_is1) (Version: 0.16.1.0 - Winaero)
WinAVI Video Converter (HKLM\...\WinAVI Video Converter) (Version: 11.5.1.4360 - ZJMedia Digital Technology Ltd.)
Windows 7 Games for Windows 10 and 8 (HKLM\...\Win7Games) (Version: 2.0 - hxxp://winaero.com)
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46 ) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152 ) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2 ) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Winja version 4.1.0 (HKLM\...\Winja_is1) (Version: 4.1.0 - Phrozen SAS)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 35.5.2017.8 - Ruiware)
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.80 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
WinX HD Video Converter Deluxe 5.15.5 (HKLM\...\WinX HD Video Converter Deluxe_is1) (Version: - Digiarty Software, Inc.)
WinX YouTube Downloader (HKLM\...\WinX YouTube Downloader) (Version: 5.2 - Digiarty, Inc.)
WinX YouTube Downloader 4.0.10 (HKLM\...\WinX YouTube Downloader_is1) (Version: - Digiarty Software, Inc.)
Wireless-G PCI Adapter (HKLM\...\{88742616-A6E9-4C7E-9665-B625799541FB}) (Version: - )
Wise Duplicate Finder 1.3.4.42 (HKLM\...\Wise Duplicate Finder_is1) (Version: 1.3.4.42 - lrepacks.ru)
WonderFox DVD Video Converter 18.0 (HKLM\...\WonderFox DVD Video Converter) (Version: 18.0 - WonderFox Soft, Inc.)
Wondershare AllMyTube(Build 7.4.5.0) (HKLM\...\AllMyTube_is1) (Version: 7.4.5.0 - Wondershare)
Wondershare Helper Compact 2.5.3 (HKLM\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
Xilisoft Video Converter Ultimate (HKLM\...\Xilisoft Video Converter Ultimate) (Version: 7.8.23.20180925 - Xilisoft)
Xperia Companion (HKLM\...\{5b7c1b25-5fb6-442c-a1b5-cb8dfc2267bf}) (Version: 2.8.3.0 - Sony)
Xperia Companion (HKLM\...\{66EABD35-6233-4926-9AB1-AB31CC6BC7D9}) (Version: 2.8.3.0 - Sony) Hidden
Xperia Companion Service (HKLM\...\{E41065E8-67E2-448F-940C-FF9D7C51E4E3}) (Version: 2.8.3.0 - Sony) Hidden
Xvid MPEG-4 Video Codec (HKLM\...\xvid) (Version: - Xvid Development Team)

Packages:
=========
IDM Integration Module -> C:\Program Files\WindowsApps\TonecInc.IDMIntegrationModule_6. 30.6.0_neutral__e7b5mm5d3r6v2 [2019-04-01] (Tonec Inc.)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_41.1788.5 0991.0_x86__8xx8rvfyw5nnt [2018-12-09] (Instagram)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsa pps_16005.11029.20108.0_x86__8wekyb3d8bbwe [2019-12-06] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.18 08.3.0_x86__8wekyb3d8bbwe [2019-12-06] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireColl ection_4.2.11280.0_x86__8wekyb3d8bbwe [2019-12-06] (Microsoft Studios) [MS Ad]
mysms - Text from Computer, Messaging -> C:\Program Files\WindowsApps\UptoElevenDigitalSolution.mysms-Textanywhere_3.2.0.0_x86__c9d6r4qvva5x8 [2019-12-22] (Up to Eleven Digital Solutions GmbH)
Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.9.49.0_ x86__43tkc6nmykmb6 [2019-12-24] (Ookla)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-198903158-1304534811-4163729061-1000_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Joe\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboa rder32.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-198903158-1304534811-4163729061-1000_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Joe\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.3 2.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-198903158-1304534811-4163729061-1000_Classes\CLSID\{DFA0CC7F-D36B-47D1-8EF5-415C1DA53F57}\InprocServer32 -> C:\Users\Joe\AppData\Local\Programs\EmEditor\emeds hl.dll (Emurasoft, Inc. -> Emurasoft, Inc.)
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2018-05-12] (Tonec Inc. -> Tonec Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => -> No File
ContextMenuHandlers1: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers1: [Tomabo.MP4Converter] -> [CC]{67A979E9-C5A6-4C0F-B0B7-FB516406FA9E} => -> No File
ContextMenuHandlers1: [Tomabo.MP4Player] -> [CC]{DA4F8B8B-91CF-43AD-BB0B-B52BF770DA3E} => -> No File
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {55D63393-DB17-4A2B-9052-15D85B4B1344} => -> No File
ContextMenuHandlers2: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-05] () [File not signed]
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => -> No File
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers4: [TeraCopy] -> [CC]{A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacmxx.dll [2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [Actual Window Manager] -> {CE577978-3FCA-430D-B0CE-D637788F9C5A} => C:\Program Files\Actual Window Manager\ActualWindowManagerShellExtension.dll [2019-05-15] (Actual Tools (Mikhail Yurievich Tretyakov IP) -> Actual Tools)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-05] () [File not signed]
ContextMenuHandlers1_S-1-5-21-198903158-1304534811-4163729061-1000: [EmEditor] -> {DFA0CC7F-D36B-47D1-8EF5-415C1DA53F57} => C:\Users\Joe\AppData\Local\Programs\EmEditor\emeds hl.dll [2019-07-30] (Emurasoft, Inc. -> Emurasoft, Inc.)
ContextMenuHandlers2_S-1-5-21-198903158-1304534811-4163729061-1000: [EmEditor] -> [CC]{DFA0CC7F-D36B-47D1-8EF5-415C1DA53F57} => -> No File

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.divxa32] => C:\WINDOWS\system32\msaud32_divx.acm [186368 2003-02-03] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.MPG4] => C:\WINDOWS\system32\mpg4c32.dll [413760 2001-01-07] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.MP42] => C:\WINDOWS\system32\mpg4c32.dll [413760 2001-01-07] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.MP43] => C:\WINDOWS\system32\mpg4c32.dll [413760 2001-01-07] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.voxacm160] => C:\WINDOWS\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\WINDOWS\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\WINDOWS\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lame] => C:\WINDOWS\system32\lame.ax [245760 2005-08-01] () [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [vidc.XVID] => C:\WINDOWS\system32\xvidvfw.dll [236544 2011-12-19] () [File not signed]
HKLM\...\Drivers32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Joe\Desktop\Clear Quicklaunch.lnk -> C:\Data\Batch Files\DOS or CMD\Clear_Q.L.bat ()
Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\autohotkey.lnk -> C:\Data\Batch Files\Autohotkey\autohotkey.bat ()
Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\Cleanup.lnk -> C:\Data\Batch Files\DOS or CMD\Cleanup.bat ()
Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\Firefox Preloader.lnk -> C:\Program Files\FirefoxPreloader\FirefoxPreloader.exe (6XGate Incorporated)
Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\AWMClipboard.lnk -> C:\Data\Batch Files\Macro Express\Clipboard_AWM.bat ()
Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\close & copy ADC.lnk -> C:\Data\Batch Files\Copy Data\Autohotkey\close & copy ADC.bat ()
Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Greenshot.lnk -> C:\Data\Batch Files\Macro Express\Greenshot.bat ()
Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\KillGreenshot.lnk -> C:\Data\Batch Files\DOS or CMD\KillGreenshot.bat ()
Shortcut: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MultiLaunch.lnk -> C:\Data\Batch Files\DOS or CMD\MultiLaunch.bat ()
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Creating an internet shortcut fails _.._.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=djcnpbhjfgpighcllplapphngaaockbd
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\draw.io Desktop.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=pebppomjfocnoigkeepgbmcifnnlndla
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Gmail (1).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kmhopmchchfpfdcdjodmpfaaphdclmlj
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kmhopmchchfpfdcdjodmpfaaphdclmlj
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Google Hangouts.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Hangouts (1).lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=deigijodonbmdapahgkdjljmcngipaab
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Hangouts.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=deigijodonbmdapahgkdjljmcngipaab
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\MightyTextTest.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=andmpiilbgodiefijhcneadhegcolaoe
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Pushbullet Settings.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jinnpgkhgbkooiphbamlonfpcedokdah
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\SendLeap.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=phnjmiobjppgfeicepedmfnpjjmfjlha
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\sydney time.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=dahalpfpibpddfpdcfgmpjelnldolich
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Telegram.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=clhhggbfdinjmjhajaheehoeibfljjno
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\Todoist for Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=bgjohebimpjdhhocbknplfelpmdhifhd
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=adnlfjpnmidfimlkaohpidplnoimahfh
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\fd4d8e7501576f3f\Pushb ullet.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=chlffgpmiacpedhhbkiomidkjlcfhogd
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Googl e Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Comms\Hangouts.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Comms\SendLeap.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=phnjmiobjppgfeicepedmfnpjjmfjlha
ShortcutWithArgument: C:\Users\Joe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ Rare\MightyText Test.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=andmpiilbgodiefijhcneadhegcolaoe

==================== Loaded Modules (Whitelisted) =============

2020-01-06 06:13 - 2020-01-06 06:13 - 000379904 _____ () [File not signed] \\?\C:\Users\Joe\AppData\Local\Temp\BD93.tmp.node
2020-01-06 06:13 - 2020-01-06 06:13 - 000379904 _____ () [File not signed] \\?\C:\Users\Joe\AppData\Local\Temp\C6E9.tmp.node
2017-12-03 09:37 - 2017-10-16 01:21 - 003420672 _____ () [File not signed] C:\Program Files\Kleptomania\TextractSmart.dll
2017-01-02 17:19 - 2016-09-19 12:08 - 000622080 _____ () [File not signed] C:\Program Files\NetWorx\sqlite.dll
2012-01-10 08:22 - 2011-11-23 15:59 - 000035840 _____ () [File not signed] C:\Program Files\XemiComputers\Active Desktop Calendar\MouseHook.dll
2019-07-09 12:21 - 2019-07-09 12:21 - 001702400 _____ () [File not signed] C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\ffmpeg.dll
2019-07-09 12:21 - 2019-07-09 12:21 - 000015872 _____ () [File not signed] C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\libegl.dll
2019-07-09 12:21 - 2019-07-09 12:21 - 002517504 _____ () [File not signed] C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\libglesv2.dll
2016-07-29 13:05 - 2005-01-19 13:15 - 000028672 _____ (6XGate Systems, Inc.) [File not signed] C:\WINDOWS\SYSTEM32\regclass.dll
2019-08-01 17:55 - 2016-11-15 18:30 - 000122880 _____ (Allavsoft Corporation) [File not signed] C:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.17.7.7150\BVDFirefoxExt\com ponents\BVDFirefoxPlugin.dll
2019-03-14 17:44 - 2018-04-28 11:09 - 000580096 _____ (Helmut Buhler) [File not signed] C:\Program Files\Windows Sidebar\dwmapi.dll
2019-12-06 01:26 - 2019-12-06 01:26 - 000065536 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.openmp_1fc8b3 b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vc omp.dll
2019-07-09 12:21 - 2019-07-09 12:21 - 014393344 _____ (Node.js) [File not signed] C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\node.dll
2016-02-13 03:17 - 2016-02-13 03:17 - 001170944 _____ (TameDOS) [File not signed] C:\WINDOWS\System32\TameVdd.Dll
2009-04-14 09:14 - 2009-04-14 09:14 - 001527808 _____ (TrueSoft) [File not signed] C:\Program Files\FreeLaunchBar\flb.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\garmin.com -> hxxps://my.garmin.com
IE trusted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\123simsen.com -> www.123simsen.com

There are 7945 more sites.


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 13:04 - 2019-11-21 09:45 - 000455737 ____R C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
Reply With Quote
  #20  
Old January 6th, 2020, 03:54 AM
sebastian42 sebastian42 is offline
Senior Member
  
Join Date: May 2007
Posts: 125
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-01-2020
Ran by Joe (administrator) on DESKTOPTOWER (Gigabyte Technology Co., Ltd. X58A-UD5) (06-01-2020 06:28:40)
Running from C:\Program Files\Farbar
Loaded Profiles: Joe (Available Profiles: Joe & DefaultAppPool)
Platform: Microsoft Windows 10 Pro Version 1909 18363.535 (X86) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\AutoHotkey\AutoHotkey.exe
() [File not signed] C:\Program Files\Kleptomania\KMania.exe
(6XGate Incorporated) [File not signed] C:\Program Files\FirefoxPreloader\FirefoxPreloader.exe
(Actual Tools (Mikhail Yurievich Tretyakov IP) -> Actual Tools) C:\Program Files\Actual Window Manager\ActualWindowManagerCenter.exe
(Actual Tools (Mikhail Yurievich Tretyakov IP) -> Actual Tools) C:\Program Files\Actual Window Manager\ActualWindowManagerShellCenter.exe
(Actual Tools (Mikhail Yurievich Tretyakov IP) -> Actual Tools) C:\Program Files\Actual Window Manager\LogonScreenService.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(BitTorrent Inc -> BitTorrent, Inc.) C:\Program Files\uTorrent\uTorrent.exe
(CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.) C:\Program Files\AOMEI Backupper\ABService.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Update\1.3.35.422\GoogleCrashHandler. exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Live\Contacts\wlcomm.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Live\Mail\wlmail.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSv cHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSv cHost.exe
(Microsoft Corporation) [File not signed] C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\ntvdm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\snmp.exe
(Mixbyte Inc -> Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\Freem akeUtilsService.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Nitro PDF Software -> Nalpeiron Ltd.) C:\Windows\System32\NLSSRV32.EXE
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe
(Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Openphone Inc. -> MightyText) C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\MightyText.exe
(Openphone Inc. -> MightyText) C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\MightyText.exe
(Openphone Inc. -> MightyText) C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\MightyText.exe
(Openphone Inc. -> MightyText) C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\MightyText.exe
(Openphone Inc. -> MightyText) C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\MightyText.exe
(Openphone Inc. -> MightyText) C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\MightyText.exe
(Openphone Inc. -> MightyText) C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\MightyText.exe
(SOFTPERFECT PTY. LTD. -> SoftPerfect) C:\Program Files\NetWorx\networx.exe
(Sony Mobile Communications AB -> Sony) C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Telegram FZ-LLC -> Telegram FZ-LLC) C:\Users\Joe\AppData\Roaming\Telegram Desktop\Telegram.exe
(XemiComputers ltd.) [File not signed] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NetWorx] => C:\Program Files\NetWorx\networx.exe [5219656 2016-09-28] (SOFTPERFECT PTY. LTD. -> SoftPerfect)
HKLM\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1960248 2015-10-26] (Shenzhen Wondershare Information Technology Co., Ltd. -> )
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [232840 2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (Shenzhen Yi Xing Investment Co., Ltd. -> iSkySoft)
HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Run: [Active Desktop Calendar] => C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe [7608832 2011-11-23] (XemiComputers ltd.) [File not signed]
HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Run: [Kleptomania] => C:\Program Files\Kleptomania\KMania.exe [973312 2017-10-16] () [File not signed]
HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Run: [WinPatrol] => C:\Program Files\Ruiware\WinPatrol\winpatrol.exe [1223560 2017-05-08] (Ruiware, LLC -> Ruiware)
HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Run: [uTorrent] => C:\Program Files\uTorrent\uTorrent.exe [399736 2019-04-18] (BitTorrent Inc -> BitTorrent, Inc.)
HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Run: [com.squirrel.MightyText.MightyText] => C:\Users\Joe\AppData\Local\MightyText\app-4.3.0\MightyText.exe [56272456 2019-07-09] (Openphone Inc. -> MightyText)
HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [44024 2019-12-23] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Run: [GarminExpress] => C:\Program Files\Garmin\Express\express.exe [30871024 2019-08-21] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Run: [Actual Window Manager] => C:\Program Files\Actual Window Manager\ActualWindowManagerCenter.exe [2180352 2019-05-15] (Actual Tools (Mikhail Yurievich Tretyakov IP) -> Actual Tools)
HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [4038712 2019-03-20] (Tonec Inc.) [File not signed]
HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Policies\system: [DisableLockWorkstation] 1
HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Policies\Explorer: [NoCookiesForDCFMC] 81<0
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\79.0.3945.88\Insta ller\chrmstp.exe [2019-12-20] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\autohotkey.lnk [2019-01-19]
ShortcutTarget: autohotkey.lnk -> C:\Data\Batch Files\Autohotkey\autohotkey.bat () [File not signed]
Startup: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\Cleanup.lnk [2019-01-19]
ShortcutAndArgument: Cleanup.lnk -> C:\Data\Batch Files\DOS or CMD\Cleanup.bat =>
Startup: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\Firefox Preloader.lnk [2016-07-29]
ShortcutTarget: Firefox Preloader.lnk -> C:\Program Files\FirefoxPreloader\FirefoxPreloader.exe (6XGate Incorporated) [File not signed]
Startup: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\Sidebar500.lnk [2020-01-06]
ShortcutTarget: Sidebar500.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) [File not signed]
Startup: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\Telegram.lnk [2016-04-24]
ShortcutTarget: Telegram.lnk -> C:\Users\Joe\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
Startup: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup\WLM.lnk [2015-10-09]
ShortcutTarget: WLM.lnk -> C:\Program Files\Windows Live\Mail\wlmail.exe (Microsoft Corporation -> Microsoft Corporation)
BootExecute: autocheck autochk * les\Glary Utilities 5\data\gulr.dat
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {006E622B-6E41-4398-8D4E-FB6B7F93B7BF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpda teService.exe [335416 2019-12-14] (Adobe Inc. -> Adobe)
Task: {016125DD-943C-46FB-933D-E06926FC3960} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-15] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {023C9347-2476-4306-85F6-61A6D26B47CC} - System32\Tasks\{98BA06CC-6FD7-4F59-887B-4D383000A001} => C:\Windows\system32\pcalua.exe -a "C:\Users\Joe\Downloads\Utilities\PDF\Editor\F oxIt PDF Editor 2.0\FoxitEditor20_setup.exe" -d "C:\Users\Joe\Downloads\Utilities\PDF\Editor\F oxIt PDF Editor 2.0"
Task: {0F99FD47-2D75-4BB1-A3F4-C3207724203F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandco ntent -> No File <==== ATTENTION
Task: {1AA84EE5-ED74-4508-AB04-800F817C5524} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_ex e => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [1696976 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {223F6883-C780-495D-B9FF-51D91FAF956E} - \SidebarExecute -> No File <==== ATTENTION
Task: {24FA84A0-E087-48EC-BC51-2B9C4C815D78} - System32\Tasks\Microsoft\Windows\PerfTrack\Backgro undConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {28066BF8-59F1-43C9-9C89-1405B5915DA7} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3250056 2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {28384190-8375-4F91-AE91-CFEDEBAF6387} - System32\Tasks\Microsoft\Windows\SideShow\SessionA gent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {2A4BB477-D5D2-4159-A391-79CFC1D3D814} - System32\Tasks\{EB3B1F34-37CE-4AAC-9491-1B51A99EF057} => C:\Windows\system32\pcalua.exe -a "C:\Users\Joe\Downloads\Utilities\Voice & Video chat\GoogleVoiceAndVideoSetup.exe" -d "C:\Users\Joe\Downloads\Utilities\Voice & Video chat"
Task: {2A6AAE0A-529B-4CF7-82E1-51C962140A40} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-15] (Piriform Software Ltd -> Piriform Ltd)
Task: {2CE46AF6-52D6-4865-800C-F1EBA1BA51D3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - System32\Tasks\Microsoft\Windows\Shell\WindowsPare ntalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {41B4479B-CE79-4E00-88A6-5910895E7BFC} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [1696976 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {4819EA1D-C6B2-4A48-8554-E3257C37D1A6} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyb oardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2211024 2014-03-19] (Microsoft Corporation -> Microsoft)
Task: {48920FDE-4F57-4B1A-9581-2C84E84CF16B} - System32\Tasks\{79B648AB-D2C7-4CB6-B481-8750BB0C9223} => C:\Windows\system32\pcalua.exe -a "U:\Drivers\Brother Laser\SETUP.EXE" -d "U:\Drivers\Brother Laser"
Task: {495F7F3D-F249-42FF-AF62-5CEA8A3945EE} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin\InstallManagerApp.exe [9431240 2016-03-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {49735B1A-80CC-4353-8325-461135C141AC} - System32\Tasks\Microsoft\Windows\SideShow\SystemDa taProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {4D1B8669-469B-4A21-AE33-428EF5B56156} - System32\Tasks\{5D2BF198-67A0-47E7-8C5F-A3524EDD536B} => C:\Windows\system32\pcalua.exe -a "U:\Utilities\WP51+\Tame v6\tame60.exe" -d "U:\Utilities\WP51+\Tame v6"
Task: {549E1291-F375-4588-A43C-75FAF3831ECC} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {567898A3-E18B-4BA0-A82E-3DC699F351F5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {62798434-2842-41A5-922E-E479E405DC6B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {661F045A-1B72-4EA0-B1D5-DC8C21046604} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {66721EE1-1FB2-4949-A560-39C2A12A0248} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_ 0_0_303_Plugin.exe [1457720 2019-12-14] (Adobe Inc. -> Adobe)
Task: {69402868-C889-4D08-AE0B-CECF4D6AFD3F} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {80BA2A26-808F-4A36-99BF-6E00DF762174} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {895936EB-17D5-4A65-AD01-861BF8E4DCD3} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1106128 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {89B124C6-1DA4-4E0E-AF24-108FB673A9C0} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2019-08-21] (Garmin International, Inc. -> )
Task: {89C980E2-68AC-4FDE-B713-F7E7086CF301} - System32\Tasks\{1C8C8445-3AF3-4DD6-8C02-6694F42FDBE6} => C:\Windows\system32\pcalua.exe -a C:\Utilities\GTalk\GoogleVoiceAndVideoSetup.exe -d C:\Utilities\GTalk
Task: {8D1AB70C-325A-4323-97A3-E717D2E87FFC} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {8F919ED4-806D-4EE1-B4FA-F65D9D44C5ED} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1542536 2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {92DBC411-9B90-4298-9EFB-831154BE45E0} - System32\Tasks\{F5737DFE-F1CC-479D-8E20-6148EA378C88} => C:\Windows\system32\pcalua.exe -a "C:\Users\Joe\Downloads\Utilities\Security\Zon e Alarm\zaSuiteSetup_91_008_000_en.exe" -d "C:\Users\Joe\Downloads\Utilities\Security\Zon e Alarm"
Task: {944C24C5-EAF4-4661-A0D1-84CAFBF36D4A} - System32\Tasks\{63015BF2-084B-43A3-ADD2-5B422213AA20} => C:\Windows\system32\pcalua.exe -a C:\Users\Joe\Desktop\v6\WIN32\IE.EXE -d C:\Users\Joe\Desktop\v6\WIN32
Task: {94DD9B89-C8A6-4CFF-870B-1F5CBDB84971} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {A0BABFE1-F03C-4C2B-B95E-BCDA5FFC882E} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {A77A79C8-76B2-4FE2-9D78-ADFF1885DEED} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B47BF8F2-207F-414D-B278-3640571BDBD8} - System32\Tasks\Future Systems Solutions\Casper\Casper 8.0 Update Notification Task => C:\Program Files\Future Systems Solutions\Casper 8.0\CASPER.EXE [12154288 2014-04-30] (Future Systems Solutions, Inc. -> Future Systems Solutions, Inc.)
Task: {BE0D60AF-DB66-4573-894B-AC9389FA6F96} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
Task: {BFB5A266-26A0-43EF-A87C-D1E321ECCEB1} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {C29C0A7B-324D-47E4-BA07-FA6EF99D1262} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} C:\Program Files\Windows Live\SOXE\wlsoxe.dll [192704 2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3CBC979-B3E1-478B-BAA1-EC871F99A0D0} - System32\Tasks\Safer-Networking\Spybot Anti-Beacon\Refresh Anti-Beacon immunization => C:\Program Files\Spybot Anti-Beacon\SDAntiBeacon.exe [5584920 2015-10-19] (Safer-Networking Ltd. -> Safer-Networking Ltd.) [File not signed]
Task: {C44EB20B-C9B1-4DC4-8625-B83CE2CDE70C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {CBAC8618-106A-48BA-8EA8-FBA377BC7FEA} - System32\Tasks\GU5SkipUAC => C:\Program Files\Glary Utilities 5\Integrator.exe [916464 2019-12-23] (Glarysoft LTD -> Glarysoft Ltd)
Task: {CE030FC7-013B-490A-83E2-F9FFBD8D7D59} - System32\Tasks\{25E6CB6D-8992-43FF-9440-629929607D3D} => C:\Windows\system32\pcalua.exe -a "C:\Users\Joe\Desktop\Brother Driver\eng\inst\setup.exe" -d "C:\Users\Joe\Desktop\Brother Driver\eng\inst"
Task: {CFC16982-A32D-4423-89AF-7921ED8D3E74} - \FreeDownloadManagerNetworkMonitor -> No File <==== ATTENTION
Task: {D128094B-B79B-4F43-BEAA-AC5ECCE2DEF9} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgra deTime -> No File <==== ATTENTION
Task: {D4C73E75-416B-421A-838D-3E8BA54D2C43} - \Microsoft\Windows\Setup\EOONotify -> No File <==== ATTENTION
Task: {D5E9F6F6-1413-44E5-9AEA-F365EC9C04D9} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgra deReminderTime -> No File <==== ATTENTION
Task: {DCD08411-7FD4-4DF6-B2F8-61CEDEA01EE9} - System32\Tasks\Microsoft\Windows\SideShow\GadgetMa nager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {E79B2998-8F63-451A-A56D-26EDC0A5098A} - System32\Tasks\Microsoft\Windows\Shell\WindowsPare ntalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {EAA584A5-9C1E-4646-BD93-296671026395} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {EC546FC1-8235-4E97-8B77-D2F6E056B8E3} - System32\Tasks\{F45CE27F-5014-49C7-9C3D-D02C23C9DF8A} => "c:\program files\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/5.8.0.158/en/abandoninstall?source=lightinstaller&page=tsInstal l
Task: {EE4DCCBB-07C0-46BC-98D8-1D8C3D9DBEAD} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxcon fig-B -> No File <==== ATTENTION
Task: {F20713DE-957F-41A0-9DC0-D0FEBE841BA7} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1106128 2014-03-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {FC25CF3C-3BF5-4FE5-9477-651B844DADD1} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {FE923EC4-094C-45A0-9265-B2AD53E38FFD} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask .job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{281df617-1514-4e2d-b234-f44e08eb4905}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2ceeefcf-7eda-41d3-8549-f5e54f1884d9}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{56ffec6b-bffe-456f-87cc-70676a8d1a21}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{dc39b9eb-28f6-4f80-a95e-2737cb81f0d2}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{dc39b9eb-28f6-4f80-a95e-2737cb81f0d2}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-198903158-1304534811-4163729061-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2018-11-22] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)
BHO: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {FF2573AE-E1ED-40e1-83BA-F544CB2EE135} -> No File
DPF: {9732FB42-C321-11D1-836F-00A0C993F125} hxxp://www.pcpitstop.com/mhLbl.cab
Handler: AutorunsDisabled\belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2019-01-25] (Belarc, Inc. -> Belarc, Inc.)
Handler: AutorunsDisabled\wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2019-01-25] (Belarc, Inc. -> Belarc, Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File

FireFox:
========
FF DefaultProfile: rbclt173.default
FF ProfilePath: C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profi les\rbclt173.default [2020-01-06]
FF Extension: (Add-on Compatibility Reporter) - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profi les\rbclt173.default\Extensions\compatibility@addo ns.mozilla.org.xpi [2018-09-06] [Legacy]
FF Extension: (HTTPS Everywhere) - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profi les\rbclt173.default\Extensions\https-everywhere@eff.org.xpi [2019-11-13]
FF Extension: (Auto-Sort Bookmarks) - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profi les\rbclt173.default\Extensions\sortbookmarks@boua nto.xpi [2018-10-14] [Legacy]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profi les\rbclt173.default\Extensions\sp@avast.com.xpi [2019-10-03]
FF Extension: (uBlock Origin) - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profi les\rbclt173.default\Extensions\uBlock0@raymondhil l.net.xpi [2018-09-08] [Legacy]
FF Extension: (Avast Online Security) - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profi les\rbclt173.default\Extensions\wrc@avast.com.xpi [2019-12-31]
FF Extension: (Screengrab (fix version)) - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profi les\rbclt173.default\Extensions\{02450914-cdd9-410f-b1da-db004e18c671}.xpi [2018-09-06] [Legacy]
FF Extension: (Session Manager) - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profi les\rbclt173.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2018-09-06] [Legacy]
FF Extension: (Password Exporter) - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profi les\rbclt173.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2018-09-07] [Legacy]
FF Extension: (1M's Choice, LINER - Web / PDF Highlighter) - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profi les\rbclt173.default\Extensions\{b6dccbb2-f2bd-4a56-84b8-3432934a5905}.xpi [2020-01-03]
FF Extension: (Video DownloadHelper) - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profi les\rbclt173.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-05-30]
FF Extension: (MP4 Downloader Pro Extension) - C:\Program Files\Tomabo\MP4 Downloader Pro\MP4DP_FF.xpi [2016-07-26] [Legacy]
FF Extension: (Allavsoft Video Downloader Firefox Extension) - C:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.17.7.7150\BVDFirefoxExt [2019-08-01] [Legacy]
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2017-12-21] [Legacy]
FF HKLM\...\Firefox\Extensions: [{682F8106-3DFC-4cde-98D2-285FCF23FD09}] - C:\Program Files\Tomabo\MP4 Downloader Pro\MP4DP_FF.xpi
FF HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc3.xpi
FF Extension: (IDM Integration Module) - C:\Program Files\Internet Download Manager\idmmzcc3.xpi [2019-03-20] [UpdateUrl:hxxps://data.internetdownloadmanager.com/idmmzcc3/update.json]
FF HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Firefox\Extensions: [{6EBED4D8-13D9-4270-8D44-B57DDB7A787C}] - C:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.17.7.7150\BVDFirefoxExt
FF HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Firefox\Extensions: [KVAllmytube@KeepVid.com] - C:\Program Files\Wondershare\AllMyTube\BrowserPlugin\kvallmyt ube@keepvid.com_xpi
FF Extension: (KeepVid Pro) - C:\Program Files\Wondershare\AllMyTube\BrowserPlugin\kvallmyt ube@keepvid.com_xpi [2019-09-27] [Legacy]
FF HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\Firefox\Extensions: [{31C8B8A4-6712-4A47-B378-2BE78B8EE9E1}] - C:\Program Files\Bigasoft\Video Downloader Pro\extensions\3.17.9.7200\BVDFirefoxExt
FF Extension: (Bigasoft Video Downloader Pro) - C:\Program Files\Bigasoft\Video Downloader Pro\extensions\3.17.9.7200\BVDFirefoxExt [2019-09-27] [Legacy] [not signed]
FF HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Joe\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Joe\AppData\Roaming\IDM\idmmzcc5 [2019-12-21] [Legacy] [not signed]
FF HKU\S-1-5-21-198903158-1304534811-4163729061-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_ 303.dll [2019-12-14] (Adobe Inc. -> )
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [No File]
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2012-11-02] (Garmin International, Inc. -> GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google Inc -> Google)
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1 .dll [No File]
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [No File]
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc. -> Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-15] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.google.com.au/","hxxp://www.bing.com/search?FORM=INCOH1&PC=IC03&PTAG=ICO-d6194eaa"
CHR Notifications: Default -> hxxps://downloads.tomsguide.com; hxxps://sendleap.com; hxxps://www.facebook.com
CHR Profile: C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default [2020-01-05]
CHR DownloadDir: C:\Captures
CHR Extension: (Google Translate) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgj llcleb [2019-12-14]
CHR Extension: (YouTube) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\adnlfjpnmidfimlkaohpidplno imahfh [2019-10-01]
CHR Extension: (Free Download Manager) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgo ilbfdp [2019-12-17]
CHR Extension: (280daily) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aibhdihcdjelmifgpkcalcafld alpkbm [2019-01-16]
CHR Extension: (Flash Video Downloader) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlh ccpdbc [2019-05-08]
CHR Extension: (MightyTextTest) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\andmpiilbgodiefijhcneadheg colaoe [2019-08-27]
CHR Extension: (Docs) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2017-11-07]
CHR Extension: (Dictanote) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomjekmpappghadlogpigifkgh lmebjk [2019-01-16]
CHR Extension: (Google Drive) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2017-06-08]
CHR Extension: (Todoist for Chrome) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjohebimpjdhhocbknplfelpm dhifhd [2019-01-17]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkop ceiche [2019-06-05]
CHR Extension: (YouTube) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2017-06-08]
CHR Extension: (Pushbullet) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjl cfhogd [2019-12-29]
CHR Extension: (Telegram) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\clhhggbfdinjmjhajaheehoeib fljjno [2019-01-17]
CHR Extension: (sydney time) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\dahalpfpibpddfpdcfgmpjelnl dolich [2019-11-29]
CHR Extension: (Hangouts) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\deigijodonbmdapahgkdjljmcn gipaab [2019-03-14]
CHR Extension: (Allavsoft video downloader converter) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhancbnhabhandieicagelcddk dfgoif [2017-12-06]
CHR Extension: (Creating an internet shortcut fails |...) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcnpbhjfgpighcllplapphnga aockbd [2019-08-28]
CHR Extension: (Session Buddy) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbc dcpbko [2018-03-11]
CHR Extension: (Bulk Media Downloader) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehfdcgbfcboceiclmjaofdannm jdeaoi [2018-03-01]
CHR Extension: (Google Docs Offline) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2018-08-23]
CHR Extension: (Avast Online Security) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegiea cbdmki [2019-12-21]
CHR Extension: (Drive Notepad) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpgjomejfimnbmobcocilppikh ncegaj [2019-01-17]
CHR Extension: (VoiceNote II - Speech to text) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfknjgplnkgjihghcidajejfml dhibfm [2019-01-17]
CHR Extension: (vGet Extension (Video Downloader, DLNA)) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hniladkejehjfchadikcbjmgja ogciic [2018-03-01]
CHR Extension: (My Diary) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\igfnkanfehhehlajnhpajibfcf gkaikl [2019-01-17]
CHR Extension: (YouTube Video Downloader Extension) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\igljnkmljjbhcellpnjppojkfd fmkjmp [2018-03-02]
CHR Extension: (Mate Translate – translator, dictionary) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmgiclibbndffejedjimfjmfo abpcke [2019-11-29]
CHR Extension: (Voice Recognition) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikjmfindklfaonkodbnidahohd fbdhkn [2019-01-17]
CHR Extension: (Excel Online) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\iljnkagajgfdmfnnidjijobijl fjfgnb [2019-01-16]
CHR Extension: (Dropbox) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhaf glcjdl [2019-01-17]
CHR Extension: (Pushbullet Settings) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\jinnpgkhgbkooiphbamlonfpce dokdah [2019-06-28]
CHR Extension: (Multi Forward for Gmail) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjmdplljmniahpamcmabdnahmj dlikpm [2018-08-23]
CHR Extension: (Gmail) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhopmchchfpfdcdjodmpfaaph dclmlj [2019-11-30]
CHR Extension: (Google Hangouts) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgoln pehhpl [2019-05-25]
CHR Extension: (Evernote Web) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhila dcgbol [2019-01-17]
CHR Extension: (Google Maps) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbea pigfbh [2019-01-17]
CHR Extension: (Yellow highlighter pen for web) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnmengjdnfjbochkdkcjbbpild acancp [2018-04-04]
CHR Extension: (Google Hangouts) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanao iihapd [2019-05-25]
CHR Extension: (IDM Integration Module) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhm bhlaek [2019-12-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2019-10-09]
CHR Extension: (ImTranslator: Translator, Dictionary, TTS) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\noaijdpnepcgjemiklgfkcfbko kogabh [2019-12-03]
CHR Extension: (AdBlocker Ultimate) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohahllgiabjaoigichmmfljhkc fikeof [2019-12-27]
CHR Extension: (draw.io Desktop) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pebppomjfocnoigkeepgbmcifn nlndla [2019-12-29]
CHR Extension: (SendLeap) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\phnjmiobjppgfeicepedmfnpjj mfjlha [2020-01-01]
CHR Extension: (Gmail) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2019-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcj beemfm [2019-12-14]
CHR Extension: (Free Video Downloader) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgadljdflpomdcdacknofppee jgmjdn [2018-05-13]
CHR HKLM\...\Chrome\Extension: [dhancbnhabhandieicagelcddkdfgoif] - C:\Program Files\Allavsoft\Video Downloader Converter\extensions\3.17.7.7150\BVDChromeExt.crx [2019-08-01]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
Reply With Quote
  #21  
Old January 6th, 2020, 04:03 AM
sebastian42 sebastian42 is offline
Senior Member
  
Join Date: May 2007
Posts: 125
CHR HKLM\...\Chrome\Extension: [jpnkpjikgipojkofgjjkfgdhfanggcdm] - C:\Program Files\Bigasoft\Video Downloader Pro\extensions\3.17.9.7200\BVDChromeExt.crx [2019-09-27]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2019-03-22]
CHR HKU\S-1-5-21-198903158-1304534811-4163729061-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\ Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [143776 2017-01-31] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 aim_LSService; C:\Program Files\Actual Window Manager\LogonScreenService.exe [95472 2019-05-15] (Actual Tools (Mikhail Yurievich Tretyakov IP) -> Actual Tools)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5106064 2019-12-20] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [859096 2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
R2 Backupper Service; C:\Program Files\AOMEI Backupper\ABService.exe [483184 2019-01-22] (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.)
S4 caspereui; C:\Program Files\Common Files\Future Systems Solutions\Services\CASPERSVCS.EXE [607976 2013-11-19] (Future Systems Solutions, Inc. -> Future Systems Solutions, Inc.)
S4 casperhpb; C:\Program Files\Common Files\Future Systems Solutions\Services\CASPERSVCS.EXE [607976 2013-11-19] (Future Systems Solutions, Inc. -> Future Systems Solutions, Inc.)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\Freem akeUtilsService.exe [81280 2019-07-04] (Mixbyte Inc -> Freemake)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5394136 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S4 mfevtp; C:\Windows\system32\mfevtps.exe [238288 2015-05-18] (McAfee, Inc. -> McAfee, Inc.)
R2 nlsX86cc; C:\Windows\system32\NLSSRV32.EXE [69640 2014-05-19] (Nitro PDF Software -> Nalpeiron Ltd.)
S3 rpcapd; C:\Program Files\WinPcap\rpcapd.exe [117264 2011-02-12] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S4 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S4 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S4 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3748704 2019-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [12097024 2019-11-07] (TeamViewer GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [2250992 2019-12-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [85240 2019-12-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WsAppService; C:\Program Files\Wondershare\WAF\2.3.1.204\WsAppService.exe [437392 2016-11-16] (Wondershare software CO., LIMITED -> Wondershare)
S3 WsDrvInst; C:\Program Files\iSkysoft\Video Converter Ultimate\Transfer\DriverInstall.exe [107800 2019-09-26] (Shenzhen Yi Xing Investment Co., Ltd. -> Wondershare)
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2013024 2019-10-22] (Sony Mobile Communications AB -> Sony)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSys tem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSyste m" -r -p 30000
S4 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.lo g" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [26424 2015-02-26] (Aomei Technology Co., Limited -> ) [File not signed]
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [129720 2015-02-26] (Aomei Technology Co., Limited -> ) [File not signed]
S3 ampa; C:\WINDOWS\system32\ampa.sys [35760 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [14392 2015-02-26] (Aomei Technology Co., Limited -> ) [File not signed]
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\i386\AODDriver2.sys [50400 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35512 2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [174712 2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [224008 2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [169408 2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [59368 2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15792 2019-10-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [211088 2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41200 2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [136752 2019-11-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [95168 2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [73312 2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [691528 2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [394856 2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [176760 2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [277408 2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
R2 BrPar; C:\WINDOWS\System32\drivers\BrPar.sys [19537 2000-07-24] (Brother Industries Ltd.) [File not signed]
S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [33200 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 DroidCam; C:\WINDOWS\System32\drivers\droidcam.sys [29496 2016-09-29] (DEV47 APPS -> Dev47Apps)
R3 DroidCamVideo; C:\WINDOWS\System32\drivers\droidcamvideo.sys [225592 2016-09-29] (DEV47 APPS -> Windows (R) Win 7 DDK provider)
U3 EnigmaFileMonDriver; C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sy s [60232 2020-01-03] (EnigmaSoft Limited -> EnigmaSoft Limited)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [31936 2018-10-18] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EPMVolFlt; C:\WINDOWS\System32\drivers\EPMVolFlt.sys [28880 2018-10-18] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
R1 epp; C:\EEK\bin32\epp.sys [118248 2019-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd)
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10208 2018-10-24] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [25864 2018-08-04] (Glarysoft LTD -> Glarysoft Ltd)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [17352 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 mf; C:\WINDOWS\System32\drivers\mf.sys [29696 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [648552 2015-05-18] (McAfee, Inc. -> McAfee, Inc.)
S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [91840 2015-05-18] (McAfee, Inc. -> McAfee, Inc.)
R3 mv91cons; C:\WINDOWS\System32\drivers\mv91cons.sys [30440 2016-04-12] (Marvell Semiconductor, Inc. -> Marvell Semiconductor Inc.)
R1 networx; C:\WINDOWS\System32\drivers\networx.sys [67640 2016-09-20] (SOFTPERFECT PTY. LTD. -> NetFilterSDK.com)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2019-07-16] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ dispi.inf_x86_9f540655d9eda3dd\nvlddmkm.sys [15367072 2018-06-13] (NVIDIA Corporation -> NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [53616 2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
S3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [50248 2018-01-24] (NVIDIA Corporation -> NVIDIA Corporation)
R1 PCIESER; C:\WINDOWS\system32\drivers\PCIESER.sys [67328 2014-10-09] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
R1 PSSDK42; C:\Windows\system32\Drivers\pssdk42.sys [38976 2015-11-10] (Microolap technologies -> microOLAP Technologies LTD)
R1 PSSDKLBF; C:\Windows\system32\Drivers\pssdklbf.sys [53312 2015-11-10] (Microolap technologies -> microOLAP Technologies LTD)
S3 RDPDISPM; C:\WINDOWS\System32\DRIVERS\rdpdispm.sys [15488 2010-09-22] (Microsoft Corporation) [File not signed]
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [956752 2018-09-04] (Realtek Semiconductor Corp. -> Realtek )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-23] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-13] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [114304 2015-06-08] (Power Software Limited -> Power Software Ltd)
S3 tap0901; C:\WINDOWS\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [37472 2019-12-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [278456 2019-12-31] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [119952 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [39368 2019-12-31] (Microsoft Windows -> Microsoft Corporation)
S3 WsAudio_Device; C:\WINDOWS\system32\drivers\VirtualAudio.sys [27496 2015-02-27] (Wondershare Software Co., Ltd. -> Wondershare)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [207360 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-06 01:51 - 2020-01-06 01:51 - 000161803 _____ C:\-AAAJOBS.WPF
2020-01-06 00:06 - 2020-01-06 06:22 - 000000000 ____D C:\Program Files\Farbar
2020-01-05 11:10 - 2020-01-05 11:11 - 000000000 ____D C:\Program Files\KMPlayer
2020-01-05 10:02 - 2020-01-05 10:02 - 000020087 _____ C:\Users\Joe\Desktop\SearchRegLog.txt
2020-01-05 09:58 - 2020-01-06 06:29 - 000000000 ____D C:\FRST
2020-01-04 21:31 - 2020-01-04 22:10 - 000001352 _____ C:\Activation.TXT
2020-01-04 07:57 - 2020-01-04 07:57 - 000003020 _____ C:\WINDOWS\system32\Tasks\GU5SkipUAC
2020-01-02 21:58 - 2020-01-02 21:58 - 000000000 ___HD C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Startup-Disabled
2020-01-02 14:23 - 2020-01-02 14:23 - 000000000 ____D C:\Users\Joe\Desktop\faulty 8Gb USB
2020-01-02 14:03 - 2020-01-04 07:24 - 000001412 _____ C:\Users\Joe\Desktop\Clear Quicklaunch.lnk
2020-01-01 21:30 - 2020-01-01 21:30 - 000000000 ____D C:\Users\Joe\AppData\Local\SendLeap
2020-01-01 16:17 - 2020-01-01 16:22 - 000000000 ____D C:\Program Files\AOMEI Partition Assistant
2020-01-01 16:17 - 2019-12-02 11:01 - 001880664 _____ C:\WINDOWS\ampa.exe
2020-01-01 16:17 - 2017-02-28 14:20 - 000035760 _____ C:\WINDOWS\system32\ampa.sys
2020-01-01 16:17 - 2016-12-27 18:45 - 000033200 _____ C:\WINDOWS\system32\ddmdrv.sys
2020-01-01 16:17 - 2016-09-29 09:44 - 001129624 _____ C:\WINDOWS\ddmmain.exe
2019-12-31 22:54 - 2020-01-01 16:46 - 000001024 ____H C:\AMTAG.BIN
2019-12-31 13:13 - 2020-01-03 00:16 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2019-12-31 13:10 - 2019-10-04 00:36 - 000305032 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-12-31 12:35 - 2019-12-31 12:32 - 000613944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-12-30 18:46 - 2020-01-03 00:52 - 000060232 _____ (EnigmaSoft Limited) C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sy s
2019-12-30 01:05 - 2019-12-30 01:05 - 000004234 _____ C:\Context.TXT
2019-12-24 20:52 - 2019-12-24 20:52 - 000000373 _____ C:\Users\Joe\Desktop\USBRECORDER.lnk
2019-12-22 19:28 - 2019-12-22 19:28 - 000001140 _____ C:\Users\Joe\Desktop\Steve'sTemplate.docx.lnk
2019-12-22 17:55 - 2020-01-05 21:16 - 000000806 _____ C:\Users\Joe\Desktop\url.txt.lnk
2019-12-22 02:29 - 2020-01-05 21:18 - 000000000 _____ C:\url.txt
2019-12-22 00:39 - 2019-12-22 00:39 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask .job
2019-12-21 19:09 - 2019-12-30 14:10 - 000000000 ____D C:\Users\Joe\Desktop\New folder
2019-12-21 12:12 - 2019-12-31 12:52 - 000000000 ____D C:\Users\Joe\AppData\Roaming\IDM
2019-12-21 12:12 - 2019-12-21 12:12 - 000000000 ____D C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Internet Download Manager
2019-12-21 11:56 - 2020-01-03 08:19 - 000000000 ____D C:\WINDOWS\Minidump
2019-12-21 11:36 - 2019-12-21 11:36 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-12-21 04:33 - 2019-12-21 04:34 - 000000000 ____D C:\sh5ldr
2019-12-18 11:18 - 2019-12-18 11:18 - 000042656 _____ C:\Users\Joe\Desktop\UTS BIG THINKING AND SYDNEY FESTIVAL 2020 PROGRAM!.eml
2019-12-16 07:47 - 2019-12-16 07:47 - 000000000 ____D C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Actual Window Manager
2019-12-16 07:47 - 2019-12-16 07:47 - 000000000 ____D C:\Users\Joe\AppData\Roaming\Actual Tools
2019-12-16 07:47 - 2019-12-16 07:47 - 000000000 ____D C:\Program Files\Actual Window Manager
2019-12-15 14:54 - 2019-12-21 05:04 - 000000000 ____D C:\Program Files\Security Task Manager
2019-12-15 02:33 - 2019-12-15 02:33 - 000002488 _____ C:\Users\Joe\Desktop\excerptA.lnk
2019-12-14 20:10 - 2019-12-14 20:10 - 000000000 ____D C:\Program Files\IPEVO
2019-12-11 15:35 - 2019-12-11 13:34 - 000410830 __RSH C:\bootmgr
2019-12-11 15:35 - 2019-03-19 13:40 - 000000001 ___SH C:\BOOTNXT
2019-12-11 13:34 - 2019-12-11 13:34 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 007067960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-11 13:34 - 2019-12-11 13:34 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayR eady.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 002995712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-11 13:34 - 2019-12-11 13:34 - 002204176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-11 13:34 - 2019-12-11 13:34 - 002084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 002073200 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 002059264 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-11 13:34 - 2019-12-11 13:34 - 001793024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.oneco re.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 001539880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 001496080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems32.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 001429304 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 001401856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.deskt op.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 001399296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 001394544 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-11 13:34 - 2019-12-11 13:34 - 001246816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-11 13:34 - 2019-12-11 13:34 - 001133568 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-11 13:34 - 2019-12-11 13:34 - 001111992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-11 13:34 - 2019-12-11 13:34 - 001077632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-11 13:34 - 2019-12-11 13:34 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 000980792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-11 13:34 - 2019-12-11 13:34 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 000779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-11 13:34 - 2019-12-11 13:34 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dl l
2019-12-11 13:34 - 2019-12-11 13:34 - 000612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 000574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-11 13:34 - 2019-12-11 13:34 - 000554168 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-11 13:34 - 2019-12-11 13:34 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 000472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-11 13:34 - 2019-12-11 13:34 - 000421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-11 13:34 - 2019-12-11 13:34 - 000413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dl l
2019-12-11 13:34 - 2019-12-11 13:34 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-11 13:34 - 2019-12-11 13:34 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-11 13:34 - 2019-12-11 13:34 - 000320016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-11 13:34 - 2019-12-11 13:34 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-11 13:34 - 2019-12-11 13:34 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.d ll
2019-12-11 13:34 - 2019-12-11 13:34 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 000105376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 000079888 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-11 13:34 - 2019-12-11 13:34 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentS tatusTracking.ConfigProvider.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 000046928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt. ProxyStub.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 000024080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-11 13:34 - 2019-12-11 13:34 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-11 13:34 - 2019-12-11 13:34 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-11 10:35 - 2019-12-11 10:37 - 000000000 ____D C:\Tame60
2019-12-11 10:35 - 2019-12-11 10:35 - 000000000 ____D C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Tame Version 6.0d
2019-12-11 10:16 - 2020-01-06 06:28 - 000000000 ____D C:\WP51
2019-12-09 23:04 - 2020-01-01 16:46 - 000010015 _____ C:\WINDOWS\GA_OF.dat
2019-12-07 07:04 - 2019-12-07 23:12 - 000000000 ____D C:\Users\Joe\AppData\Roaming\VideoProc

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-06 06:24 - 2019-04-18 00:52 - 000000000 ____D C:\Users\Joe\AppData\Roaming\uTorrent
2020-01-06 06:24 - 2017-09-02 16:17 - 000000000 ____D C:\Users\Joe\AppData\LocalLow\Mozilla
2020-01-06 06:19 - 2019-12-06 01:45 - 000948396 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-06 06:19 - 2019-03-19 13:44 - 000000000 ____D C:\WINDOWS\INF
2020-01-06 06:13 - 2019-12-06 01:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-06 06:13 - 2019-07-09 12:21 - 000000000 ____D C:\Users\Joe\AppData\Roaming\MightyText
2020-01-06 06:13 - 2019-03-26 23:24 - 000000520 _____ C:\WINDOWS\system32\AbBakConfig.dat
2020-01-06 06:13 - 2019-03-26 23:22 - 000000000 ____D C:\Program Files\AOMEI Backupper
2020-01-06 06:13 - 2019-02-18 12:04 - 000000000 ____D C:\Users\Joe\AppData\Roaming\Telegram Desktop
2020-01-06 06:13 - 2019-01-24 22:14 - 000000000 ____D C:\Program Files\TeamViewer
2020-01-06 06:13 - 2015-09-22 01:01 - 000000150 _____ C:\WINDOWS\system32\winsevr.dat
2020-01-06 02:13 - 2019-03-19 13:35 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2020-01-06 02:13 - 2018-07-30 18:06 - 000000000 ____D C:\Users\Joe\AppData\Roaming\vlc
2020-01-06 01:38 - 2013-02-01 19:24 - 000000000 ____D C:\OutputFolder
2020-01-06 01:34 - 2014-05-23 19:17 - 000000000 ____D C:\Captures
2020-01-06 01:25 - 2018-02-09 21:35 - 000000000 ____D C:\Users\Joe\AppData\Local\CrashDumps
2020-01-06 00:50 - 2019-11-28 16:38 - 000000000 ____D C:\Users\Joe\AppData\Local\Pushbullet
2020-01-05 21:47 - 2019-04-01 21:52 - 000000000 ____D C:\Users\Joe\AppData\Roaming\DMCache
2020-01-05 14:46 - 2019-10-03 23:25 - 000000000 ____D C:\Users\Joe\AppData\Local\AVAST Software
2020-01-05 00:39 - 2019-12-06 01:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-04 09:51 - 2011-12-10 01:34 - 000000000 ____D C:\Users\Joe\AppData\Roaming\TeraCopy
2020-01-04 08:35 - 2018-07-18 22:27 - 000000000 ____D C:\Program Files\WinRAR
2020-01-04 08:28 - 2017-01-07 16:10 - 000000000 ____D C:\Program Files\K-Lite Codec Pack
2020-01-04 08:02 - 2019-01-24 22:14 - 000000000 ____D C:\Users\Joe\AppData\Roaming\TeamViewer
2020-01-04 07:58 - 2016-01-10 10:13 - 000000000 ____D C:\Program Files\Glary Utilities 5
2020-01-04 07:27 - 2011-12-08 20:52 - 000000000 ____D C:\Data
2020-01-03 21:06 - 2017-10-22 16:38 - 000000000 ____D C:\Users\Joe\AppData\Roaming\Wise Duplicate Finder
2020-01-03 01:53 - 2019-12-06 01:38 - 000000000 ____D C:\Users\DefaultAppPool
2020-01-03 00:17 - 2019-12-06 01:47 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-01-03 00:00 - 2019-10-24 22:28 - 000000000 ____D C:\Users\Joe\AppData\Roaming\Messenger for Desktop
2020-01-02 20:58 - 2019-06-02 22:39 - 000000000 ____D C:\Users\Joe\AppData\Local\Greenshot
2020-01-02 20:22 - 2017-11-07 21:33 - 000000000 ____D C:\Program Files\Winaero Tweaker
2020-01-02 02:22 - 2019-12-06 01:38 - 000000000 ____D C:\Users\Joe
2020-01-01 21:40 - 2019-01-08 21:40 - 000000000 ____D C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Chrome Apps
2020-01-01 21:30 - 2018-05-26 23:19 - 000000000 ____D C:\Users\Joe\AppData\Local\SquirrelTemp
2019-12-31 21:46 - 2018-02-20 12:33 - 000000000 ____D C:\Users\Joe\AppData\Roaming\Mp3tag
2019-12-31 13:10 - 2019-03-19 13:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-12-31 12:41 - 2013-05-09 13:43 - 000000000 ____D C:\Program Files\MSOffice activator
2019-12-31 12:38 - 2019-03-19 13:46 - 000000000 ____D C:\Program Files\Windows Defender
2019-12-31 12:38 - 2018-05-10 23:44 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-12-31 11:43 - 2019-03-19 13:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-30 22:40 - 2017-08-17 00:02 - 000000000 ____D C:\Users\Joe\AppData\Local\ElevatedDiagnostics
2019-12-25 13:51 - 2017-12-13 11:14 - 000000000 ____D C:\Users\Joe\AppData\Local\Packages
2019-12-25 00:37 - 2018-05-18 13:26 - 000000000 ____D C:\Users\Joe\AppData\Local\D3DSCache
2019-12-24 22:40 - 2018-01-07 09:22 - 000000000 ____D C:\Users\Joe\AppData\Local\PlaceholderTileLogoFold er
2019-12-24 22:36 - 2019-03-19 13:46 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-21 16:41 - 2019-04-01 22:05 - 000000000 ____D C:\Program Files\Internet Download Manager
2019-12-21 11:56 - 2017-10-24 14:43 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2019-12-20 22:34 - 2017-11-25 10:08 - 000000000 ____D C:\Users\Joe\AppData\Roaming\Allavsoft
2019-12-19 12:47 - 2019-11-30 11:58 - 000000000 ____D C:\Users\Joe\Desktop\Autocad 2015 cracks
2019-12-18 15:36 - 2019-04-17 14:35 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2019-12-17 07:14 - 2018-03-25 08:39 - 000000000 ____D C:\EEK
2019-12-14 20:12 - 2016-09-14 15:06 - 000000000 ____D C:\Program Files\PicPick
2019-12-14 20:07 - 2019-04-14 02:38 - 000000000 ____D C:\Users\Joe\AppData\Local\Adobe
2019-12-14 20:05 - 2019-12-06 01:47 - 000004578 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-12-14 20:05 - 2019-12-06 01:47 - 000004376 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2019-12-14 20:05 - 2019-03-19 13:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-12-14 10:45 - 2019-12-06 01:47 - 000003408 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineU A
2019-12-14 10:45 - 2019-12-06 01:47 - 000003284 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineC ore
2019-12-12 16:52 - 2016-08-31 20:06 - 000000000 ____D C:\Users\Joe\AppData\Local\Sidebar7
2019-12-11 15:35 - 2019-12-06 01:34 - 000479864 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-11 15:35 - 2017-12-13 11:23 - 000000000 ___RD C:\Users\Joe\3D Objects
2019-12-11 15:35 - 2016-02-13 23:20 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-11 15:35 - 2012-01-05 10:38 - 000000000 ___RD C:\Users\Joe\Virtual Machines
2019-12-11 13:41 - 2019-03-19 13:46 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-11 13:41 - 2019-03-19 13:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-11 13:41 - 2019-03-19 13:46 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-11 13:36 - 2013-08-14 21:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-11 13:36 - 2012-01-07 11:47 - 126061744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-11 13:35 - 2019-03-19 13:35 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-11 10:35 - 2019-03-19 13:43 - 000002160 _____ C:\WINDOWS\system32\autoexec.nt
2019-12-11 09:46 - 2019-03-19 13:43 - 000002577 _____ C:\WINDOWS\system32\config.nt
2019-12-08 11:29 - 2017-08-26 00:43 - 000000000 ____D C:\WPTemp
2019-12-08 10:55 - 2019-12-06 14:48 - 000000000 ____D C:\WINDOWS\Panther
2019-12-07 18:06 - 2015-06-10 22:37 - 000000000 ____D C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\AVS4YOU
2019-12-07 18:06 - 2015-06-10 22:35 - 000000000 ____D C:\Program Files\AVS4YOU
2019-12-07 13:40 - 2017-08-26 00:43 - 000000000 ____D C:\WPTmp
2019-12-07 07:04 - 2018-12-31 19:58 - 000000000 ____D C:\Users\Joe\Documents\VideoProc
2019-12-07 07:04 - 2015-11-17 23:45 - 000000000 ____D C:\Program Files\Digiarty

==================== Files in the root of some directories ========

2013-02-17 14:27 - 2013-02-17 14:27 - 002174976 _____ (Advanced Micro Devices Inc.) C:\Program Files\Common Files\atimpenc.dll
2014-12-03 14:31 - 2016-01-11 22:16 - 000087608 _____ () C:\Users\Joe\AppData\Roaming\inst.exe
2014-12-03 14:31 - 2016-01-11 22:16 - 000007887 _____ () C:\Users\Joe\AppData\Roaming\pcouffin.cat
2014-12-03 14:31 - 2016-01-11 22:16 - 000001144 _____ () C:\Users\Joe\AppData\Roaming\pcouffin.inf
2014-12-03 14:31 - 2016-01-11 22:16 - 000000033 _____ () C:\Users\Joe\AppData\Roaming\pcouffin.log
2014-12-03 14:31 - 2016-01-11 22:16 - 000047360 _____ (VSO Software) C:\Users\Joe\AppData\Roaming\pcouffin.sys
2019-10-06 21:45 - 2019-10-07 22:37 - 000001435 _____ () C:\Users\Joe\AppData\Local\oobelibMkey.log
2016-07-25 01:51 - 2018-10-12 21:52 - 000007617 _____ () C:\Users\Joe\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Reply With Quote
  #22  
Old January 6th, 2020, 01:44 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
  
Join Date: Dec 2004
Posts: 52,284
It'll take me a while to weed through that, but I will be back in touch.
Reply With Quote
  #23  
Old January 6th, 2020, 01:46 PM
sebastian42 sebastian42 is offline
Senior Member
  
Join Date: May 2007
Posts: 125
I'm young (77) - I can wait.
Reply With Quote
  #24  
Old January 7th, 2020, 12:52 AM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
  
Join Date: Dec 2004
Posts: 52,284
In all honesty, still pondering things.Nothing in the log, and I am trying to figure out how a context menu item is loaded, but not from the Registry.
Reply With Quote
  #25  
Old January 7th, 2020, 01:01 AM
sebastian42 sebastian42 is offline
Senior Member
  
Join Date: May 2007
Posts: 125
In case it helps I'll load a snap of the entry so you can be confident that it is real. However, when I try to attach the pic, I have to give a URL - but it is on my desktop,
so if you can suggest a website, I'll post it there.
Reply With Quote
  #26  
Old January 7th, 2020, 02:01 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
  
Join Date: Dec 2004
Posts: 52,284
You can upload an image here, then when posting click the insert image icon above the post and paste the http code.

While we have the info, I suggest you uninstall these dinosaurs:

HitmanPro 3.8
Spybot
Spybot Anti-Beacon
SUPERAntiSpyware
WinPatrol

Blasts from the past, and Super is loading at startup so slowing things down.

--------------------------

Let's see if this context menu item is created by a startup. Press Ctrl-Alt-Delete and select Task Manager. Click More details if the display is blank. Go to the Startups tab and right click, Disable each item. Then reboot, and check to see if that context menu item shows. If so, go ahead and open Task Manager and re-enable all the startups.
Reply With Quote
  #27  
Old January 7th, 2020, 02:10 PM
sebastian42 sebastian42 is offline
Senior Member
  
Join Date: May 2007
Posts: 125
https://ibb.co/NYd0hSL

Of the suggested uninstalls - Winpatrol was intended to delay startups - not sure if still relevant.

Your trial and error method is time consuming because of the reboots required, so I can not report on that until I've had the leisure to do that.
Last edited by sebastian42; January 7th, 2020 at 02:12 PM.
Reply With Quote
  #28  
Old January 7th, 2020, 07:10 PM
Jintan's Avatar
Jintan Jintan is offline
Cyber Tech Help Moderator
  
Join Date: Dec 2004
Posts: 52,284
Red face
What happens if you put a DVD in the DVD drive, then right click on the DVD drive and select open autoplay?
Reply With Quote
  #29  
Old January 8th, 2020, 01:22 AM
sebastian42 sebastian42 is offline
Senior Member
  
Join Date: May 2007
Posts: 125
I can't fully do that because 'Open Autoplay' does not appear on Optical drive's Context menu.
Reply With Quote
  #30  
Old January 9th, 2020, 12:26 AM
sebastian42 sebastian42 is offline
Senior Member
  
Join Date: May 2007
Posts: 125
I've now tested disabling the Task Manager StartUps, except for AVlauncher - because i could not. With 'all' startups disabled, the autoplay entry is still there - but only for one 80Gb (data) HDD.
Reply With Quote
Reply
Page 2 of 3 1 2 3

Bookmarks

« Previous Topic | Next Topic »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Topics
Topic Topic Starter Forum Replies Last Post
Bad Context Menu niapet Windows Vista 3 September 24th, 2008 05:51 PM
Context Menu Winkerbie Windows Vista 25 April 11th, 2008 11:53 PM
CONTEXT MENU (right click menu) for ALL PROGRAMS doesn't appear jayro Windows XP 3 June 26th, 2004 03:43 AM
edit "Context Menu" (right click menu) on WEB PAGES jayro Internet / Browsers 3 August 19th, 2003 05:41 AM


All times are GMT +1. The time now is 06:29 PM.