[SOLVED] My computer isnt Windows 10 yet

nothing is working now its getting someones attention
 

Attachments

  • Capture 112.PNG
    Capture 112.PNG
    63.6 KB · Views: 5
  • Capture 111.PNG
    Capture 111.PNG
    387.2 KB · Views: 5
In your first screenshot Firefox warns you about a potential security risk. I get these warnings too.
The download is legit so just click on the item and allow the download.
 
wow nothing is happening cursor in the install is just blinking.
 

Attachments

  • Capture 444.PNG
    Capture 444.PNG
    23 KB · Views: 5
Please be patient. Just leave it running until it completes.
 
Install complete.

Peter can u help me look for malware on my laptop?
Maybe some direction to properly secure my laptop.
 
Last edited:
Attach the file C:\Windows\Logs\CBS\CheckSUR.log to your next reply.

Peter can u help me look for malware on my laptop?
Click to expand...
Yes but lets concentrate on the Windows Update issue first.
 
For days my windows defender has been working fine now all of a sudden its turned off and when i try to turn it back on it goes green and quickly turns off. i cant get it to come on now. Also i copied the checksur log but it wont paste.
 
this all i could show you unless yu have a better idea. really large file copy and paste didnt work just sniping tool
 

Attachments

  • Capture 777.PNG
    Capture 777.PNG
    849 KB · Views: 3
  • Capture 711.PNG
    Capture 711.PNG
    662.5 KB · Views: 3
Copy and paste didn't work, just the sniping tool. Now all of a sudden im really having problems that i didnt have on my laptop.
 

Attachments

  • Capture 777.PNG
    Capture 777.PNG
    849 KB · Views: 2
  • Capture 711.PNG
    Capture 711.PNG
    662.5 KB · Views: 2
Step 1:
The file is too large to paste as text. That's why I asked to attach it as attachment.

Step 2:
  1. Download the Farbar Recovery Scan Tool and save it to your Desktop:
    64-bit: Downloading Farbar Recovery Scan Tool
    Note: Your antivirus program may report FRST incorrectly as an infection. If so, disable the real-time protection when downloading and running FRST.

  2. Right-click to run the tool as administrator. When the tool opens click Yes to disclaimer.
  3. Note: Ensure that the Addition.txt check box is checked at the bottom of the form within the Optional Scan area.
  4. Press the Scan button.
  5. Please wait for the tool to finish. It will produce two logfiles called FRST.txt and Addition.txt in the same directory the tool is run from (which should be the desktop)
  6. Post the logfiles FRST.txt and Addition.txt as attachment in your next reply.
 
Last edited:
thia ia part Additional


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-02-2022
Ran by MKruz090 (05-03-2022 13:14:50)
Running from C:\Users\MKruz090\Downloads
Microsoft Windows 7 Home Premium Service Pack 1 (X64) (2012-05-22 00:08:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1706774440-1050106324-3588017053-500 - Administrator - Disabled)
Guest (S-1-5-21-1706774440-1050106324-3588017053-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1706774440-1050106324-3588017053-1010 - Limited - Enabled)
MKruz090 (S-1-5-21-1706774440-1050106324-3588017053-1003 - Administrator - Enabled) => C:\Users\MKruz090

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Disabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.011.20039 - Adobe Systems Incorporated)
Adobe Flash Player 28 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Application Support (32-bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{74CC99EB-7DC0-4CB0-847A-F8C2FE39690C}) (Version: 14.5.0.7 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 99.1.36.109 - Brave Software Inc)
CLEAR Connection Manager (HKLM\...\{CC591B40-F733-4731-9240-CE86FA34532C}) (Version: 2.00.0043.0 - Clearwire)
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3426 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.668 - Dell)
Dell SupportAssistAgent (HKLM\...\{9DD6B149-CEBC-4910-B11A-242393EDF6D3}) (Version: 2.1.4.14 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
Dragon NaturallySpeaking 12 (HKLM-x32\...\{D5D422B9-6976-4E98-8DDF-9632CB515D7E}) (Version: 12.50.000 - Nuance Communications Inc.)
Dropbox (HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\Dropbox) (Version: 143.4.4161 - Dropbox, Inc.)
HotspotShield TAP-Windows 9.24.4 (HKLM\...\HotspotShield TAP-Windows) (Version: 9.24.4 - Pango Inc.) Hidden
InstallIQ Updater (HKLM-x32\...\{8E1CB0F1-67BF-4052-AA23-FA22E94804C1}) (Version: 1.4.3.0 - W3i, LLC)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2345 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{BEE86606-EFB5-4353-9F34-29E0C59CDCFA}) (Version: 15.2.0.0284 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{181BBF43-CA17-4E1A-A78D-81E67A57B8A4}) (Version: 15.02.0000.1258 - Intel Corporation)
iTunes (HKLM\...\{E6FF3475-A35E-481F-8A8E-3D73CF3A30A1}) (Version: 12.10.11.2 - Apple Inc.)
Java 8 Update 321 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180321F0}) (Version: 8.0.3210.7 - Oracle Corporation)
JavaFX 2.1.0 (HKLM-x32\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 97.0.2 (x64 en-US)) (Version: 97.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 97.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
ObjectDock Free (HKLM-x32\...\{2C13F8C1-570B-42A9-87B4-8C7903ECD602}) (Version: 2.0 - Stardock Corporation) Hidden
ObjectDock Free (HKLM-x32\...\ObjectDock Free) (Version: 2.0 - Stardock Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
Open Book HVAC Certifications 4.2.00 (HKLM-x32\...\9588-9510-0199-4620) (Version: 4.2.00 - Mainstream Engineering Corporation)
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6267 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.27.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.27.0 - Renesas Electronics Corporation)
Revo Uninstaller 2.3.8 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.8 - VS Revo Group, Ltd.)
Search Protection (HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\Search Protection) (Version: 9.7.0.4 - Spigot, Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Settings Manager (HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\Settings Manager) (Version: 27.2.0.1 - Spigot, Inc.)
SPCA1528 PC Driver (HKLM-x32\...\{570C2A84-A145-4DF0-AE9D-012584DF09DC}) (Version: 2.2.2.0 - sunplus)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VC 9.0 Runtime (HKLM-x32\...\{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}) (Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Warframe (HKLM-x32\...\{D2D825FF-B039-4C0F-8027-20F753E63DC7}) (Version: 1.0.0 - Digital Extremes)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )
ZoneAlarm Security Toolbar (HKLM-x32\...\ZoneAlarm Security Toolbar) (Version: 1.8.22.0 - Check Point Software Technologies LTD) Hidden

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\MKruz090\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\MKruz090\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\MKruz090\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\MKruz090\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\MKruz090\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\FileSyncApi64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [Advanced SystemCare] -> {9486A9B2-D787-4eca-A25C-4A0086BB4154} => -> No File
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll [2012-12-25] (Online Media Technologies Ltd. -> Online Media Technologies Ltd.) [File not signed]
ContextMenuHandlers2: [Advanced SystemCare] -> {9486A9B2-D787-4eca-A25C-4A0086BB4154} => -> No File
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [Advanced SystemCare] -> {9486A9B2-D787-4eca-A25C-4A0086BB4154} => -> No File
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers1_S-1-5-21-1706774440-1050106324-3588017053-1003: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-1706774440-1050106324-3588017053-1003: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-1706774440-1050106324-3588017053-1003: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.pspgru] => C:\Windows\SysWOW64\pspgru.acm [401920 2010-03-22] (Philips Austria GmbH - Speech Processing) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2010-10-04 12:54 - 2010-10-04 12:54 - 000807936 _____ () [File not signed] C:\Program Files (x86)\Stardock\ObjectDockFree\CrashRpt.dll
2010-10-04 12:54 - 2010-10-04 12:54 - 000776704 _____ () [File not signed] C:\Program Files (x86)\Stardock\ObjectDockFree\Dock64.dll
2010-10-04 12:54 - 2010-10-04 12:54 - 000094208 _____ () [File not signed] C:\Program Files (x86)\Stardock\ObjectDockFree\Docklets\Clock\Clock.dll
2010-10-04 12:54 - 2010-10-04 12:54 - 000675840 _____ () [File not signed] C:\Program Files (x86)\Stardock\ObjectDockFree\DockShellHook.dll
2010-10-04 12:54 - 2010-10-04 12:54 - 000053760 _____ () [File not signed] C:\Program Files (x86)\Stardock\ObjectDockFree\zlib.dll
2016-11-19 17:53 - 2010-12-20 17:49 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2016-11-19 17:53 - 2010-12-20 17:45 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2012-04-23 17:21 - 2012-04-23 17:21 - 000333312 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\BluetoothHS\BTHSSupplicant.dll
2012-03-15 06:00 - 2012-03-15 06:00 - 000105472 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\BluetoothHS\UsR3IoPort.dll
2019-03-27 23:34 - 2019-03-27 23:34 - 000130560 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Windows\Microsoft.Net\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2010-10-04 12:54 - 2010-10-04 12:54 - 001038848 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Stardock\ObjectDockFree\dbghelp.dll
2013-03-21 21:08 - 2013-03-21 21:08 - 000113664 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.DLL
2012-05-28 18:16 - 2012-05-28 18:16 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2012-05-28 18:16 - 2012-05-28 18:16 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
2013-03-21 21:08 - 2012-12-25 14:47 - 000150888 _____ (Online Media Technologies Ltd. -> Online Media Technologies Ltd.) [File not signed] C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll
2010-05-25 22:18 - 2010-05-25 22:18 - 000135168 _____ (SmithMicro Inc.) [File not signed] C:\Program Files (x86)\Clearwire\Connection Manager\Diagnostic.dll
2010-05-25 22:18 - 2010-05-25 22:18 - 000047104 _____ (SmithMicro Inc.) [File not signed] C:\Program Files (x86)\Clearwire\Connection Manager\RpcSrvApi.dll
2010-05-25 22:18 - 2010-05-25 22:18 - 000643072 _____ (SmithMicro Inc.) [File not signed] C:\Program Files (x86)\Clearwire\Connection Manager\ToolBx.dll
2010-10-04 12:54 - 2010-10-04 12:54 - 000233547 _____ (Stardock) [File not signed] C:\Program Files (x86)\Stardock\ObjectDockFree\Docklets\Power\Power.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:0FF263E8 [247]
AlternateDataStreams: C:\ProgramData\Temp:293E91EE [376]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_06&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuzzyEzz0FyCzy0CtC0CyD0D0C0C0FtAzytN0D0Tzu0StCyDtDyEtN1L2XzutAtFtCzztFtCtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyC0A0C0CzztDyC0FtGtC0F0F0AtG0FyEzyyBtGyC0CzzyDtGtBzz0D0EtDyC0AyE0CzzyD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyBtDyD0C0DtB0AtG0DtCtC0FtGyEtAzy0DtGzzyC0FtAtGyDyCzztDzztAtCtB0DyDyE0F2QtN0A0LzutB%26cr%3D1190448466%26a%3Dwncy_ir_16_06%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_06&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuzzyEzz0FyCzy0CtC0CyD0D0C0C0FtAzytN0D0Tzu0StCyDtDyEtN1L2XzutAtFtCzztFtCtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyC0A0C0CzztDyC0FtGtC0F0F0AtG0FyEzyyBtGyC0CzzyDtGtBzz0D0EtDyC0AyE0CzzyD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyBtDyD0C0DtB0AtG0DtCtC0FtGyEtAzy0DtGzzyC0FtAtGyDyCzztDzztAtCtB0DyDyE0F2QtN0A0LzutB%26cr%3D1190448466%26a%3Dwncy_ir_16_06%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.meetup.com/
HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.dell.com
URLSearchHook: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003 - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_06&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuzzyEzz0FyCzy0CtC0CyD0D0C0C0FtAzytN0D0Tzu0StCyDtDyEtN1L2XzutAtFtCzztFtCtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyC0A0C0CzztDyC0FtGtC0F0F0AtG0FyEzyyBtGyC0CzzyDtGtBzz0D0EtDyC0AyE0CzzyD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyBtDyD0C0DtB0AtG0DtCtC0FtGyEtAzy0DtGzzyC0FtAtGyDyCzztDzztAtCtB0DyDyE0F2QtN0A0LzutB%26cr%3D1190448466%26a%3Dwncy_ir_16_06%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKLM -> {86E6F0BB-1696-40EC-80C0-C9E7509A5E8E} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_06&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuzzyEzz0FyCzy0CtC0CyD0D0C0C0FtAzytN0D0Tzu0StCyDtDyEtN1L2XzutAtFtCzztFtCtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyC0A0C0CzztDyC0FtGtC0F0F0AtG0FyEzyyBtGyC0CzzyDtGtBzz0D0EtDyC0AyE0CzzyD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyBtDyD0C0DtB0AtG0DtCtC0FtGyEtAzy0DtGzzyC0FtAtGyDyCzztDzztAtCtB0DyDyE0F2QtN0A0LzutB%26cr%3D1190448466%26a%3Dwncy_ir_16_06%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003 -> {86E6F0BB-1696-40EC-80C0-C9E7509A5E8E} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_06&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuzzyEzz0FyCzy0CtC0CyD0D0C0C0FtAzytN0D0Tzu0StCyDtDyEtN1L2XzutAtFtCzztFtCtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyC0A0C0CzztDyC0FtGtC0F0F0AtG0FyEzyyBtGyC0CzzyDtGtBzz0D0EtDyC0AyE0CzzyD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyBtDyD0C0DtB0AtG0DtCtC0FtGyEtAzy0DtGzzyC0FtAtGyDyCzztDzztAtCtB0DyDyE0F2QtN0A0LzutB%26cr%3D1190448466%26a%3Dwncy_ir_16_06%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003 -> {D4DED440-58A0-43A9-A242-69CE9EC77244} URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003 -> {EA1F3C32-0F84-4E7A-A55C-4663F194BF70} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=goughGA&Lan=en&q={searchTerms}&gu=ea028d5206f74666a877a44395d4b9b8&tu=10GXy00BF2C01g0&sku=&tstsId=&ver=&&r=611
BHO: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\98.0.1108.62\BHO\ie_to_edge_bho_64.dll => No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120502012239.dll [2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: Zonealarm Helper Object -> {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} -> C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll [2013-07-22] (Check Point Software Technologies Ltd. -> Check Point Software Technologies LTD)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Dragon NaturallySpeaking Rich Internet Application Support - Extension -> {73A89C60-CF59-4EC7-9215-9B7EF05ECEA4} -> C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ieShim.dll [2013-10-15] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\ssv.dll [2022-02-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120502012239.dll [2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\jp2ssv.dll [2022-02-27] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM-x32 - ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll [2013-07-22] (Check Point Software Technologies Ltd. -> Check Point Software Technologies LTD)
Toolbar: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003 -> No Name - {687578B9-7132-4A7A-80E4-30EE31099E03} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\dell.com -> dell.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE;C:\PROGRAM FILES (X86)\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE;%SYSTEMROOT%\SYSTEM32;%SYSTEMROOT%;%SYSTEMROOT%\SYSTEM32\WBEM;%SYSTEMROOT%\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES (X86)\COMMON FILES\ROXIO SHARED\OEM\DLLSHARED\;C:\PROGRAM FILES (X86)\COMMON FILES\ROXIO SHARED\OEM\DLLSHARED\;C:\PROGRAM FILES (X86)\COMMON FILES\ROXIO SHARED\OEM\12.0\DLLSHARED\;C:\PROGRAM FILES (X86)\ROXIO\OEM\AUDIOCORE\;C:\PROGRAM FILES (X86)\WINDOWS LIVE\SHARED;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\MKruz090\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: RemoteControl9 => "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{57D537EB-1F56-4D61-813B-CC4A35B25EA1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{957DECDA-054C-4594-A689-550D9EBFEA1D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{F1B9505B-418E-4CD8-B20D-056A2CFC4ACE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6ADAB3B2-A065-4407-9AE3-BFCAD735F377}] => (Allow) LPort=2869
FirewallRules: [{A9DCC638-533E-4683-BB11-28E4A165B8CF}] => (Allow) LPort=1900
FirewallRules: [{A9E4DBB9-EAB1-4BA2-9646-9089A11121EC}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B4CD3E3B-3946-4936-AF29-4E4AB3FE9614}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{188127F5-6AA9-4A21-A615-429B1E0A17D4}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{20983BE5-ACA4-4F37-A201-593E644ED23F}] => (Allow) LPort=51001
FirewallRules: [{1D5E967E-17A9-43FD-B554-64E86DCCA015}] => (Allow) C:\Users\MKruz090\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4392E673-47A3-413F-BC94-73D8BD1AA523}] => (Allow) C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{979C3C9B-BD86-4214-BDC8-323B6BB4EE71}] => (Allow) C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{B59506A3-37BA-4AA8-AB0C-8950D1BA7807}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{38198E0A-9264-499A-95E9-6BD87C552557}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{96381C05-FE3A-48E0-A6AB-A89CF30D3517}C:\users\mkruz090\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\mkruz090\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [UDP Query User{7DEF2371-BD84-498D-9F5F-591C9EF1E7C6}C:\users\mkruz090\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\mkruz090\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{99185FB5-FF4B-43D8-B65D-B2A437259ABE}] => (Allow) LPort=51001
FirewallRules: [{957F3740-C3CD-46C4-9E80-9059F91AD036}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4F3E9009-BD5C-4D71-BA2B-C81FF28510F3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6BFF1B86-6692-4CA7-AFBF-8F6113AF6F2F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{A1F09BC7-D5C9-42F2-A312-EA6018DDCCDE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{CD69F0D4-B85E-4F58-8107-61651FCFA2F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{0FC17C5F-5E59-44EE-BEB5-F76D260D957D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [TCP Query User{06B1E09C-B1D6-4227-9A55-B76AF2B33764}C:\program files (x86)\perfect world entertainment\neverwinter_en\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\perfect world entertainment\neverwinter_en\neverwinter\live\gameclient.exe => No File
FirewallRules: [UDP Query User{197307BC-30A4-4C65-94BA-FAFE577E9898}C:\program files (x86)\perfect world entertainment\neverwinter_en\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\perfect world entertainment\neverwinter_en\neverwinter\live\gameclient.exe => No File
FirewallRules: [{0851D6B2-2CFE-4F82-BEA1-7E5673F6A55D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{53036CC3-5551-4CF9-AEA5-14B70AA605E2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2908E009-77C4-46B0-8000-3BAEF94927B9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6515822E-F8B8-412A-90F3-F144365CE7EA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4FAB55FC-33E9-44C0-93F2-ABA9FC89DD86}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [{75E49F19-32FD-476D-9759-1F5139EFCEAE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7A5736DE-B723-4329-9652-4D013D0EC164}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{44787D0A-0D18-427F-AADD-5B38A112E64C}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{47564491-FAAB-4F55-8910-A681F79F55BF}] => (Allow) C:\Users\MKruz090\AppData\Local\Warframe\Downloaded\Public\Warframe.exe => No File
FirewallRules: [{175E4AE3-EBDC-48B9-B4BE-7BEEBD8C628F}] => (Allow) C:\Users\MKruz090\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{E2E10332-69F6-43D7-A0FC-9A2677ABB910}] => (Allow) C:\Users\MKruz090\AppData\Local\Warframe\Downloaded\Public\Warframe.exe => No File
FirewallRules: [{C4F909A4-8D08-426D-AD75-0EFB8C1F84B7}] => (Allow) C:\Users\MKruz090\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{585C2B2E-5B33-4FD3-80A7-4B099A9BE769}] => (Allow) C:\Users\MKruz090\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{668C6875-A0D2-4DDD-B2C6-16AAA88C9E45}] => (Allow) C:\Users\MKruz090\AppData\Local\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{05A0317D-AFD0-40E8-A89B-F5F6E3C44FD2}] => (Allow) C:\Users\MKruz090\AppData\Local\Warframe\Downloaded\Public\Warframe.exe => No File
FirewallRules: [{B6BF9088-90DF-4206-BD9B-CCAEBC61B2E8}] => (Allow) C:\Users\MKruz090\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{07148CD9-2149-49BC-981D-F328ABEE12CE}] => (Allow) C:\Users\MKruz090\AppData\Local\Warframe\Downloaded\Public\Warframe.exe => No File
FirewallRules: [{F8B25E3B-030D-4FFE-80F0-C87E29B419C6}] => (Allow) C:\Users\MKruz090\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{4F6B7CEE-E741-449A-9B10-11692A87E1C6}] => (Allow) C:\Users\MKruz090\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{E9B58436-2B11-453B-8213-D7CDDBF209B8}] => (Allow) C:\Users\MKruz090\AppData\Local\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{F5FF8126-E514-4E4E-9F9F-E16281D53FA2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon's Lair\DragonsLair.exe () [File not signed]
FirewallRules: [{16AFD610-C0D4-4E89-9EDD-627D0E5E2E16}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon's Lair\DragonsLair.exe () [File not signed]
FirewallRules: [{5A4ECC1D-5BD3-46E4-977F-C60CB107964B}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{69A37891-845E-4559-A278-41124BBFEE52}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FA5BF607-8068-4112-9957-44646E02D0FF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AA4F321B-5D02-4E30-BC51-FE0883012783}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{4E34F7DA-4237-48DF-A827-8E06223088F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{8A2F8D19-E3EB-45B0-903E-FEAC67C8BC4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{621ACAF1-E9CE-4A58-A6AA-7F748C8A9E9C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{C23C1566-7C96-4BD2-B276-EC3FA94AE534}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{899DB900-D8AE-4568-936E-1E63A1777FEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{DF04EE2D-CBFC-447B-8FEC-F5308263A4C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{7FDEAE43-4460-46E5-A349-B8C29E15E50A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{A6440C46-E438-461B-B82B-F8D74132C9DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\WarfaceMycomSteamLoader.exe (My.Com B.V. -> )
FirewallRules: [{5BEDB7BE-1E6F-49A4-B563-C3A0740B3CF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\WarfaceMycomSteamLoader.exe (My.Com B.V. -> )
FirewallRules: [TCP Query User{A1CF29B5-B123-47C8-A2F7-A899E94795DF}C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe (My.Com B.V. -> )
FirewallRules: [UDP Query User{DB6E2EA3-5B28-4625-876F-4E961E2A6F0D}C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe (My.Com B.V. -> )
FirewallRules: [TCP Query User{7612889D-F300-4688-B1CB-4DA0866C3778}C:\program files (x86)\steam\steamapps\common\warface\13_2000076\bin64release\game.exe] => (Block) C:\program files (x86)\steam\steamapps\common\warface\13_2000076\bin64release\game.exe (MRAC Warface -> MY.GAMES)
FirewallRules: [UDP Query User{FEF3F5B2-1DFC-4B50-81A6-39B9AEEE0471}C:\program files (x86)\steam\steamapps\common\warface\13_2000076\bin64release\game.exe] => (Block) C:\program files (x86)\steam\steamapps\common\warface\13_2000076\bin64release\game.exe (MRAC Warface -> MY.GAMES)
FirewallRules: [{57B7E832-3C48-4B33-A144-48310C640F31}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E59F7526-7D05-4374-90AD-C383864F39C5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)

==================== Restore Points =========================

01-03-2022 14:43:35 Windows Update
03-03-2022 16:12:24 Revo Uninstaller's restore point - Microsoft Edge
04-03-2022 14:35:06 Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133
04-03-2022 16:23:39 Windows Update
04-03-2022 17:27:48 Windows Update
04-03-2022 18:38:57 Revo Uninstaller's restore point - VLC media player
04-03-2022 23:17:10 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/05/2022 12:55:15 PM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Net.WebException</Type><Message><![CDATA[The request was aborted: Could not create SSL/TLS secure channel.]]></Message><Source><![CDATA[System]]></Source><StackTrace><![CDATA[ at System.Net.HttpWebRequest.GetResponse()
at eSupport.Common.Client.Core.DownloadHelper.c7830ac1bc4e91dab8bde579f211f329c(String c8673d9709497f3c74ce807a680598785, String c91396822be155ce2c311fce26d8381b0, String c4f92ed345e3cbb336c52d8fa69d33697)]]></StackTrace><SysInfo STag="5BC54S1" SMBIOSMajVer="2" SMBIOSMinVer="6" SMBIOSBIOSVer="A13" SMBIOSPresent="True" Rel_Date="20120905000000.000000+000" DSDVersion="10.0.3.0" Vendor="Dell Inc." PName="Dell System Inspiron N7110" Ident_Num="MININT-NBS308T" TimeZone="(UTC-05:00) Eastern Time (US & Canada)" OSName="Microsoft Windows 7 Home Premium"/><HostIP>192.168.1.13</HostIP></Exception>

Error: (03/05/2022 12:53:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/05/2022 12:50:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 27136218

Error: (03/05/2022 12:50:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 27136218

Error: (03/05/2022 12:50:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/04/2022 11:17:05 PM) (Source: SupportAssistAgent) (EventID: 0) (User: )
Description: An exception occurred in session change of service start: Object reference not set to an instance of an object.

Error: (03/04/2022 08:49:36 PM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Net.WebException</Type><Message><![CDATA[The request was aborted: Could not create SSL/TLS secure channel.]]></Message><Source><![CDATA[System]]></Source><StackTrace><![CDATA[ at System.Net.HttpWebRequest.GetResponse()
at eSupport.Common.Client.Core.DownloadHelper.c7830ac1bc4e91dab8bde579f211f329c(String c8673d9709497f3c74ce807a680598785, String c91396822be155ce2c311fce26d8381b0, String c4f92ed345e3cbb336c52d8fa69d33697)]]></StackTrace><SysInfo STag="5BC54S1" SMBIOSMajVer="2" SMBIOSMinVer="6" SMBIOSBIOSVer="A13" SMBIOSPresent="True" Rel_Date="20120905000000.000000+000" DSDVersion="10.0.3.0" Vendor="Dell Inc." PName="Dell System Inspiron N7110" Ident_Num="MININT-NBS308T" TimeZone="(UTC-05:00) Eastern Time (US & Canada)" OSName="Microsoft Windows 7 Home Premium"/><HostIP>192.168.1.13</HostIP></Exception>

Error: (03/04/2022 08:46:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (03/05/2022 01:19:07 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} did not register with DCOM within the required timeout.

Error: (03/05/2022 12:55:22 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (03/05/2022 12:55:21 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (03/05/2022 12:55:20 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (03/05/2022 12:55:19 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (03/05/2022 12:55:19 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (03/05/2022 12:55:18 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (03/05/2022 12:55:17 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.


==================== Memory info ===========================

BIOS: Dell Inc. A13 09/05/2012
Motherboard: Dell Inc. 0YH79Y
Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 77%
Total physical RAM: 6038.17 MB
Available physical RAM: 1375.89 MB
Total Virtual: 12074.54 MB
Available Virtual: 6914.25 MB

==================== Drives ================================

Drive c: (OSDisk) (Fixed) (Total:452.09 GB) (Free:223.6 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Recovery) (Fixed) (Total:13.67 GB) (Free:6.97 GB) NTFS


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 5A4684A2)
Partition 1: (Active) - (Size=452.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================
 
This is Part 1 apologies


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-02-2022
Ran by MKruz090 (administrator) on MININT-NBS308T (Dell Inc. Dell System Inspiron N7110) (05-03-2022 13:12:52)
Running from C:\Users\MKruz090\Downloads
Loaded Profiles: MKruz090
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe ->) (Stardock) [File not signed] C:\Program Files (x86)\Stardock\ObjectDockFree\Dock64.exe
(C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(explorer.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(explorer.exe ->) (Cloud Software -> ) [File not signed] C:\Users\MKruz090\AppData\Roaming\Settings Manager\SettingsManager.exe
(explorer.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Users\MKruz090\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(explorer.exe ->) (GMGP, LLC -> ) [File not signed] C:\Users\MKruz090\AppData\Local\Temp\~wt259E.tmp.exe
(explorer.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Spigot, Inc. -> S p i g o t, I n c.) C:\Users\MKruz090\AppData\Roaming\Search Protection\SearchProtection.exe
(explorer.exe ->) (Stardock Corporation -> Stardock) C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Renesas Electronics Corporation -> Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(services.exe ->) (Clearwire Corporation -> ) C:\Program Files (x86)\Clearwire\Connection Manager\DeviceLaunchSvc.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(services.exe ->) (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
(services.exe ->) (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(services.exe ->) (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(services.exe ->) (McAfee, Inc. -> McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(services.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(services.exe ->) (Yahoo! Inc. -> Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(svchost.exe ->) (Flexera Software LLC -> Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(svchost.exe ->) (Flexera Software LLC -> Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(taskeng.exe ->) (Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
(taskeng.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-12] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6561384 2010-12-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1841496 2016-10-14] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [333784 2021-03-31] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-17] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-10-05] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (No File)
HKLM-x32\...\Run: [Clearwire Connection Manager] => C:\Program Files (x86)\Clearwire\Connection Manager\ClearwireCM.exe [54608 2010-05-25] (Clearwire Corporation -> ClearwireCM)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC -> Flexera Software LLC.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2068856 2011-10-12] (Flexera Software LLC -> Flexera Software LLC.)
HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\Run: [SearchProtection] => C:\Users\MKruz090\AppData\Roaming\Search Protection\SearchProtection.EXE [1109352 2014-08-22] (Spigot, Inc. -> S p i g o t, I n c.)
HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\Run: [Dropbox Update] => C:\Users\MKruz090\AppData\Local\Dropbox\Update\DropboxUpdate.exe [130320 2022-01-28] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\Run: [Settings Manager] => C:\Users\MKruz090\AppData\Roaming\Settings Manager\SettingsManager.exe [1596712 2017-03-07] (Cloud Software -> ) [File not signed]
HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\Run: [UM] => C:\Users\MKruz090\AppData\Local\Temp\~wt259E.tmp.exe [1620224 2018-02-24] (GMGP, LLC -> ) [File not signed] <==== ATTENTION
HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\MountPoints2: E - E:\AUTORUN.EXE
HKU\S-1-5-18\...\Run: [Advanced SystemCare 6] => "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart (No File)
HKU\S-1-5-18\...\Run: [ZoneAlarm Windows 10 Upgrader] => "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay (No File)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{9459C573-B17A-45AE-9F64-1857B5D58CEE}] -> "C:\Program Files (x86)\Microsoft\Edge\Application\98.0.1108.62\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\99.1.36.109\Installer\chrmstp.exe [2022-03-03] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2021-12-24] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\Users\MKruz090\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk [2012-11-05]
ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe (Stardock Corporation -> Stardock)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {059FA0AC-939C-43F4-91B3-A1DFAD4804D8} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {138B4B5A-0234-4700-B55E-C5A831FF3001} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {1CEFF44C-9642-4C32-B886-257BC4EB0A26} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1706774440-1050106324-3588017053-1003UA => C:\Users\MKruz090\AppData\Local\Dropbox\Update\DropboxUpdate.exe [130320 2022-01-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {2351F11E-88AF-4C21-996D-26B18DBC715A} - System32\Tasks\{0001BC4F-39AB-42A6-847E-0CF447D94531} => C:\Windows\system32\pcalua.exe -a C:\Users\MKruz090\Downloads\jxpiinstall(1).exe -d C:\Users\MKruz090\Downloads
Task: {260C856D-B6FD-46DA-9485-8F5AC5ADCE3E} - System32\Tasks\LifeChatTask => C:\Program Files\Microsoft LifeChat\LifeChat.exe (No File)
Task: {3852BBBC-385C-4B60-9088-4E54057445B4} - System32\Tasks\{5C88D553-FBDF-4C64-89A8-49FC952BF3E1} => C:\Windows\system32\pcalua.exe -a E:\SetupWizard.exe -d E:\
Task: {4779DA7E-EC7B-4F9D-A5FE-CC8DFD9CC9EA} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe (No File)
Task: {5D605C7A-D293-4BBA-9F65-7096BE64BC26} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1706774440-1050106324-3588017053-1003Core => C:\Users\MKruz090\AppData\Local\Dropbox\Update\DropboxUpdate.exe [130320 2022-01-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {6CD78BDF-9FBC-4CF3-9629-463C4BBB5F80} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1131992 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)
Task: {6FE05CAF-ADCF-4F38-9A69-40C5655E1698} - System32\Tasks\PCDDataUploadTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1131992 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)
Task: {79E0C801-346C-4C98-BB8C-1B46B06D3DC9} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {7ADFA052-DFF1-4C69-8234-FAA491666707} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162968 2022-03-01] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {7BAB6A32-FCF8-4472-B376-D7D4A4208CB8} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [435672 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)
Task: {84B44CE6-4934-46D4-92BC-9EB59C55A468} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {871CB16C-DF5A-4AB5-BE88-B481B34B734B} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [38872 2018-02-14] (Dell Inc. -> Dell Inc.)
Task: {96B9C921-AECE-431F-B224-3553F0718EE0} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {A2D74222-19D6-4231-A43D-F4F031667875} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162968 2022-03-01] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {BB9FE182-4ACF-4C61-9E46-EB94EB5D280B} - System32\Tasks\{3DC86B9B-4C24-4C03-9CD7-9B304D946A7D} => C:\Windows\system32\pcalua.exe -a "C:\Users\MKruz090\Desktop\Clearwire\Connection Manager\InstallModem.exe" -d "C:\Users\MKruz090\Desktop\Clearwire\Connection Manager"
Task: {BDBB54ED-2C7F-421A-8FAE-BBB09B85E42D} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1706774440-1050106324-3588017053-1003 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {C8E0D297-249F-4D03-BE91-2C41651B5E11} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2018-02-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {CF366CC2-0B1E-4453-9E8C-B3B28FA50E2A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {DBA9AD6C-A56F-4273-9BB4-4534BCDB5DB2} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1131992 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)
Task: {E33A1386-0C78-4A9D-9420-6C30709F6A0A} - System32\Tasks\ASC6_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe (No File)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1706774440-1050106324-3588017053-1003Core.job => C:\Users\MKruz090\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1706774440-1050106324-3588017053-1003UA.job => C:\Users\MKruz090\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 10 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1FCC0F9F-1991-42BA-AF39-6869E93AD79F}: [DhcpNameServer] 66.233.174.12 75.94.255.12
Tcpip\..\Interfaces\{51CEA4D3-953D-434C-AD66-805C82BF0700}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{699E6F3F-9E14-4F22-BB44-765DEF94AB4B}: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge Profile: C:\Users\MKruz090\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-03]

FireFox:
========
FF DefaultProfile: iyoz71gz.default
FF ProfilePath: C:\Users\MKruz090\AppData\Roaming\Mozilla\Firefox\Profiles\iyoz71gz.default [2022-03-03]
FF ProfilePath: C:\Users\MKruz090\AppData\Roaming\Mozilla\Firefox\Profiles\bn23gwgn.default-release [2022-03-05]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\MKruz090\AppData\Roaming\Mozilla\Firefox\Profiles\bn23gwgn.default-release\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2022-03-03]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-24] (Adobe Systems Incorporated -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-24] (Adobe Systems Incorporated -> )
FF Plugin-x32: @checkpoint.com/FFApi -> C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-02-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-02-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc. -> Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll [2012-05-31] (Oberon-Media) [File not signed]
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @real.com/nppl3260;version=6.0.11.2321 -> C:\PROGRA~2\fenglei\Mozilla\nppl3260.dll [No File]
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.1483 -> C:\PROGRA~2\fenglei\Mozilla\nprpjplug.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: nuance.com/DragonRIAPlugin -> C:\PROGRA~2\Nuance\NATURA~1\Program\npDgnRia.dll [2013-10-15] (Nuance Communications, Inc. -> Nuance Communications Inc.)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [mikhcaiakabeeokmenglcdebplfdjicn] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\chromeShim.crx [2013-10-15]
CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\MKruz090\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2012-04-17]

Brave:
=======
BRA Profile: C:\Users\MKruz090\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-03-01]
BRA Extension: (Brave NTP sponsored images) - C:\Users\MKruz090\AppData\Local\BraveSoftware\Brave-Browser\User Data\gccbbckogglekeggclmmekihdgdpdgoe [2022-03-01]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2018-02-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [98208 2009-11-17] (Andrea Electronics -> Andrea Electronics Corporation)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [901184 2010-12-14] (Intel Corporation) [File not signed]
S3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1298496 2010-12-14] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [974912 2010-12-14] (Intel Corporation) [File not signed]
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162968 2022-03-01] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162968 2022-03-01] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 CACLEARWIRE; C:\Program Files (x86)\Clearwire\Connection Manager\ConAppsSvc.exe [124240 2010-05-25] (Clearwire Corporation -> SmithMicro Inc.)
S3 clearwireDeviceDiagnosticsService; C:\Program Files (x86)\Clearwire\Connection Manager\clearwireDeviceDiagnosticsService.exe [399872 2010-04-19] () [File not signed]
S3 CLEARWIRERcAppSvc; C:\Program Files (x86)\Clearwire\Connection Manager\RcAppSvc.exe [120144 2010-05-25] (Clearwire Corporation -> SmithMicro Inc.)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [89920 2009-06-10] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2017-12-14] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294608 2017-12-14] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2017-12-14] (Dell Inc -> Dell Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc. -> McAfee, Inc.)
S2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc. -> McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc. -> McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc. -> McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc. -> McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [200056 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [245352 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [149032 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
S3 mracsvc; C:\Windows\System32\mracsvc.exe [23885544 2022-03-04] (My.Com B.V. -> My.com B.V.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc. -> McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 SMSI Device Launch Service; C:\Program Files (x86)\Clearwire\Connection Manager\DeviceLaunchSvc.exe [107856 2010-05-25] (Clearwire Corporation -> )
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [41432 2018-02-14] (Dell Inc. -> Dell Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [198144 2012-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [198144 2012-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 AthDfu; C:\Windows\System32\Drivers\AthDfu.sys [51872 2010-12-16] (Atheros Communications Inc. -> Windows (R) Win 7 DDK provider)
S3 bcm; C:\Windows\System32\DRIVERS\drxvi314_64.sys [359040 2010-03-26] (Smith Micro Software, Inc. -> Beceem communications pvt ltd.)
S3 bcmbusctr; C:\Windows\System32\DRIVERS\BcmBusCtr_64.sys [62976 2010-03-26] (Smith Micro Software, Inc. -> Beceem communications pvt ltd.)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [62800 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R3 CtClsFlt; C:\Windows\System32\DRIVERS\CtClsFlt.sys [172704 2009-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [41608 2017-12-14] (Techporch Incorporated -> Dell Inc.)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [41208 2017-12-14] (Techporch Incorporated -> Dell Computer Corporation)
R3 hsstap; C:\Windows\System32\DRIVERS\hsstap.sys [39152 2020-09-29] (Pango Inc. -> Pango)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [121248 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [190136 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [441328 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [529128 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R1 mfenlfk; C:\Windows\System32\DRIVERS\mfenlfk.sys [75032 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [94864 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [283360 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 mracdrv; C:\Windows\System32\drivers\mracdrv1.sys [23122952 2022-03-04] (My.Com B.V. -> My.com B.V.)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [95744 2011-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [212992 2011-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R1 pango_netfilter2; C:\Windows\System32\drivers\pango_netfilter2.sys [94600 2021-10-22] (Pango Inc. -> Pango Inc)
S3 PCTINDIS5X64; C:\Windows\system32\PCTINDIS5X64.SYS [43032 2010-05-25] (Smith Micro Software, Inc. -> Smith Micro Inc.)
S3 Prot6Flt; C:\Windows\System32\DRIVERS\Prot6Flt.sys [30720 2012-06-14] (Panda Security S.L -> Panda Security, S.L.)
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation -> MCCI Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 Bulk1528; System32\Drivers\Bulk1528.sys [X]
S2 Ca1528av; System32\Drivers\Ca1528av.sys [X]
S3 MpKsl16a39c3a; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A63A8CD5-6178-4E51-B18D-038B27F5E1E7}\MpKslDrv.sys [X]
U4 secdrv; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-05 13:12 - 2022-03-05 13:14 - 000032806 _____ C:\Users\MKruz090\Downloads\FRST.txt
2022-03-05 13:10 - 2022-03-05 13:13 - 000000000 ____D C:\FRST
2022-03-05 13:09 - 2022-03-05 13:09 - 002312192 _____ (Farbar) C:\Users\MKruz090\Downloads\FRST64.exe
2022-03-04 21:11 - 2022-03-04 21:11 - 038194709 _____ C:\Users\MKruz090\Desktop\CheckSUR001.txt
2022-03-04 19:50 - 2022-03-05 12:52 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-03-04 18:42 - 2022-03-04 18:42 - 000000000 ____D C:\Users\MKruz090\Desktop\CheckSUR
2022-03-04 18:41 - 2022-03-04 18:41 - 000722270 _____ C:\Users\MKruz090\Desktop\CheckSUR.zip
2022-03-04 18:41 - 2022-03-04 18:41 - 000000000 ____D C:\Users\MKruz090\Desktop\New folder
2022-03-04 15:42 - 2022-03-04 15:42 - 674616578 _____ C:\Windows\MEMORY.DMP
2022-03-04 15:42 - 2022-03-04 15:42 - 000756920 _____ C:\Windows\Minidump\030422-29359-01.dmp
2022-03-04 14:37 - 2022-03-04 14:37 - 000000000 ____D C:\Users\MKruz090\AppData\Local\NVIDIA Corporation
2022-03-04 14:36 - 2022-03-04 14:36 - 023885544 _____ (My.com B.V.) C:\Windows\system32\mracsvc.exe
2022-03-04 14:36 - 2022-03-04 14:36 - 023122952 _____ (My.com B.V.) C:\Windows\system32\Drivers\mracdrv1.sys
2022-03-04 14:36 - 2022-03-04 14:36 - 000000000 ____D C:\Users\MKruz090\AppData\Local\CrashRpt
2022-03-04 12:14 - 2022-03-04 12:14 - 002316112 _____ (niemiro) C:\Users\MKruz090\Downloads\SFCFix.exe
2022-03-04 08:14 - 2022-03-04 08:14 - 000000222 _____ C:\Users\MKruz090\Desktop\Warface.url
2022-03-03 23:24 - 2022-03-03 23:32 - 000000000 ____D C:\Users\MKruz090\AppData\Local\Battle.net
2022-03-03 23:24 - 2022-03-03 23:24 - 000000000 ____D C:\Users\MKruz090\AppData\Roaming\Battle.net
2022-03-03 23:24 - 2022-03-03 23:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2022-03-03 23:23 - 2022-03-03 23:24 - 000000000 ____D C:\Program Files (x86)\Battle.net
2022-03-03 23:22 - 2022-03-03 23:22 - 000000000 ____D C:\Users\MKruz090\AppData\Local\Blizzard Entertainment
2022-03-03 16:18 - 2022-03-03 16:18 - 000003380 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-03 16:18 - 2022-03-03 16:18 - 000003252 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-03-03 07:20 - 2022-03-05 13:03 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-03-03 07:20 - 2022-03-05 13:02 - 000000000 ____D C:\Users\MKruz090\AppData\LocalLow\Mozilla
2022-03-03 07:20 - 2022-03-05 12:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-03-03 07:20 - 2022-03-04 20:48 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-03-03 07:20 - 2022-03-03 07:20 - 000000942 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-03-03 07:19 - 2022-03-03 07:19 - 000333840 _____ (Mozilla) C:\Users\MKruz090\Downloads\Firefox Installer.exe
2022-03-03 01:11 - 2022-03-03 01:11 - 000000000 ____D C:\Users\MKruz090\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-03-01 22:32 - 2022-03-04 16:16 - 000000000 ____D C:\Users\MKruz090\AppData\Local\niemiro
2022-03-01 20:34 - 2022-03-03 00:47 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2022-03-01 20:34 - 2022-03-01 20:34 - 000000000 ____D C:\Program Files\BraveSoftware
2022-03-01 20:33 - 2022-03-01 20:34 - 000000000 ____D C:\Users\MKruz090\AppData\Local\BraveSoftware
2022-03-01 20:33 - 2022-03-01 20:33 - 000003342 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2022-03-01 20:33 - 2022-03-01 20:33 - 000003214 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
2022-03-01 20:33 - 2022-03-01 20:33 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
2022-03-01 15:36 - 2022-03-01 15:36 - 000000000 ___HD C:\$Windows.~WS
2022-03-01 14:43 - 2022-03-01 14:43 - 000000000 ____D C:\Windows\CheckSur
2022-02-28 23:13 - 2022-02-28 23:13 - 000000000 ____D C:\Users\MKruz090\AppData\Local\Rufus
2022-02-28 23:12 - 2022-02-28 23:13 - 000000258 __RSH C:\ProgramData\ntuser.pol
2022-02-27 21:32 - 2022-02-27 22:38 - 000000000 ___HD C:\$WINDOWS.~BT
2022-02-27 15:10 - 2022-02-27 15:14 - 000224006 _____ C:\Windows\ntbtlog.txt
2022-02-27 14:28 - 2022-02-27 14:28 - 000008192 _____ C:\Windows\system32\config\userdiff
2022-02-27 12:51 - 2022-02-27 12:51 - 000000000 ____D C:\Users\MKruz090\AppData\LocalLow\Digital Leisure
2022-02-27 12:45 - 2022-02-27 12:45 - 000000222 _____ C:\Users\MKruz090\Desktop\Dragon's Lair.url
2022-02-27 11:11 - 2022-02-27 22:11 - 000000001 ___SH C:\BOOTNXT
2022-02-27 10:15 - 2022-02-27 22:12 - 000001890 _____ C:\Windows\diagwrn.xml
2022-02-27 10:15 - 2022-02-27 22:12 - 000001890 _____ C:\Windows\diagerr.xml
2022-02-27 08:06 - 2022-02-27 08:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2022-02-27 08:06 - 2022-02-27 08:06 - 000000000 ____D C:\Program Files\VS Revo Group
2022-02-27 03:13 - 2022-02-27 03:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2022-02-27 03:13 - 2022-02-27 03:13 - 000000000 ____D C:\Program Files\iPod
2022-02-27 03:12 - 2022-02-27 03:13 - 000000000 ____D C:\Program Files\iTunes
2022-02-27 03:09 - 2022-02-27 03:09 - 000000000 ____D C:\Windows\system32\Tasks\Apple
2022-02-27 03:09 - 2022-02-27 03:09 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2022-02-27 03:07 - 2022-03-04 12:03 - 000000000 ____D C:\Users\MKruz090\AppData\Local\CrashDumps
2022-02-27 03:05 - 2022-02-27 03:05 - 000000000 ____D C:\Program Files\HotspotShield TAP-Windows
2022-02-27 03:05 - 2021-10-22 10:50 - 000094600 _____ (Pango Inc) C:\Windows\system32\Drivers\pango_netfilter2.sys
2022-02-27 03:04 - 2022-02-27 03:04 - 000000000 ____D C:\Program Files (x86)\Hotspot Shield
2022-02-27 02:03 - 2022-03-01 16:48 - 000000000 ____D C:\ESD
2022-02-27 01:40 - 2022-03-03 16:34 - 000000000 ____D C:\Users\MKruz090\Desktop\New folder (2)

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-05 13:10 - 2009-07-13 23:45 - 000027936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-03-05 13:10 - 2009-07-13 23:45 - 000027936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-03-05 13:08 - 2016-02-12 22:17 - 000000930 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1706774440-1050106324-3588017053-1003UA.job
2022-03-05 13:00 - 2013-07-28 10:31 - 000003962 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{0339E0E0-E1AB-4C5F-B75C-B25594CEF559}
2022-03-05 12:58 - 2009-07-14 00:13 - 000782470 _____ C:\Windows\system32\PerfStringBackup.INI
2022-03-05 12:58 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2022-03-05 12:52 - 2012-05-28 23:30 - 000000270 _____ C:\Windows\Tasks\AutoKMS.job
2022-03-05 12:52 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-03-05 05:18 - 2016-02-12 22:17 - 000000878 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1706774440-1050106324-3588017053-1003Core.job
2022-03-04 23:12 - 2016-02-13 01:11 - 000000000 ____D C:\Program Files\PeerBlock
2022-03-04 23:12 - 2016-02-12 22:01 - 000000000 ____D C:\Program Files (x86)\Steam
2022-03-04 23:09 - 2009-07-13 21:34 - 000000702 _____ C:\Windows\win.ini
2022-03-04 22:52 - 2016-11-12 21:19 - 000000000 ____D C:\Users\MKruz090\AppData\Local\Warframe
2022-03-04 18:39 - 2016-11-12 22:50 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2022-03-04 15:42 - 2013-02-06 03:50 - 000000000 ____D C:\Windows\Minidump
2022-03-04 14:35 - 2016-02-13 00:38 - 000000000 ____D C:\ProgramData\Package Cache
2022-03-04 11:58 - 2012-05-27 22:16 - 000000000 ____D C:\Users\MKruz090\AppData\Roaming\Apple Computer
2022-03-03 16:39 - 2013-07-21 21:22 - 000000000 ____D C:\Users\MKruz090\AppData\Local\Deployment
2022-03-03 07:20 - 2012-05-29 20:44 - 000000000 ____D C:\Users\MKruz090\AppData\Local\Mozilla
2022-03-03 07:20 - 2012-05-28 11:51 - 000000000 ____D C:\Users\MKruz090\AppData\Roaming\Mozilla
2022-03-03 01:11 - 2013-11-28 10:34 - 000000000 ____D C:\Users\MKruz090\AppData\Roaming\Dropbox
2022-03-03 00:31 - 2016-02-13 07:23 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2022-03-03 00:28 - 2016-02-13 07:23 - 000002065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-03-03 00:26 - 2012-05-28 18:43 - 000000000 ____D C:\Users\MKruz090\AppData\Local\Adobe
2022-03-01 16:48 - 2012-02-27 12:09 - 000000000 ____D C:\Windows\Panther
2022-02-28 23:12 - 2009-07-13 22:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2022-02-28 23:12 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2022-02-28 22:51 - 2016-03-25 23:34 - 000000000 ____D C:\Users\MKruz090\AppData\Roaming\Settings Manager
2022-02-27 22:12 - 2012-02-27 12:09 - 000008192 __RSH C:\BOOTSECT.BAK
2022-02-27 20:57 - 2012-09-10 17:40 - 000000000 ____D C:\Windows\system32\Tasks\Games
2022-02-27 15:37 - 2016-02-13 07:40 - 000000000 ____D C:\Users\MKruz090\AppData\Roaming\uTorrent
2022-02-27 15:36 - 2012-05-28 22:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2022-02-27 15:13 - 2012-06-13 08:42 - 000000000 ____D C:\Users\MKruz090\AppData\Local\ElevatedDiagnostics
2022-02-27 14:29 - 2012-10-16 19:35 - 000000000 ____D C:\Users\MKruz090\AppData\Local\Spoon
2022-02-27 14:29 - 2012-10-16 19:34 - 000000000 ____D C:\Program Files (x86)\Deskshare
2022-02-27 14:28 - 2012-06-02 01:57 - 000000000 ____D C:\Program Files (x86)\Yahoo!
2022-02-27 14:26 - 2012-05-21 19:08 - 000000000 ____D C:\Users\MKruz090
2022-02-27 12:44 - 2016-02-13 10:56 - 000000000 ____D C:\ProgramData\PCDr
2022-02-27 10:53 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\oobe
2022-02-27 10:49 - 2016-11-19 18:10 - 000000000 ___HD C:\Windows\system32\WLANProfiles
2022-02-27 10:49 - 2014-01-03 22:32 - 000000000 ____D C:\Users\MKruz090\AppData\Roaming\Search Protection
2022-02-27 10:49 - 2013-01-07 17:16 - 000000000 ____D C:\Program Files (x86)\Clearwire
2022-02-27 10:49 - 2012-05-02 00:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Webcam
2022-02-27 10:49 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\NDF
2022-02-27 10:49 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\registration
2022-02-27 10:48 - 2013-01-07 17:34 - 000000000 ____D C:\ProgramData\Clearwire
2022-02-27 10:48 - 2012-05-28 18:43 - 000000000 ____D C:\Users\MKruz090\AppData\LocalLow\Adobe
2022-02-27 10:48 - 2012-05-02 00:53 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-02-27 10:47 - 2012-05-02 00:53 - 000000000 ____D C:\Program Files (x86)\Dell Webcam
2022-02-27 08:17 - 2012-06-04 18:26 - 000000000 ____D C:\ProgramData\DivX
2022-02-27 08:10 - 2012-06-04 18:28 - 000000000 ____D C:\Users\MKruz090\AppData\Roaming\DivX
2022-02-27 08:10 - 2012-06-04 18:27 - 000000000 ____D C:\Program Files (x86)\DivX
2022-02-27 08:09 - 2013-03-21 21:08 - 000000000 ____D C:\Program Files (x86)\AVS4YOU
2022-02-27 08:05 - 2012-05-31 03:53 - 000000000 ____D C:\Program Files (x86)\Astonsoft
2022-02-27 08:02 - 2014-11-11 19:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-02-27 08:02 - 2013-07-12 17:55 - 000000000 ____D C:\Program Files (x86)\Java
2022-02-27 07:59 - 2014-11-11 19:05 - 000165600 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2022-02-27 07:53 - 2012-06-02 01:57 - 000000000 ____D C:\ProgramData\Yahoo!
2022-02-27 03:20 - 2016-02-12 22:05 - 000000000 ____D C:\Users\MKruz090\AppData\Local\Steam
2022-02-27 03:17 - 2009-07-13 23:45 - 000419112 _____ C:\Windows\system32\FNTCACHE.DAT
2022-02-27 03:12 - 2012-09-11 22:33 - 000000000 ____D C:\Program Files\Common Files\Apple
2022-02-27 03:09 - 2012-05-27 22:16 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2022-02-27 02:33 - 2009-07-14 00:08 - 000032618 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2022-02-27 02:21 - 2013-07-13 17:47 - 000000000 ____D C:\Windows\system32\MRT
2022-02-27 02:03 - 2012-05-27 21:38 - 149611728 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-02-27 01:43 - 2012-05-28 23:24 - 000775084 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2022-02-27 01:43 - 2012-05-21 19:09 - 000109208 _____ C:\Users\MKruz090\AppData\Local\GDIPFONTCACHEV1.DAT

==================== Files in the root of some directories ========

2013-06-14 20:41 - 2014-04-22 17:47 - 000001875 _____ () C:\Users\MKruz090\AppData\Roaming\SAS7_000.DAT
2016-02-13 01:43 - 2016-02-13 01:43 - 000000044 _____ () C:\Users\MKruz090\AppData\Roaming\WB.CFG

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2018-02-26 09:48
==================== End of FRST.txt ========================
 
Please follow the instructions in Step 1 also (provide the file C:\Windows\Logs\CBS\CheckSUR.log as attachment).
 
i did, its now letting me paste once i copy thats it no paste. suggestions pls. not sure about those links on posting replies to large.,, ill give it another shot.
 
There is a hacktool present or remnants of it to use Windows and / or Office not legitimately.
It is against the rules to help people with an illegal operating system or other illegally used programs.
Hacktools can make your system slower and also less secure.
Do you agree that we continue to do a repair attempt for this computer that will also remove the hacktool ?
 
Heck yeah, I didn't know of this item. Ive having problems with my devices especially my iphone and my ipad. Ive been having these problems for a couple years thats right a couple years.
Let me apologize for being apart of this my issue. Can you isolate it so i can inform the authorities?

Why wouldn't you want to help someone in trouble?
 
Why wouldn't you want to help someone in trouble?
Click to expand...
As I said earlier, we don't support illegally used operating systems or programs.
Now lets start the cleanup.

Step 1:
Uninstall following programs.
- Search Protection
- Settings Manager
- Yahoo! Software Update
Reboot the machine.

Stap 2:
Download the program MCPR (McAfee Product Removal).
Start MCPR.exe.
Follow the instructions that appear.
When the tool is finished reboot the machine.

Step 3:
Warning: This script was written specifically for this user, for use on that particular machine. Do not run this script on another machine.
  1. Download the attachment fixlist.txt and save it to your desktop.
  2. Right-click on FRST64.exe and select "Run as administrator".
    Note: Your antivirus program may report FRST incorrectly as an infection. If so, disable the real-time protection when downloading and running FRST.
  3. Press the Fix button.
  4. The tool will now process fixlist.txt.
  5. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  6. When finished, a log called Fixlog.txt will appear in the same directory the tool is run from.
  7. Attach the logfile Fixlog.txt to your next reply.
 

Attachments

I tried I sent you what i received.

Just so you know i went looking for McAfee and couldn't find anything just the fact that it existed from seeing the word revo uninstall had nothing there to uninstall.
 

Attachments

  • Capture 555.PNG
    Capture 555.PNG
    59.4 KB · Views: 2
You must log in or register to reply here.

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top