[SOLVED] My computer isnt Windows 10 yet

[Wally Kever]

Your McAfee didnt work and i couldnt delete it but once i moved it to my desktop i was able to delete it. Is that ok?

 

[PeterJ]

Just so you know i went looking for McAfee and couldn't find anything just the fact that it existed from seeing the word revo uninstall had nothing there to uninstall.
...
Your McAfee didnt work and i couldnt delete it but once i moved it to my desktop i was able to delete it. Is that ok?

I did not ask to move anything manually. Just leave it for now.
It looks like McAfee was pre-installed on this machine and maybe uninstalled but the uninstall was only partially done.
The McAfee Product Removal Tool is then the first step to remove the product. Apparently it could not find any traces.

Provide the log file Fixlog.txt of step 3 in message #38. Don't do anything else.

 

[Wally Kever]

CloseProcesses:
ZoneAlarm Security Toolbar (HKLM-x32\...\ZoneAlarm Security Toolbar) (Version: 1.8.22.0 - Check Point Software Technologies LTD) Hidden
ContextMenuHandlers1: [Advanced SystemCare] -> {9486A9B2-D787-4eca-A25C-4A0086BB4154} => -> No File
ContextMenuHandlers2: [Advanced SystemCare] -> {9486A9B2-D787-4eca-A25C-4A0086BB4154} => -> No File
ContextMenuHandlers4: [Advanced SystemCare] -> {9486A9B2-D787-4eca-A25C-4A0086BB4154} => -> No File
AlternateDataStreams: C:\ProgramData\Temp:0FF263E8 [247]
AlternateDataStreams: C:\ProgramData\Temp:293E91EE [376]
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_06&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuzzyEzz0FyCzy0CtC0CyD0D0C0C0FtAzytN0D0Tzu0StCyDtDyEtN1L2XzutAtFtCzztFtCtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyC0A0C0CzztDyC0FtGtC0F0F0AtG0FyEzyyBtGyC0CzzyDtGtBzz0D0EtDyC0AyE0CzzyD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyBtDyD0C0DtB0AtG0DtCtC0FtGyEtAzy0DtGzzyC0FtAtGyDyCzztDzztAtCtB0DyDyE0F2QtN0A0LzutB%26cr%3D1190448466%26a%3Dwncy_ir_16_06%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_06&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuzzyEzz0FyCzy0CtC0CyD0D0C0C0FtAzytN0D0Tzu0StCyDtDyEtN1L2XzutAtFtCzztFtCtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyC0A0C0CzztDyC0FtGtC0F0F0AtG0FyEzyyBtGyC0CzzyDtGtBzz0D0EtDyC0AyE0CzzyD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyBtDyD0C0DtB0AtG0DtCtC0FtGyEtAzy0DtGzzyC0FtAtGyDyCzztDzztAtCtB0DyDyE0F2QtN0A0LzutB%26cr%3D1190448466%26a%3Dwncy_ir_16_06%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
URLSearchHook: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003 - (No Name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - No File
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_06&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuzzyEzz0FyCzy0CtC0CyD0D0C0C0FtAzytN0D0Tzu0StCyDtDyEtN1L2XzutAtFtCzztFtCtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyC0A0C0CzztDyC0FtGtC0F0F0AtG0FyEzyyBtGyC0CzzyDtGtBzz0D0EtDyC0AyE0CzzyD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyBtDyD0C0DtB0AtG0DtCtC0FtGyEtAzy0DtGzzyC0FtAtGyDyCzztDzztAtCtB0DyDyE0F2QtN0A0LzutB%26cr%3D1190448466%26a%3Dwncy_ir_16_06%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKLM -> {86E6F0BB-1696-40EC-80C0-C9E7509A5E8E} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_06&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuzzyEzz0FyCzy0CtC0CyD0D0C0C0FtAzytN0D0Tzu0StCyDtDyEtN1L2XzutAtFtCzztFtCtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyC0A0C0CzztDyC0FtGtC0F0F0AtG0FyEzyyBtGyC0CzzyDtGtBzz0D0EtDyC0AyE0CzzyD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyBtDyD0C0DtB0AtG0DtCtC0FtGyEtAzy0DtGzzyC0FtAtGyDyCzztDzztAtCtB0DyDyE0F2QtN0A0LzutB%26cr%3D1190448466%26a%3Dwncy_ir_16_06%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003 -> {86E6F0BB-1696-40EC-80C0-C9E7509A5E8E} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_16_06&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuzzyEzz0FyCzy0CtC0CyD0D0C0C0FtAzytN0D0Tzu0StCyDtDyEtN1L2XzutAtFtCzztFtCtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyC0A0C0CzztDyC0FtGtC0F0F0AtG0FyEzyyBtGyC0CzzyDtGtBzz0D0EtDyC0AyE0CzzyD0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyBtDyD0C0DtB0AtG0DtCtC0FtGyEtAzy0DtGzzyC0FtAtGyDyCzztDzztAtCtB0DyDyE0F2QtN0A0LzutB%26cr%3D1190448466%26a%3Dwncy_ir_16_06%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003 -> {D4DED440-58A0-43A9-A242-69CE9EC77244} URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003 -> {EA1F3C32-0F84-4E7A-A55C-4663F194BF70} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=goughGA&Lan=en&q={searchTerms}&gu=ea028d5206f74666a877a44395d4b9b8&tu=10GXy00BF2C01g0&sku=&tstsId=&ver=&&r=611
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120502012239.dll [2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120502012239.dll [2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
Toolbar: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003 -> No Name - {687578B9-7132-4A7A-80E4-30EE31099E03} - No File
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
FirewallRules: [{B4CD3E3B-3946-4936-AF29-4E4AB3FE9614}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{188127F5-6AA9-4A21-A615-429B1E0A17D4}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
C:\Users\MKruz090\AppData\Roaming\Search Protection
File: C:\Users\MKruz090\AppData\Local\Temp\~wt259E.tmp.exe
(services.exe ->) (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
(services.exe ->) (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(services.exe ->) (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(services.exe ->) (McAfee, Inc. -> McAfee, Inc.) C:\Windows\System32\mfevtps.exe
HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\Run: [SearchProtection] => C:\Users\MKruz090\AppData\Roaming\Search Protection\SearchProtection.EXE [1109352 2014-08-22] (Spigot, Inc. -> S p i g o t, I n c.)
HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\Run: [Settings Manager] => C:\Users\MKruz090\AppData\Roaming\Settings Manager\SettingsManager.exe [1596712 2017-03-07] (Cloud Software -> ) [File not signed]
HKU\S-1-5-18\...\Run: [Advanced SystemCare 6] => "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart (No File)
HKU\S-1-5-18\...\Run: [ZoneAlarm Windows 10 Upgrader] => "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay (No File)
Task: {4779DA7E-EC7B-4F9D-A5FE-CC8DFD9CC9EA} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe (No File)
Task: {E33A1386-0C78-4A9D-9420-6C30709F6A0A} - System32\Tasks\ASC6_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe (No File)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc. -> Yahoo! Inc.)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @real.com/nppl3260;version=6.0.11.2321 -> C:\PROGRA~2\fenglei\Mozilla\nppl3260.dll [No File]
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.1483 -> C:\PROGRA~2\fenglei\Mozilla\nprpjplug.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc. -> McAfee, Inc.)
S2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc. -> McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc. -> McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc. -> McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc. -> McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [200056 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [245352 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [149032 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc. -> McAfee, Inc.)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [62800 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [121248 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [190136 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [441328 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [529128 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R1 mfenlfk; C:\Windows\System32\DRIVERS\mfenlfk.sys [75032 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [94864 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [283360 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
S3 Prot6Flt; C:\Windows\System32\DRIVERS\Prot6Flt.sys [30720 2012-06-14] (Panda Security S.L -> Panda Security, S.L.)
C:\Windows\Tasks\AutoKMS.job
C:\Users\MKruz090\AppData\Roaming\Settings Manager
C:\Users\MKruz090\AppData\Roaming\Search Protection

 

[Wally Kever]

Your fix instruction is not completing but just after start goes into not responding mode and my computer freezes up too. My browser goes into a blank screen. Thats when i do a manual restart and my computer wont shutdown. Also my TMP folder has 562mb - 2300 pieces of information too, i was taking a look.

 

[PeterJ]

Your fix instruction is not completing but just after start goes into not responding mode and my computer freezes up too.

Please be patient and let the tool do its job the next time. It might show "not responding" but that can also mean it is busy.

My browser goes into a blank screen.

That is normal.

Thats when i do a manual restart and my computer wont shutdown.

That is normal too. FRST64 is still busy fixing. Just wait for the tool to complete.

Also my TMP folder has 562mb - 2300 pieces of information too, i was taking a look.

Don't mess with that, we deal with it in the next fix.

Perform a new scan with FRST to see where we are:
FRST Scan:

1. Move the file FRST64.exe from the folder C:\Users\MKruz090\Downloads to the folder C:\Users\MKruz090\Desktop. The tool should now be placed on your desktop.
2. Right-click to run the tool from your desktop as administrator.
3. Note: Ensure that the Addition.txt check box is checked at the bottom of the form within the Optional Scan area.
4. Press the Scan button.
5. Please wait for the tool to finish. It will produce two logfiles called FRST.txt and Addition.txt in the same directory the tool is run from (which should be the desktop)
6. Post the logfiles FRST.txt and Addition.txt as attachment in your next reply.

 

[Wally Kever]

Not sure if it worked. All i seen was not responding.

 

[PeterJ]

I did not ask for a file called fixlog.txt.
Please perform the instructions in message #45 only.

 

[Wally Kever]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-02-2022
Ran by MKruz090 (administrator) on MININT-NBS308T (Dell Inc. Dell System Inspiron N7110) (06-03-2022 17:23:39)
Running from C:\Users\MKruz090\Desktop
Loaded Profiles: MKruz090
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe ->) (Stardock) [File not signed] C:\Program Files (x86)\Stardock\ObjectDockFree\Dock64.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(explorer.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(explorer.exe ->) (GMGP, LLC -> ) [File not signed] C:\Users\MKruz090\AppData\Local\Temp\~wt259E.tmp.exe
(explorer.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Stardock Corporation -> Stardock) C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <9>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Renesas Electronics Corporation -> Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(services.exe ->) (Clearwire Corporation -> ) C:\Program Files (x86)\Clearwire\Connection Manager\DeviceLaunchSvc.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(services.exe ->) (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
(services.exe ->) (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(services.exe ->) (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(services.exe ->) (McAfee, Inc. -> McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-12] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6561384 2010-12-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1841496 2016-10-14] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [333784 2021-03-31] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-17] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-10-05] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (No File)
HKLM-x32\...\Run: [Clearwire Connection Manager] => C:\Program Files (x86)\Clearwire\Connection Manager\ClearwireCM.exe [54608 2010-05-25] (Clearwire Corporation -> ClearwireCM)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler (No File)
HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\Run: [Dropbox Update] => C:\Users\MKruz090\AppData\Local\Dropbox\Update\DropboxUpdate.exe [130320 2022-01-28] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\Run: [UM] => C:\Users\MKruz090\AppData\Local\Temp\~wt259E.tmp.exe [1620224 2018-02-24] (GMGP, LLC -> ) [File not signed] <==== ATTENTION
HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\MountPoints2: E - E:\AUTORUN.EXE
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{9459C573-B17A-45AE-9F64-1857B5D58CEE}] -> "C:\Program Files (x86)\Microsoft\Edge\Application\98.0.1108.62\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\99.1.36.109\Installer\chrmstp.exe [2022-03-03] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2021-12-24] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\Users\MKruz090\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk [2012-11-05]
ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe (Stardock Corporation -> Stardock)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {138B4B5A-0234-4700-B55E-C5A831FF3001} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {1CEFF44C-9642-4C32-B886-257BC4EB0A26} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1706774440-1050106324-3588017053-1003UA => C:\Users\MKruz090\AppData\Local\Dropbox\Update\DropboxUpdate.exe [130320 2022-01-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {2351F11E-88AF-4C21-996D-26B18DBC715A} - System32\Tasks\{0001BC4F-39AB-42A6-847E-0CF447D94531} => C:\Windows\system32\pcalua.exe -a C:\Users\MKruz090\Downloads\jxpiinstall(1).exe -d C:\Users\MKruz090\Downloads
Task: {260C856D-B6FD-46DA-9485-8F5AC5ADCE3E} - System32\Tasks\LifeChatTask => C:\Program Files\Microsoft LifeChat\LifeChat.exe (No File)
Task: {3852BBBC-385C-4B60-9088-4E54057445B4} - System32\Tasks\{5C88D553-FBDF-4C64-89A8-49FC952BF3E1} => C:\Windows\system32\pcalua.exe -a E:\SetupWizard.exe -d E:\
Task: {5D605C7A-D293-4BBA-9F65-7096BE64BC26} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1706774440-1050106324-3588017053-1003Core => C:\Users\MKruz090\AppData\Local\Dropbox\Update\DropboxUpdate.exe [130320 2022-01-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {6CD78BDF-9FBC-4CF3-9629-463C4BBB5F80} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1131992 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)
Task: {6FE05CAF-ADCF-4F38-9A69-40C5655E1698} - System32\Tasks\PCDDataUploadTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1131992 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)
Task: {79E0C801-346C-4C98-BB8C-1B46B06D3DC9} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {7ADFA052-DFF1-4C69-8234-FAA491666707} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162968 2022-03-01] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {7BAB6A32-FCF8-4472-B376-D7D4A4208CB8} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [435672 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)
Task: {84B44CE6-4934-46D4-92BC-9EB59C55A468} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {871CB16C-DF5A-4AB5-BE88-B481B34B734B} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [38872 2018-02-14] (Dell Inc. -> Dell Inc.)
Task: {96B9C921-AECE-431F-B224-3553F0718EE0} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {99CB6D99-DBED-4323-A85F-27645E0EA38B} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A2D74222-19D6-4231-A43D-F4F031667875} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162968 2022-03-01] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {BB9FE182-4ACF-4C61-9E46-EB94EB5D280B} - System32\Tasks\{3DC86B9B-4C24-4C03-9CD7-9B304D946A7D} => C:\Windows\system32\pcalua.exe -a "C:\Users\MKruz090\Desktop\Clearwire\Connection Manager\InstallModem.exe" -d "C:\Users\MKruz090\Desktop\Clearwire\Connection Manager"
Task: {BDBB54ED-2C7F-421A-8FAE-BBB09B85E42D} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1706774440-1050106324-3588017053-1003 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {C8E0D297-249F-4D03-BE91-2C41651B5E11} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2018-02-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {CF366CC2-0B1E-4453-9E8C-B3B28FA50E2A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {DBA9AD6C-A56F-4273-9BB4-4534BCDB5DB2} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1131992 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1706774440-1050106324-3588017053-1003Core.job => C:\Users\MKruz090\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1706774440-1050106324-3588017053-1003UA.job => C:\Users\MKruz090\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 10 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1FCC0F9F-1991-42BA-AF39-6869E93AD79F}: [DhcpNameServer] 66.233.174.12 75.94.255.12
Tcpip\..\Interfaces\{51CEA4D3-953D-434C-AD66-805C82BF0700}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{699E6F3F-9E14-4F22-BB44-765DEF94AB4B}: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge Profile: C:\Users\MKruz090\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-03]

FireFox:
========
FF DefaultProfile: iyoz71gz.default
FF ProfilePath: C:\Users\MKruz090\AppData\Roaming\Mozilla\Firefox\Profiles\iyoz71gz.default [2022-03-03]
FF ProfilePath: C:\Users\MKruz090\AppData\Roaming\Mozilla\Firefox\Profiles\bn23gwgn.default-release [2022-03-06]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\MKruz090\AppData\Roaming\Mozilla\Firefox\Profiles\bn23gwgn.default-release\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2022-03-03]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-24] (Adobe Systems Incorporated -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-24] (Adobe Systems Incorporated -> )
FF Plugin-x32: @checkpoint.com/FFApi -> C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-02-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-02-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll [2012-05-31] (Oberon-Media) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\MKruz090\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2012-04-17]

Brave:
=======
BRA Profile: C:\Users\MKruz090\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-03-01]
BRA Extension: (Brave NTP sponsored images) - C:\Users\MKruz090\AppData\Local\BraveSoftware\Brave-Browser\User Data\gccbbckogglekeggclmmekihdgdpdgoe [2022-03-01]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2018-02-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [98208 2009-11-17] (Andrea Electronics -> Andrea Electronics Corporation)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [901184 2010-12-14] (Intel Corporation) [File not signed]
S3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1298496 2010-12-14] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [974912 2010-12-14] (Intel Corporation) [File not signed]
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162968 2022-03-01] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162968 2022-03-01] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 CACLEARWIRE; C:\Program Files (x86)\Clearwire\Connection Manager\ConAppsSvc.exe [124240 2010-05-25] (Clearwire Corporation -> SmithMicro Inc.)
S3 clearwireDeviceDiagnosticsService; C:\Program Files (x86)\Clearwire\Connection Manager\clearwireDeviceDiagnosticsService.exe [399872 2010-04-19] () [File not signed]
S3 CLEARWIRERcAppSvc; C:\Program Files (x86)\Clearwire\Connection Manager\RcAppSvc.exe [120144 2010-05-25] (Clearwire Corporation -> SmithMicro Inc.)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [89920 2009-06-10] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2017-12-14] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294608 2017-12-14] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2017-12-14] (Dell Inc -> Dell Inc.)
S2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc. -> McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc. -> McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc. -> McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [200056 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [245352 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [149032 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
S3 mracsvc; C:\Windows\System32\mracsvc.exe [23885544 2022-03-04] (My.Com B.V. -> My.com B.V.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc. -> McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 SMSI Device Launch Service; C:\Program Files (x86)\Clearwire\Connection Manager\DeviceLaunchSvc.exe [107856 2010-05-25] (Clearwire Corporation -> )
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [41432 2018-02-14] (Dell Inc. -> Dell Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [198144 2012-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [198144 2012-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 AthDfu; C:\Windows\System32\Drivers\AthDfu.sys [51872 2010-12-16] (Atheros Communications Inc. -> Windows (R) Win 7 DDK provider)
S3 bcm; C:\Windows\System32\DRIVERS\drxvi314_64.sys [359040 2010-03-26] (Smith Micro Software, Inc. -> Beceem communications pvt ltd.)
S3 bcmbusctr; C:\Windows\System32\DRIVERS\BcmBusCtr_64.sys [62976 2010-03-26] (Smith Micro Software, Inc. -> Beceem communications pvt ltd.)
R3 CtClsFlt; C:\Windows\System32\DRIVERS\CtClsFlt.sys [172704 2009-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [41608 2017-12-14] (Techporch Incorporated -> Dell Inc.)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [41208 2017-12-14] (Techporch Incorporated -> Dell Computer Corporation)
R3 hsstap; C:\Windows\System32\DRIVERS\hsstap.sys [39152 2020-09-29] (Pango Inc. -> Pango)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [121248 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [190136 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [441328 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [529128 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [94864 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [283360 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 MpKsl3e4ed6e9; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AFB55D1A-C1BB-4139-9383-579600A020C1}\MpKslDrv.sys [49424 2022-03-06] (Microsoft Windows -> Microsoft Corporation)
S3 mracdrv; C:\Windows\System32\drivers\mracdrv1.sys [23122952 2022-03-04] (My.Com B.V. -> My.com B.V.)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [95744 2011-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [212992 2011-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R1 pango_netfilter2; C:\Windows\System32\drivers\pango_netfilter2.sys [94600 2021-10-22] (Pango Inc. -> Pango Inc)
S3 PCTINDIS5X64; C:\Windows\system32\PCTINDIS5X64.SYS [43032 2010-05-25] (Smith Micro Software, Inc. -> Smith Micro Inc.)
S3 Prot6Flt; C:\Windows\System32\DRIVERS\Prot6Flt.sys [30720 2012-06-14] (Panda Security S.L -> Panda Security, S.L.)
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation -> MCCI Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 Bulk1528; System32\Drivers\Bulk1528.sys [X]
S2 Ca1528av; System32\Drivers\Ca1528av.sys [X]
U4 secdrv; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-06 11:40 - 2022-03-06 12:46 - 000010239 _____ C:\Users\MKruz090\Desktop\fixlist.txt
2022-03-06 10:02 - 2022-03-06 15:04 - 000019087 _____ C:\Users\MKruz090\Desktop\Fixlog.txt
2022-03-05 22:28 - 2022-03-05 22:29 - 011106632 _____ (McAfee, LLC) C:\Users\MKruz090\Desktop\MCPR.exe
2022-03-05 22:16 - 2022-03-06 11:14 - 000000000 ____D C:\Users\MKruz090\Desktop\TMP
2022-03-05 13:12 - 2022-03-06 17:44 - 000029415 _____ C:\Users\MKruz090\Desktop\FRST.txt
2022-03-05 13:10 - 2022-03-06 17:44 - 000000000 ____D C:\FRST
2022-03-05 13:09 - 2022-03-05 13:09 - 002312192 _____ (Farbar) C:\Users\MKruz090\Desktop\FRST64.exe
2022-03-04 21:11 - 2022-03-04 21:11 - 038194709 _____ C:\Users\MKruz090\Desktop\CheckSUR001.txt
2022-03-04 19:50 - 2022-03-05 12:52 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-03-04 18:42 - 2022-03-04 18:42 - 000000000 ____D C:\Users\MKruz090\Desktop\CheckSUR
2022-03-04 18:41 - 2022-03-04 18:41 - 000722270 _____ C:\Users\MKruz090\Desktop\CheckSUR.zip
2022-03-04 15:42 - 2022-03-04 15:42 - 674616578 _____ C:\Windows\MEMORY.DMP
2022-03-04 15:42 - 2022-03-04 15:42 - 000756920 _____ C:\Windows\Minidump\030422-29359-01.dmp
2022-03-04 14:37 - 2022-03-04 14:37 - 000000000 ____D C:\Users\MKruz090\AppData\Local\NVIDIA Corporation
2022-03-04 14:36 - 2022-03-04 14:36 - 023885544 _____ (My.com B.V.) C:\Windows\system32\mracsvc.exe
2022-03-04 14:36 - 2022-03-04 14:36 - 023122952 _____ (My.com B.V.) C:\Windows\system32\Drivers\mracdrv1.sys
2022-03-04 14:36 - 2022-03-04 14:36 - 000000000 ____D C:\Users\MKruz090\AppData\Local\CrashRpt
2022-03-04 12:14 - 2022-03-04 12:14 - 002316112 _____ (niemiro) C:\Users\MKruz090\Desktop\SFCFix.exe
2022-03-04 08:14 - 2022-03-04 08:14 - 000000222 _____ C:\Users\MKruz090\Desktop\Warface.url
2022-03-03 23:22 - 2022-03-03 23:22 - 000000000 ____D C:\Users\MKruz090\AppData\Local\Blizzard Entertainment
2022-03-03 16:18 - 2022-03-03 16:18 - 000003380 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-03 16:18 - 2022-03-03 16:18 - 000003252 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-03-03 07:20 - 2022-03-06 15:04 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-03-03 07:20 - 2022-03-06 15:03 - 000000000 ____D C:\Users\MKruz090\AppData\LocalLow\Mozilla
2022-03-03 07:20 - 2022-03-05 12:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-03-03 07:20 - 2022-03-04 20:48 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-03-03 07:20 - 2022-03-03 07:20 - 000000942 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-03-03 07:19 - 2022-03-03 07:19 - 000333840 _____ (Mozilla) C:\Users\MKruz090\Downloads\Firefox Installer.exe
2022-03-03 01:11 - 2022-03-03 01:11 - 000000000 ____D C:\Users\MKruz090\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-03-01 22:32 - 2022-03-04 16:16 - 000000000 ____D C:\Users\MKruz090\AppData\Local\niemiro
2022-03-01 20:34 - 2022-03-03 00:47 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2022-03-01 20:34 - 2022-03-01 20:34 - 000000000 ____D C:\Program Files\BraveSoftware
2022-03-01 20:33 - 2022-03-01 20:34 - 000000000 ____D C:\Users\MKruz090\AppData\Local\BraveSoftware
2022-03-01 20:33 - 2022-03-01 20:33 - 000003342 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2022-03-01 20:33 - 2022-03-01 20:33 - 000003214 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
2022-03-01 20:33 - 2022-03-01 20:33 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
2022-03-01 15:36 - 2022-03-01 15:36 - 000000000 ___HD C:\$Windows.~WS
2022-03-01 14:43 - 2022-03-01 14:43 - 000000000 ____D C:\Windows\CheckSur
2022-02-28 23:13 - 2022-02-28 23:13 - 000000000 ____D C:\Users\MKruz090\AppData\Local\Rufus
2022-02-28 23:12 - 2022-02-28 23:13 - 000000258 __RSH C:\ProgramData\ntuser.pol
2022-02-27 21:32 - 2022-02-27 22:38 - 000000000 ___HD C:\$WINDOWS.~BT
2022-02-27 15:10 - 2022-02-27 15:14 - 000224006 _____ C:\Windows\ntbtlog.txt
2022-02-27 14:28 - 2022-02-27 14:28 - 000008192 _____ C:\Windows\system32\config\userdiff
2022-02-27 12:51 - 2022-02-27 12:51 - 000000000 ____D C:\Users\MKruz090\AppData\LocalLow\Digital Leisure
2022-02-27 12:45 - 2022-02-27 12:45 - 000000222 _____ C:\Users\MKruz090\Desktop\Dragon's Lair.url
2022-02-27 11:11 - 2022-02-27 22:11 - 000000001 ___SH C:\BOOTNXT
2022-02-27 10:15 - 2022-02-27 22:12 - 000001890 _____ C:\Windows\diagwrn.xml
2022-02-27 10:15 - 2022-02-27 22:12 - 000001890 _____ C:\Windows\diagerr.xml
2022-02-27 08:06 - 2022-02-27 08:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2022-02-27 08:06 - 2022-02-27 08:06 - 000000000 ____D C:\Program Files\VS Revo Group
2022-02-27 03:13 - 2022-02-27 03:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2022-02-27 03:13 - 2022-02-27 03:13 - 000000000 ____D C:\Program Files\iPod
2022-02-27 03:12 - 2022-02-27 03:13 - 000000000 ____D C:\Program Files\iTunes
2022-02-27 03:09 - 2022-02-27 03:09 - 000000000 ____D C:\Windows\system32\Tasks\Apple
2022-02-27 03:09 - 2022-02-27 03:09 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2022-02-27 03:07 - 2022-03-04 12:03 - 000000000 ____D C:\Users\MKruz090\AppData\Local\CrashDumps
2022-02-27 03:05 - 2022-02-27 03:05 - 000000000 ____D C:\Program Files\HotspotShield TAP-Windows
2022-02-27 03:05 - 2021-10-22 10:50 - 000094600 _____ (Pango Inc) C:\Windows\system32\Drivers\pango_netfilter2.sys
2022-02-27 03:04 - 2022-02-27 03:04 - 000000000 ____D C:\Program Files (x86)\Hotspot Shield
2022-02-27 02:03 - 2022-03-01 16:48 - 000000000 ____D C:\ESD
2022-02-27 01:40 - 2022-03-03 16:34 - 000000000 ____D C:\Users\MKruz090\Desktop\New folder (2)

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-06 17:41 - 2016-02-12 22:01 - 000000000 ____D C:\Program Files (x86)\Steam
2022-03-06 17:11 - 2016-02-12 22:17 - 000000930 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1706774440-1050106324-3588017053-1003UA.job
2022-03-06 15:10 - 2009-07-13 23:45 - 000027936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-03-06 15:10 - 2009-07-13 23:45 - 000027936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-03-06 15:00 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-03-06 09:55 - 2013-07-28 10:31 - 000003962 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{0339E0E0-E1AB-4C5F-B75C-B25594CEF559}
2022-03-06 09:50 - 2012-05-28 23:30 - 000000270 _____ C:\Windows\Tasks\AutoKMS.job
2022-03-05 21:40 - 2012-05-02 01:01 - 000000000 ____D C:\ProgramData\Temp
2022-03-05 21:05 - 2012-06-02 01:57 - 000000000 ____D C:\ProgramData\Yahoo!
2022-03-05 17:40 - 2009-07-14 00:13 - 000782470 _____ C:\Windows\system32\PerfStringBackup.INI
2022-03-05 17:40 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2022-03-05 05:18 - 2016-02-12 22:17 - 000000878 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1706774440-1050106324-3588017053-1003Core.job
2022-03-04 23:12 - 2016-02-13 01:11 - 000000000 ____D C:\Program Files\PeerBlock
2022-03-04 23:09 - 2009-07-13 21:34 - 000000702 _____ C:\Windows\win.ini
2022-03-04 18:39 - 2016-11-12 22:50 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2022-03-04 15:42 - 2013-02-06 03:50 - 000000000 ____D C:\Windows\Minidump
2022-03-04 14:35 - 2016-02-13 00:38 - 000000000 ____D C:\ProgramData\Package Cache
2022-03-04 11:58 - 2012-05-27 22:16 - 000000000 ____D C:\Users\MKruz090\AppData\Roaming\Apple Computer
2022-03-03 16:39 - 2013-07-21 21:22 - 000000000 ____D C:\Users\MKruz090\AppData\Local\Deployment
2022-03-03 07:20 - 2012-05-29 20:44 - 000000000 ____D C:\Users\MKruz090\AppData\Local\Mozilla
2022-03-03 07:20 - 2012-05-28 11:51 - 000000000 ____D C:\Users\MKruz090\AppData\Roaming\Mozilla
2022-03-03 01:11 - 2013-11-28 10:34 - 000000000 ____D C:\Users\MKruz090\AppData\Roaming\Dropbox
2022-03-03 00:31 - 2016-02-13 07:23 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2022-03-03 00:28 - 2016-02-13 07:23 - 000002065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-03-03 00:26 - 2012-05-28 18:43 - 000000000 ____D C:\Users\MKruz090\AppData\Local\Adobe
2022-03-01 16:48 - 2012-02-27 12:09 - 000000000 ____D C:\Windows\Panther
2022-02-28 23:12 - 2009-07-13 22:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2022-02-28 23:12 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2022-02-27 22:12 - 2012-02-27 12:09 - 000008192 __RSH C:\BOOTSECT.BAK
2022-02-27 20:57 - 2012-09-10 17:40 - 000000000 ____D C:\Windows\system32\Tasks\Games
2022-02-27 15:37 - 2016-02-13 07:40 - 000000000 ____D C:\Users\MKruz090\AppData\Roaming\uTorrent
2022-02-27 15:36 - 2012-05-28 22:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2022-02-27 15:13 - 2012-06-13 08:42 - 000000000 ____D C:\Users\MKruz090\AppData\Local\ElevatedDiagnostics
2022-02-27 14:29 - 2012-10-16 19:35 - 000000000 ____D C:\Users\MKruz090\AppData\Local\Spoon
2022-02-27 14:29 - 2012-10-16 19:34 - 000000000 ____D C:\Program Files (x86)\Deskshare
2022-02-27 14:26 - 2012-05-21 19:08 - 000000000 ____D C:\Users\MKruz090
2022-02-27 12:44 - 2016-02-13 10:56 - 000000000 ____D C:\ProgramData\PCDr
2022-02-27 10:53 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\oobe
2022-02-27 10:49 - 2016-11-19 18:10 - 000000000 ___HD C:\Windows\system32\WLANProfiles
2022-02-27 10:49 - 2013-01-07 17:16 - 000000000 ____D C:\Program Files (x86)\Clearwire
2022-02-27 10:49 - 2012-05-02 00:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Webcam
2022-02-27 10:49 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\NDF
2022-02-27 10:49 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\registration
2022-02-27 10:48 - 2013-01-07 17:34 - 000000000 ____D C:\ProgramData\Clearwire
2022-02-27 10:48 - 2012-05-28 18:43 - 000000000 ____D C:\Users\MKruz090\AppData\LocalLow\Adobe
2022-02-27 10:48 - 2012-05-02 00:53 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-02-27 10:47 - 2012-05-02 00:53 - 000000000 ____D C:\Program Files (x86)\Dell Webcam
2022-02-27 08:17 - 2012-06-04 18:26 - 000000000 ____D C:\ProgramData\DivX
2022-02-27 08:10 - 2012-06-04 18:28 - 000000000 ____D C:\Users\MKruz090\AppData\Roaming\DivX
2022-02-27 08:02 - 2014-11-11 19:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-02-27 08:02 - 2013-07-12 17:55 - 000000000 ____D C:\Program Files (x86)\Java
2022-02-27 07:59 - 2014-11-11 19:05 - 000165600 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2022-02-27 03:20 - 2016-02-12 22:05 - 000000000 ____D C:\Users\MKruz090\AppData\Local\Steam
2022-02-27 03:17 - 2009-07-13 23:45 - 000419112 _____ C:\Windows\system32\FNTCACHE.DAT
2022-02-27 03:12 - 2012-09-11 22:33 - 000000000 ____D C:\Program Files\Common Files\Apple
2022-02-27 03:09 - 2012-05-27 22:16 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2022-02-27 02:33 - 2009-07-14 00:08 - 000032618 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2022-02-27 02:21 - 2013-07-13 17:47 - 000000000 ____D C:\Windows\system32\MRT
2022-02-27 02:03 - 2012-05-27 21:38 - 149611728 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-02-27 01:43 - 2012-05-28 23:24 - 000775084 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2022-02-27 01:43 - 2012-05-21 19:09 - 000109208 _____ C:\Users\MKruz090\AppData\Local\GDIPFONTCACHEV1.DAT

==================== Files in the root of some directories ========

2013-06-14 20:41 - 2014-04-22 17:47 - 000001875 _____ () C:\Users\MKruz090\AppData\Roaming\SAS7_000.DAT
2016-02-13 01:43 - 2016-02-13 01:43 - 000000044 _____ () C:\Users\MKruz090\AppData\Roaming\WB.CFG

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2018-02-26 09:48
==================== End of FRST.txt ========================

 

[Wally Kever]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-02-2022
Ran by MKruz090 (06-03-2022 17:45:40)
Running from C:\Users\MKruz090\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X64) (2012-05-22 00:08:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1706774440-1050106324-3588017053-500 - Administrator - Disabled)
Guest (S-1-5-21-1706774440-1050106324-3588017053-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1706774440-1050106324-3588017053-1010 - Limited - Enabled)
MKruz090 (S-1-5-21-1706774440-1050106324-3588017053-1003 - Administrator - Enabled) => C:\Users\MKruz090

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.011.20039 - Adobe Systems Incorporated)
Adobe Flash Player 28 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Application Support (32-bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{74CC99EB-7DC0-4CB0-847A-F8C2FE39690C}) (Version: 14.5.0.7 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 99.1.36.109 - Brave Software Inc)
CLEAR Connection Manager (HKLM\...\{CC591B40-F733-4731-9240-CE86FA34532C}) (Version: 2.00.0043.0 - Clearwire)
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3426 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.668 - Dell)
Dell SupportAssistAgent (HKLM\...\{9DD6B149-CEBC-4910-B11A-242393EDF6D3}) (Version: 2.1.4.14 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
Dropbox (HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\Dropbox) (Version: 143.4.4161 - Dropbox, Inc.)
HotspotShield TAP-Windows 9.24.4 (HKLM\...\HotspotShield TAP-Windows) (Version: 9.24.4 - Pango Inc.) Hidden
InstallIQ Updater (HKLM-x32\...\{8E1CB0F1-67BF-4052-AA23-FA22E94804C1}) (Version: 1.4.3.0 - W3i, LLC)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2345 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{BEE86606-EFB5-4353-9F34-29E0C59CDCFA}) (Version: 15.2.0.0284 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{181BBF43-CA17-4E1A-A78D-81E67A57B8A4}) (Version: 15.02.0000.1258 - Intel Corporation)
iTunes (HKLM\...\{E6FF3475-A35E-481F-8A8E-3D73CF3A30A1}) (Version: 12.10.11.2 - Apple Inc.)
Java 8 Update 321 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180321F0}) (Version: 8.0.3210.7 - Oracle Corporation)
JavaFX 2.1.0 (HKLM-x32\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 97.0.2 (x64 en-US)) (Version: 97.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 97.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
ObjectDock Free (HKLM-x32\...\{2C13F8C1-570B-42A9-87B4-8C7903ECD602}) (Version: 2.0 - Stardock Corporation) Hidden
ObjectDock Free (HKLM-x32\...\ObjectDock Free) (Version: 2.0 - Stardock Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
Open Book HVAC Certifications 4.2.00 (HKLM-x32\...\9588-9510-0199-4620) (Version: 4.2.00 - Mainstream Engineering Corporation)
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6267 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.27.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.27.0 - Renesas Electronics Corporation)
Revo Uninstaller 2.3.8 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.8 - VS Revo Group, Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SPCA1528 PC Driver (HKLM-x32\...\{570C2A84-A145-4DF0-AE9D-012584DF09DC}) (Version: 2.2.2.0 - sunplus)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VC 9.0 Runtime (HKLM-x32\...\{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}) (Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
ZoneAlarm Security Toolbar (HKLM-x32\...\ZoneAlarm Security Toolbar) (Version: 1.8.22.0 - Check Point Software Technologies LTD)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\MKruz090\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\MKruz090\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\MKruz090\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\MKruz090\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\MKruz090\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\FileSyncApi64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll [2012-12-25] (Online Media Technologies Ltd. -> Online Media Technologies Ltd.) [File not signed]
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers1_S-1-5-21-1706774440-1050106324-3588017053-1003: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-1706774440-1050106324-3588017053-1003: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-1706774440-1050106324-3588017053-1003: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2010-10-04 12:54 - 2010-10-04 12:54 - 000807936 _____ () [File not signed] C:\Program Files (x86)\Stardock\ObjectDockFree\CrashRpt.dll
2010-10-04 12:54 - 2010-10-04 12:54 - 000776704 _____ () [File not signed] C:\Program Files (x86)\Stardock\ObjectDockFree\Dock64.dll
2010-10-04 12:54 - 2010-10-04 12:54 - 000094208 _____ () [File not signed] C:\Program Files (x86)\Stardock\ObjectDockFree\Docklets\Clock\Clock.dll
2010-10-04 12:54 - 2010-10-04 12:54 - 000675840 _____ () [File not signed] C:\Program Files (x86)\Stardock\ObjectDockFree\DockShellHook.dll
2010-10-04 12:54 - 2010-10-04 12:54 - 000053760 _____ () [File not signed] C:\Program Files (x86)\Stardock\ObjectDockFree\zlib.dll
2022-03-04 22:19 - 2022-01-27 17:05 - 126964224 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2022-03-04 22:19 - 2021-11-17 06:38 - 000384000 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2022-03-04 22:19 - 2021-11-17 06:38 - 008006656 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2016-11-19 17:53 - 2010-12-20 17:49 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2016-11-19 17:53 - 2010-12-20 17:45 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2012-04-23 17:21 - 2012-04-23 17:21 - 000333312 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\BluetoothHS\BTHSSupplicant.dll
2012-03-15 06:00 - 2012-03-15 06:00 - 000105472 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\BluetoothHS\UsR3IoPort.dll
2019-03-27 23:34 - 2019-03-27 23:34 - 000130560 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Windows\Microsoft.Net\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2010-10-04 12:54 - 2010-10-04 12:54 - 001038848 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Stardock\ObjectDockFree\dbghelp.dll
2013-03-21 21:08 - 2013-03-21 21:08 - 000113664 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.DLL
2012-05-28 18:16 - 2012-05-28 18:16 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2012-05-28 18:16 - 2012-05-28 18:16 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
2013-03-21 21:08 - 2012-12-25 14:47 - 000150888 _____ (Online Media Technologies Ltd. -> Online Media Technologies Ltd.) [File not signed] C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll
2010-05-25 22:18 - 2010-05-25 22:18 - 000135168 _____ (SmithMicro Inc.) [File not signed] C:\Program Files (x86)\Clearwire\Connection Manager\Diagnostic.dll
2010-05-25 22:18 - 2010-05-25 22:18 - 000047104 _____ (SmithMicro Inc.) [File not signed] C:\Program Files (x86)\Clearwire\Connection Manager\RpcSrvApi.dll
2010-05-25 22:18 - 2010-05-25 22:18 - 000643072 _____ (SmithMicro Inc.) [File not signed] C:\Program Files (x86)\Clearwire\Connection Manager\ToolBx.dll
2010-10-04 12:54 - 2010-10-04 12:54 - 000233547 _____ (Stardock) [File not signed] C:\Program Files (x86)\Stardock\ObjectDockFree\Docklets\Power\Power.dll
2022-03-04 22:19 - 2022-01-27 17:05 - 000983552 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.meetup.com/
HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.dell.com
BHO: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\98.0.1108.62\BHO\ie_to_edge_bho_64.dll => No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Zonealarm Helper Object -> {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} -> C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\bh\zonealarm.dll [2013-07-22] (Check Point Software Technologies Ltd. -> Check Point Software Technologies LTD)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\ssv.dll [2022-02-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\jp2ssv.dll [2022-02-27] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM-x32 - ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.22.0\zonealarmTlbr.dll [2013-07-22] (Check Point Software Technologies Ltd. -> Check Point Software Technologies LTD)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\dell.com -> dell.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE;C:\PROGRAM FILES (X86)\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE;%SYSTEMROOT%\SYSTEM32;%SYSTEMROOT%;%SYSTEMROOT%\SYSTEM32\WBEM;%SYSTEMROOT%\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES (X86)\COMMON FILES\ROXIO SHARED\OEM\DLLSHARED\;C:\PROGRAM FILES (X86)\COMMON FILES\ROXIO SHARED\OEM\DLLSHARED\;C:\PROGRAM FILES (X86)\COMMON FILES\ROXIO SHARED\OEM\12.0\DLLSHARED\;C:\PROGRAM FILES (X86)\ROXIO\OEM\AUDIOCORE\;C:\PROGRAM FILES (X86)\WINDOWS LIVE\SHARED;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\MKruz090\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: RemoteControl9 => "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{57D537EB-1F56-4D61-813B-CC4A35B25EA1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{957DECDA-054C-4594-A689-550D9EBFEA1D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{F1B9505B-418E-4CD8-B20D-056A2CFC4ACE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6ADAB3B2-A065-4407-9AE3-BFCAD735F377}] => (Allow) LPort=2869
FirewallRules: [{A9DCC638-533E-4683-BB11-28E4A165B8CF}] => (Allow) LPort=1900
FirewallRules: [{A9E4DBB9-EAB1-4BA2-9646-9089A11121EC}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{20983BE5-ACA4-4F37-A201-593E644ED23F}] => (Allow) LPort=51001
FirewallRules: [{1D5E967E-17A9-43FD-B554-64E86DCCA015}] => (Allow) C:\Users\MKruz090\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4392E673-47A3-413F-BC94-73D8BD1AA523}] => (Allow) C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{979C3C9B-BD86-4214-BDC8-323B6BB4EE71}] => (Allow) C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{B59506A3-37BA-4AA8-AB0C-8950D1BA7807}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{38198E0A-9264-499A-95E9-6BD87C552557}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{96381C05-FE3A-48E0-A6AB-A89CF30D3517}C:\users\mkruz090\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\mkruz090\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [UDP Query User{7DEF2371-BD84-498D-9F5F-591C9EF1E7C6}C:\users\mkruz090\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\mkruz090\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{99185FB5-FF4B-43D8-B65D-B2A437259ABE}] => (Allow) LPort=51001
FirewallRules: [{957F3740-C3CD-46C4-9E80-9059F91AD036}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4F3E9009-BD5C-4D71-BA2B-C81FF28510F3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6BFF1B86-6692-4CA7-AFBF-8F6113AF6F2F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{A1F09BC7-D5C9-42F2-A312-EA6018DDCCDE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{CD69F0D4-B85E-4F58-8107-61651FCFA2F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{0FC17C5F-5E59-44EE-BEB5-F76D260D957D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [TCP Query User{06B1E09C-B1D6-4227-9A55-B76AF2B33764}C:\program files (x86)\perfect world entertainment\neverwinter_en\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\perfect world entertainment\neverwinter_en\neverwinter\live\gameclient.exe => No File
FirewallRules: [UDP Query User{197307BC-30A4-4C65-94BA-FAFE577E9898}C:\program files (x86)\perfect world entertainment\neverwinter_en\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\perfect world entertainment\neverwinter_en\neverwinter\live\gameclient.exe => No File
FirewallRules: [{0851D6B2-2CFE-4F82-BEA1-7E5673F6A55D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{53036CC3-5551-4CF9-AEA5-14B70AA605E2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2908E009-77C4-46B0-8000-3BAEF94927B9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6515822E-F8B8-412A-90F3-F144365CE7EA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4FAB55FC-33E9-44C0-93F2-ABA9FC89DD86}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [{75E49F19-32FD-476D-9759-1F5139EFCEAE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7A5736DE-B723-4329-9652-4D013D0EC164}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{44787D0A-0D18-427F-AADD-5B38A112E64C}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{47564491-FAAB-4F55-8910-A681F79F55BF}] => (Allow) C:\Users\MKruz090\AppData\Local\Warframe\Downloaded\Public\Warframe.exe => No File
FirewallRules: [{175E4AE3-EBDC-48B9-B4BE-7BEEBD8C628F}] => (Allow) C:\Users\MKruz090\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe => No File
FirewallRules: [{E2E10332-69F6-43D7-A0FC-9A2677ABB910}] => (Allow) C:\Users\MKruz090\AppData\Local\Warframe\Downloaded\Public\Warframe.exe => No File
FirewallRules: [{C4F909A4-8D08-426D-AD75-0EFB8C1F84B7}] => (Allow) C:\Users\MKruz090\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe => No File
FirewallRules: [{05A0317D-AFD0-40E8-A89B-F5F6E3C44FD2}] => (Allow) C:\Users\MKruz090\AppData\Local\Warframe\Downloaded\Public\Warframe.exe => No File
FirewallRules: [{B6BF9088-90DF-4206-BD9B-CCAEBC61B2E8}] => (Allow) C:\Users\MKruz090\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe => No File
FirewallRules: [{07148CD9-2149-49BC-981D-F328ABEE12CE}] => (Allow) C:\Users\MKruz090\AppData\Local\Warframe\Downloaded\Public\Warframe.exe => No File
FirewallRules: [{F8B25E3B-030D-4FFE-80F0-C87E29B419C6}] => (Allow) C:\Users\MKruz090\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe => No File
FirewallRules: [{F5FF8126-E514-4E4E-9F9F-E16281D53FA2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon's Lair\DragonsLair.exe () [File not signed]
FirewallRules: [{16AFD610-C0D4-4E89-9EDD-627D0E5E2E16}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon's Lair\DragonsLair.exe () [File not signed]
FirewallRules: [{5A4ECC1D-5BD3-46E4-977F-C60CB107964B}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{69A37891-845E-4559-A278-41124BBFEE52}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FA5BF607-8068-4112-9957-44646E02D0FF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A6440C46-E438-461B-B82B-F8D74132C9DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\WarfaceMycomSteamLoader.exe (My.Com B.V. -> )
FirewallRules: [{5BEDB7BE-1E6F-49A4-B563-C3A0740B3CF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\WarfaceMycomSteamLoader.exe (My.Com B.V. -> )
FirewallRules: [TCP Query User{A1CF29B5-B123-47C8-A2F7-A899E94795DF}C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe (My.Com B.V. -> )
FirewallRules: [UDP Query User{DB6E2EA3-5B28-4625-876F-4E961E2A6F0D}C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe (My.Com B.V. -> )
FirewallRules: [TCP Query User{7612889D-F300-4688-B1CB-4DA0866C3778}C:\program files (x86)\steam\steamapps\common\warface\13_2000076\bin64release\game.exe] => (Block) C:\program files (x86)\steam\steamapps\common\warface\13_2000076\bin64release\game.exe (MRAC Warface -> MY.GAMES)
FirewallRules: [UDP Query User{FEF3F5B2-1DFC-4B50-81A6-39B9AEEE0471}C:\program files (x86)\steam\steamapps\common\warface\13_2000076\bin64release\game.exe] => (Block) C:\program files (x86)\steam\steamapps\common\warface\13_2000076\bin64release\game.exe (MRAC Warface -> MY.GAMES)
FirewallRules: [{57B7E832-3C48-4B33-A144-48310C640F31}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E59F7526-7D05-4374-90AD-C383864F39C5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E61D63B7-D883-491C-8AF0-670B796D465B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deadlight\Binaries\Win32\LOTDGame.exe (ENTIDAD TEQUILA WORKS SL - CIF B85767523 - NOMBRE SANCHO RODRIGUEZ LUZ MARIA - NIF 29186069N -> Epic Games, Inc.) [File not signed]
FirewallRules: [{A8FD6321-6179-4A9E-8822-F656414CADE3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deadlight\Binaries\Win32\LOTDGame.exe (ENTIDAD TEQUILA WORKS SL - CIF B85767523 - NOMBRE SANCHO RODRIGUEZ LUZ MARIA - NIF 29186069N -> Epic Games, Inc.) [File not signed]

==================== Restore Points =========================

01-03-2022 14:43:35 Windows Update
03-03-2022 16:12:24 Revo Uninstaller's restore point - Microsoft Edge
04-03-2022 14:35:06 Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133
04-03-2022 16:23:39 Windows Update
04-03-2022 17:27:48 Windows Update
04-03-2022 18:38:57 Revo Uninstaller's restore point - VLC media player
04-03-2022 23:17:10 Windows Update
05-03-2022 17:41:44 Windows Update
05-03-2022 21:04:44 Revo Uninstaller's restore point - Yahoo! Software Update
05-03-2022 21:06:19 Revo Uninstaller's restore point - Settings Manager
05-03-2022 21:06:53 Revo Uninstaller's restore point - Search Protection
05-03-2022 21:07:38 Revo Uninstaller's restore point - Warframe
05-03-2022 21:07:51 Removed Warframe
05-03-2022 21:09:10 Revo Uninstaller's restore point - Warframe
05-03-2022 21:35:46 Removed Dragon NaturallySpeaking 12.0.
05-03-2022 21:38:18 Revo Uninstaller's restore point - Dragon NaturallySpeaking 12
05-03-2022 21:43:46 Revo Uninstaller's restore point - Battle.net
05-03-2022 22:39:46 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/06/2022 05:44:20 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volume Shadow Copy Service error: Unexpected error DeviceIoControl(\\?\Volume{78b245d0-942a-11e1-a236-806e6f6e6963} - 0000000000000114,0x0053c008,0000000000367FD0,0,0000000000368FE0,4096,[0]). hr = 0x80070079, The semaphore timeout period has expired.
.


Operation:
Processing EndPrepareSnapshots

Context:
Execution Context: System Provider

Error: (03/06/2022 04:40:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4258

Error: (03/06/2022 04:40:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4258

Error: (03/06/2022 04:40:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/06/2022 04:40:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3260

Error: (03/06/2022 04:40:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3260

Error: (03/06/2022 04:40:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/06/2022 04:40:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2230


System errors:
=============
Error: (03/06/2022 05:49:17 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} did not register with DCOM within the required timeout.

Error: (03/06/2022 05:44:20 PM) (Source: volsnap) (EventID: 67) (User: )
Description: The shadow copy of volume C: being created failed to install.

Error: (03/06/2022 03:04:23 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (03/06/2022 03:04:22 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (03/06/2022 03:04:21 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (03/06/2022 03:04:20 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (03/06/2022 03:04:20 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (03/06/2022 03:04:19 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.


==================== Memory info ===========================

BIOS: Dell Inc. A13 09/05/2012
Motherboard: Dell Inc. 0YH79Y
Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 76%
Total physical RAM: 6038.17 MB
Available physical RAM: 1389.5 MB
Total Virtual: 12074.54 MB
Available Virtual: 6709.23 MB

==================== Drives ================================

Drive c: (OSDisk) (Fixed) (Total:452.09 GB) (Free:272.22 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Recovery) (Fixed) (Total:13.67 GB) (Free:6.97 GB) NTFS


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 5A4684A2)
Partition 1: (Active) - (Size=452.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

 

[PeterJ]

Read the following instructions first. If anything is unclear please ask first.

Warning: This script was written specifically for this user, for use on that particular machine. Do not run this script on another machine.

1. Download the attachment fixlist.txt and save it to your desktop.
2. Right-click on FRST64.exe and select "Run as administrator".
3. Note: Close all webbrowers and leave them closed until FRST64 has finished.
4. Press the Fix button.
5. The tool will now process fixlist.txt. Please be patient.
6. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
7. When finished, a log called Fixlog.txt will appear in the same directory the tool is run from.
8. Attach the logfile Fixlog.txt to your next reply.

 

[Wally Kever]

This doesn't allow me to save it to my desktop it goes to my downloads as txt.

Let me first convey how happy i am that you continue to be patient with me while trying to help me with my situation. Others would have ran off already. So thank you for sticking with me. Onward.

 

[Wally Kever]

Fix result of Farbar Recovery Scan Tool (x64) Version: 27-02-2022
Ran by MKruz090 (06-03-2022 19:24:50) Run:6
Running from C:\Users\MKruz090\Desktop
Loaded Profiles: MKruz090
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
(explorer.exe ->) (GMGP, LLC -> ) [File not signed] C:\Users\MKruz090\AppData\Local\Temp\~wt259E.tmp.exe
(services.exe ->) (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
(services.exe ->) (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(services.exe ->) (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(services.exe ->) (McAfee, Inc. -> McAfee, Inc.) C:\Windows\System32\mfevtps.exe
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (No File)
HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\Run: [UM] => C:\Users\MKruz090\AppData\Local\Temp\~wt259E.tmp.exe [1620224 2018-02-24] (GMGP, LLC -> ) [File not signed] <==== ATTENTION
Task: {260C856D-B6FD-46DA-9485-8F5AC5ADCE3E} - System32\Tasks\LifeChatTask => C:\Program Files\Microsoft LifeChat\LifeChat.exe (No File)
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
FF Plugin-x32: @checkpoint.com/FFApi -> C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll [No File]
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [No File]
CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\MKruz090\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2012-04-17]
S2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc. -> McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc. -> McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc. -> McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [200056 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [245352 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [149032 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc. -> McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [121248 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [190136 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [441328 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [529128 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [94864 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [283360 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
S3 Prot6Flt; C:\Windows\System32\DRIVERS\Prot6Flt.sys [30720 2012-06-14] (Panda Security S.L -> Panda Security, S.L.)
CMD: dir C:\Windows\Logs\CBS\*.log
C:\Windows\Tasks\AutoKMS.job
C:\ProgramData\Yahoo!
EmptyTemp:

*****************

Processes closed successfully.
C:\Users\MKruz090\AppData\Local\Temp\~wt259E.tmp.exe => No running process found
C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe => No running process found
C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe => Could not close process
C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe => Could not close process
[2140] C:\Windows\System32\mfevtps.exe => process closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\DivXMediaServer" => removed successfully
"HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\Software\Microsoft\Windows\CurrentVersion\Run\\UM" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{260C856D-B6FD-46DA-9485-8F5AC5ADCE3E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{260C856D-B6FD-46DA-9485-8F5AC5ADCE3E}" => removed successfully
C:\Windows\System32\Tasks\LifeChatTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LifeChatTask" => removed successfully
C:\Windows\Tasks\AutoKMS.job => moved successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@checkpoint.com/FFApi => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc => removed successfully
C:\Users\MKruz090\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx => moved successfully
HKLM\System\CurrentControlSet\Services\mcmscsvc => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\McNASvc => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\McProxy => could not remove, key could be protected
McShield => Unable to stop service.
HKLM\System\CurrentControlSet\Services\McShield => could not remove, key could be protected
mfefire => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\mfefire => could not remove, key could be protected
mfevtp => Unable to stop service.
HKLM\System\CurrentControlSet\Services\mfevtp => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\MSK80Service => could not remove, key could be protected
mfeapfk => Unable to stop service.
HKLM\System\CurrentControlSet\Services\mfeapfk => could not remove, key could be protected
mfeavfk => Unable to stop service.
HKLM\System\CurrentControlSet\Services\mfeavfk => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\mfefirek => could not remove, key could be protected
mfehidk => Unable to stop service.
HKLM\System\CurrentControlSet\Services\mfehidk => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\mferkdet => could not remove, key could be protected

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 06-03-2022 19:38:53)


Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\mcmscsvc => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\McNASvc => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\McProxy => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\McShield => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\mfefire => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\mfevtp => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\MSK80Service => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\mfeapfk => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\mfeavfk => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\mfefirek => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\mfehidk => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\mferkdet => could not remove, key could be protected

==== End of Fixlog 19:38:53 ====

 

[PeterJ]

This doesn't allow me to save it to my desktop it goes to my downloads as txt.

Best to select "Save File". You should be able to select the desktop or just save it in the folder Downloads and then move the file to your desktop.

Let me first convey how happy i am that you continue to be patient with me while trying to help me with my situation. Others would have ran off already. So thank you for sticking with me. Onward.

No problem.

Next fix:
Warning: This script was written specifically for this user, for use on that particular machine. Do not run this script on another machine.

1. Download the attachment fixlist.txt and save it to your desktop.
2. Right-click on FRST64.exe and select "Run as administrator".
3. Press the Fix button.
4. The tool will now process fixlist.txt. Please be patient.
5. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
6. When finished, a log called Fixlog.txt will appear in the same directory the tool is run from.
7. Attach the logfile Fixlog.txt to your next reply.

 

[Wally Kever]

The capture shows txt. not exe. If i dont show yu like this yu wont know what im talking about. So when i save file thats what appears in my downloads folder.

 

[Wally Kever]

Fix result of Farbar Recovery Scan Tool (x64) Version: 27-02-2022
Ran by MKruz090 (07-03-2022 12:34:20) Run:7
Running from C:\Users\MKruz090\Desktop
Loaded Profiles: MKruz090
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
S3 Prot6Flt; C:\Windows\System32\DRIVERS\Prot6Flt.sys [30720 2012-06-14] (Panda Security S.L -> Panda Security, S.L.)
CMD: dir C:\Windows\Logs\CBS\*.log
C:\Windows\Tasks\AutoKMS.job
C:\ProgramData\Yahoo!
EmptyTemp:

*****************

Processes closed successfully.
HKLM\System\CurrentControlSet\Services\Prot6Flt => removed successfully
Prot6Flt => service removed successfully

========= dir C:\Windows\Logs\CBS\*.log =========

Volume in drive C is OSDisk
Volume Serial Number is 9802-CF39

Directory of C:\Windows\Logs\CBS

03/07/2022 12:34 PM 11,324,912 CBS.log
03/04/2022 05:59 PM 38,194,709 CheckSUR.log
03/04/2022 05:59 PM 76,393,821 CheckSUR.persist.log
02/27/2022 12:05 PM 425 DeepClean.log
4 File(s) 125,913,867 bytes
0 Dir(s) 286,877,425,664 bytes free

========= End of CMD: =========

"C:\Windows\Tasks\AutoKMS.job" => not found
C:\ProgramData\Yahoo! => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 25329019 B
Java, Flash, Steam htmlcache => 83713065 B
Windows/system/drivers => 2967852 B
Edge => 0 B
Brave => 6912099 B
Firefox => 321177144 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 42388618 B
systemprofile32 => 42456186 B
LocalService => 47156578 B
NetworkService => 93772660 B
MKruz090 => 927584810 B

RecycleBin => 77232889 B
EmptyTemp: => 1.6 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:36:18 ====

 

[Wally Kever]

there is a possibility i put the contents of the temp folder back in the wrong folder.

 

[PeterJ]

The capture shows txt. not exe. If i dont show yu like this yu wont know what im talking about. So when i save file thats what appears in my downloads folder.

My attachment was a .txt file and your screenshot shows that. Nothing wrong with it, see the red marked item below.

The latest fix result looks good. Perform a new scan with FRST.
FRST Scan:

1. Right-click to run the tool FRST64.exe as administrator.
2. Note: Ensure that the Addition.txt check box is checked at the bottom of the form within the Optional Scan area.
3. Press the Scan button.
4. Please wait for the tool to finish. It will produce two logfiles called FRST.txt and Addition.txt in the same directory the tool is run from (which should be the desktop)
5. Post the logfiles FRST.txt and Addition.txt as attachment in your next reply.

 

[Wally Kever]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-02-2022
Ran by MKruz090 (administrator) on MININT-NBS308T (Dell Inc. Dell System Inspiron N7110) (07-03-2022 16:33:14)
Running from C:\Users\MKruz090\Downloads
Loaded Profiles: MKruz090
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe ->) (Stardock) [File not signed] C:\Program Files (x86)\Stardock\ObjectDockFree\Dock64.exe
(C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(C:\Program Files\DellTPad\Apoint.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(explorer.exe ->) (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(explorer.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Stardock Corporation -> Stardock) C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <9>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Renesas Electronics Corporation -> Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(services.exe ->) (Clearwire Corporation -> ) C:\Program Files (x86)\Clearwire\Connection Manager\DeviceLaunchSvc.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(services.exe ->) (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
(services.exe ->) (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(services.exe ->) (McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(services.exe ->) (McAfee, Inc. -> McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-12] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6561384 2010-12-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1841496 2016-10-14] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [333784 2021-03-31] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-17] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-10-05] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Clearwire Connection Manager] => C:\Program Files (x86)\Clearwire\Connection Manager\ClearwireCM.exe [54608 2010-05-25] (Clearwire Corporation -> ClearwireCM)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler (No File)
HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\Run: [Dropbox Update] => C:\Users\MKruz090\AppData\Local\Dropbox\Update\DropboxUpdate.exe [130320 2022-01-28] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\MountPoints2: E - E:\AUTORUN.EXE
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\99.1.36.109\Installer\chrmstp.exe [2022-03-03] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2021-12-24] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\Users\MKruz090\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk [2012-11-05]
ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe (Stardock Corporation -> Stardock)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {138B4B5A-0234-4700-B55E-C5A831FF3001} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {1CEFF44C-9642-4C32-B886-257BC4EB0A26} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1706774440-1050106324-3588017053-1003UA => C:\Users\MKruz090\AppData\Local\Dropbox\Update\DropboxUpdate.exe [130320 2022-01-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {2351F11E-88AF-4C21-996D-26B18DBC715A} - System32\Tasks\{0001BC4F-39AB-42A6-847E-0CF447D94531} => C:\Windows\system32\pcalua.exe -a C:\Users\MKruz090\Downloads\jxpiinstall(1).exe -d C:\Users\MKruz090\Downloads
Task: {3852BBBC-385C-4B60-9088-4E54057445B4} - System32\Tasks\{5C88D553-FBDF-4C64-89A8-49FC952BF3E1} => C:\Windows\system32\pcalua.exe -a E:\SetupWizard.exe -d E:\
Task: {5D605C7A-D293-4BBA-9F65-7096BE64BC26} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1706774440-1050106324-3588017053-1003Core => C:\Users\MKruz090\AppData\Local\Dropbox\Update\DropboxUpdate.exe [130320 2022-01-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {6CD78BDF-9FBC-4CF3-9629-463C4BBB5F80} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1131992 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)
Task: {6FE05CAF-ADCF-4F38-9A69-40C5655E1698} - System32\Tasks\PCDDataUploadTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1131992 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)
Task: {79E0C801-346C-4C98-BB8C-1B46B06D3DC9} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {7ADFA052-DFF1-4C69-8234-FAA491666707} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162968 2022-03-01] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {7BAB6A32-FCF8-4472-B376-D7D4A4208CB8} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [435672 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)
Task: {84B44CE6-4934-46D4-92BC-9EB59C55A468} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {871CB16C-DF5A-4AB5-BE88-B481B34B734B} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [38872 2018-02-14] (Dell Inc. -> Dell Inc.)
Task: {96B9C921-AECE-431F-B224-3553F0718EE0} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {A2D74222-19D6-4231-A43D-F4F031667875} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162968 2022-03-01] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {BB9FE182-4ACF-4C61-9E46-EB94EB5D280B} - System32\Tasks\{3DC86B9B-4C24-4C03-9CD7-9B304D946A7D} => C:\Windows\system32\pcalua.exe -a "C:\Users\MKruz090\Desktop\Clearwire\Connection Manager\InstallModem.exe" -d "C:\Users\MKruz090\Desktop\Clearwire\Connection Manager"
Task: {BDBB54ED-2C7F-421A-8FAE-BBB09B85E42D} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1706774440-1050106324-3588017053-1003 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {C8E0D297-249F-4D03-BE91-2C41651B5E11} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2018-02-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {CF366CC2-0B1E-4453-9E8C-B3B28FA50E2A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {DBA9AD6C-A56F-4273-9BB4-4534BCDB5DB2} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1131992 2017-09-14] (Dell Inc. -> PC-Doctor, Inc.)
Task: {DF64419B-AB7E-4681-BF02-41E4FDE8A374} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1706774440-1050106324-3588017053-1003Core.job => C:\Users\MKruz090\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1706774440-1050106324-3588017053-1003UA.job => C:\Users\MKruz090\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 10 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1FCC0F9F-1991-42BA-AF39-6869E93AD79F}: [DhcpNameServer] 66.233.174.12 75.94.255.12
Tcpip\..\Interfaces\{51CEA4D3-953D-434C-AD66-805C82BF0700}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{699E6F3F-9E14-4F22-BB44-765DEF94AB4B}: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge Profile: C:\Users\MKruz090\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-03]

FireFox:
========
FF DefaultProfile: iyoz71gz.default
FF ProfilePath: C:\Users\MKruz090\AppData\Roaming\Mozilla\Firefox\Profiles\iyoz71gz.default [2022-03-07]
FF ProfilePath: C:\Users\MKruz090\AppData\Roaming\Mozilla\Firefox\Profiles\bn23gwgn.default-release [2022-03-07]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\MKruz090\AppData\Roaming\Mozilla\Firefox\Profiles\bn23gwgn.default-release\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2022-03-03]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-24] (Adobe Systems Incorporated -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-24] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-02-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-02-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll [2012-05-31] (Oberon-Media) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)

Brave:
=======
BRA Profile: C:\Users\MKruz090\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-03-07]
BRA Extension: (Brave NTP sponsored images) - C:\Users\MKruz090\AppData\Local\BraveSoftware\Brave-Browser\User Data\gccbbckogglekeggclmmekihdgdpdgoe [2022-03-01]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2018-02-24] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [98208 2009-11-17] (Andrea Electronics -> Andrea Electronics Corporation)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [901184 2010-12-14] (Intel Corporation) [File not signed]
S3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1298496 2010-12-14] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [974912 2010-12-14] (Intel Corporation) [File not signed]
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162968 2022-03-01] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162968 2022-03-01] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 CACLEARWIRE; C:\Program Files (x86)\Clearwire\Connection Manager\ConAppsSvc.exe [124240 2010-05-25] (Clearwire Corporation -> SmithMicro Inc.)
S3 clearwireDeviceDiagnosticsService; C:\Program Files (x86)\Clearwire\Connection Manager\clearwireDeviceDiagnosticsService.exe [399872 2010-04-19] () [File not signed]
S3 CLEARWIRERcAppSvc; C:\Program Files (x86)\Clearwire\Connection Manager\RcAppSvc.exe [120144 2010-05-25] (Clearwire Corporation -> SmithMicro Inc.)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [89920 2009-06-10] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2017-12-14] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294608 2017-12-14] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2017-12-14] (Dell Inc -> Dell Inc.)
S2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc. -> McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc. -> McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc. -> McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [200056 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [245352 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [149032 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
S3 mracsvc; C:\Windows\System32\mracsvc.exe [23885544 2022-03-04] (My.Com B.V. -> My.com B.V.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [355440 2010-03-10] (McAfee, Inc. -> McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 SMSI Device Launch Service; C:\Program Files (x86)\Clearwire\Connection Manager\DeviceLaunchSvc.exe [107856 2010-05-25] (Clearwire Corporation -> )
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [41432 2018-02-14] (Dell Inc. -> Dell Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [198144 2012-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [198144 2012-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 AthDfu; C:\Windows\System32\Drivers\AthDfu.sys [51872 2010-12-16] (Atheros Communications Inc. -> Windows (R) Win 7 DDK provider)
S3 bcm; C:\Windows\System32\DRIVERS\drxvi314_64.sys [359040 2010-03-26] (Smith Micro Software, Inc. -> Beceem communications pvt ltd.)
S3 bcmbusctr; C:\Windows\System32\DRIVERS\BcmBusCtr_64.sys [62976 2010-03-26] (Smith Micro Software, Inc. -> Beceem communications pvt ltd.)
R3 CtClsFlt; C:\Windows\System32\DRIVERS\CtClsFlt.sys [172704 2009-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [41608 2017-12-14] (Techporch Incorporated -> Dell Inc.)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [41208 2017-12-14] (Techporch Incorporated -> Dell Computer Corporation)
R3 hsstap; C:\Windows\System32\DRIVERS\hsstap.sys [39152 2020-09-29] (Pango Inc. -> Pango)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [121248 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [190136 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [441328 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [529128 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [94864 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [283360 2010-10-13] (McAfee, Inc. -> McAfee, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 MpKsladdb2510; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E00C43BE-AAF6-4617-8420-39654ED55C19}\MpKslDrv.sys [49424 2022-03-07] (Microsoft Windows -> Microsoft Corporation)
S3 mracdrv; C:\Windows\System32\drivers\mracdrv1.sys [23122952 2022-03-04] (My.Com B.V. -> My.com B.V.)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [95744 2011-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [212992 2011-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R1 pango_netfilter2; C:\Windows\System32\drivers\pango_netfilter2.sys [94600 2021-10-22] (Pango Inc. -> Pango Inc)
S3 PCTINDIS5X64; C:\Windows\system32\PCTINDIS5X64.SYS [43032 2010-05-25] (Smith Micro Software, Inc. -> Smith Micro Inc.)
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation -> MCCI Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 Bulk1528; System32\Drivers\Bulk1528.sys [X]
S2 Ca1528av; System32\Drivers\Ca1528av.sys [X]
U4 secdrv; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-07 16:33 - 2022-03-07 16:34 - 000027827 _____ C:\Users\MKruz090\Downloads\FRST.txt
2022-03-06 19:24 - 2022-03-07 12:36 - 000002013 _____ C:\Users\MKruz090\Desktop\Fixlog.txt
2022-03-05 22:28 - 2022-03-05 22:29 - 011106632 _____ (McAfee, LLC) C:\Users\MKruz090\Desktop\MCPR.exe
2022-03-05 13:10 - 2022-03-07 16:34 - 000000000 ____D C:\FRST
2022-03-05 13:09 - 2022-03-05 13:09 - 002312192 _____ (Farbar) C:\Users\MKruz090\Downloads\FRST64.exe
2022-03-04 19:50 - 2022-03-05 12:52 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-03-04 15:42 - 2022-03-04 15:42 - 674616578 _____ C:\Windows\MEMORY.DMP
2022-03-04 15:42 - 2022-03-04 15:42 - 000756920 _____ C:\Windows\Minidump\030422-29359-01.dmp
2022-03-04 14:37 - 2022-03-04 14:37 - 000000000 ____D C:\Users\MKruz090\AppData\Local\NVIDIA Corporation
2022-03-04 14:36 - 2022-03-04 14:36 - 023885544 _____ (My.com B.V.) C:\Windows\system32\mracsvc.exe
2022-03-04 14:36 - 2022-03-04 14:36 - 023122952 _____ (My.com B.V.) C:\Windows\system32\Drivers\mracdrv1.sys
2022-03-04 14:36 - 2022-03-04 14:36 - 000000000 ____D C:\Users\MKruz090\AppData\Local\CrashRpt
2022-03-04 12:14 - 2022-03-04 12:14 - 002316112 _____ (niemiro) C:\Users\MKruz090\Desktop\SFCFix.exe
2022-03-03 23:22 - 2022-03-03 23:22 - 000000000 ____D C:\Users\MKruz090\AppData\Local\Blizzard Entertainment
2022-03-03 16:18 - 2022-03-03 16:18 - 000003380 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-03 16:18 - 2022-03-03 16:18 - 000003252 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-03-03 07:20 - 2022-03-07 16:20 - 000000000 ____D C:\Users\MKruz090\AppData\LocalLow\Mozilla
2022-03-03 07:20 - 2022-03-07 12:41 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-03-03 07:20 - 2022-03-05 12:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-03-03 07:20 - 2022-03-04 20:48 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-03-03 07:20 - 2022-03-03 07:20 - 000000942 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-03-03 07:19 - 2022-03-03 07:19 - 000333840 _____ (Mozilla) C:\Users\MKruz090\Downloads\Firefox Installer.exe
2022-03-03 01:11 - 2022-03-03 01:11 - 000000000 ____D C:\Users\MKruz090\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-03-01 22:32 - 2022-03-04 16:16 - 000000000 ____D C:\Users\MKruz090\AppData\Local\niemiro
2022-03-01 20:34 - 2022-03-03 00:47 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2022-03-01 20:34 - 2022-03-01 20:34 - 000000000 ____D C:\Program Files\BraveSoftware
2022-03-01 20:33 - 2022-03-01 20:34 - 000000000 ____D C:\Users\MKruz090\AppData\Local\BraveSoftware
2022-03-01 20:33 - 2022-03-01 20:33 - 000003342 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2022-03-01 20:33 - 2022-03-01 20:33 - 000003214 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
2022-03-01 20:33 - 2022-03-01 20:33 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
2022-03-01 15:36 - 2022-03-01 15:36 - 000000000 ___HD C:\$Windows.~WS
2022-03-01 14:43 - 2022-03-01 14:43 - 000000000 ____D C:\Windows\CheckSur
2022-02-28 23:13 - 2022-02-28 23:13 - 000000000 ____D C:\Users\MKruz090\AppData\Local\Rufus
2022-02-28 23:12 - 2022-02-28 23:13 - 000000258 __RSH C:\ProgramData\ntuser.pol
2022-02-27 21:32 - 2022-02-27 22:38 - 000000000 ___HD C:\$WINDOWS.~BT
2022-02-27 15:10 - 2022-02-27 15:14 - 000224006 _____ C:\Windows\ntbtlog.txt
2022-02-27 14:28 - 2022-02-27 14:28 - 000008192 _____ C:\Windows\system32\config\userdiff
2022-02-27 12:51 - 2022-02-27 12:51 - 000000000 ____D C:\Users\MKruz090\AppData\LocalLow\Digital Leisure
2022-02-27 12:45 - 2022-02-27 12:45 - 000000222 _____ C:\Users\MKruz090\Desktop\Dragon's Lair.url
2022-02-27 11:11 - 2022-02-27 22:11 - 000000001 ___SH C:\BOOTNXT
2022-02-27 10:15 - 2022-02-27 22:12 - 000001890 _____ C:\Windows\diagwrn.xml
2022-02-27 10:15 - 2022-02-27 22:12 - 000001890 _____ C:\Windows\diagerr.xml
2022-02-27 08:06 - 2022-02-27 08:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2022-02-27 08:06 - 2022-02-27 08:06 - 000000000 ____D C:\Program Files\VS Revo Group
2022-02-27 03:13 - 2022-02-27 03:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2022-02-27 03:13 - 2022-02-27 03:13 - 000000000 ____D C:\Program Files\iPod
2022-02-27 03:12 - 2022-02-27 03:13 - 000000000 ____D C:\Program Files\iTunes
2022-02-27 03:09 - 2022-02-27 03:09 - 000000000 ____D C:\Windows\system32\Tasks\Apple
2022-02-27 03:09 - 2022-02-27 03:09 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2022-02-27 03:07 - 2022-03-04 12:03 - 000000000 ____D C:\Users\MKruz090\AppData\Local\CrashDumps
2022-02-27 03:05 - 2022-02-27 03:05 - 000000000 ____D C:\Program Files\HotspotShield TAP-Windows
2022-02-27 03:05 - 2021-10-22 10:50 - 000094600 _____ (Pango Inc) C:\Windows\system32\Drivers\pango_netfilter2.sys
2022-02-27 03:04 - 2022-02-27 03:04 - 000000000 ____D C:\Program Files (x86)\Hotspot Shield
2022-02-27 02:03 - 2022-03-01 16:48 - 000000000 ____D C:\ESD
2022-02-27 01:40 - 2022-03-03 16:34 - 000000000 ____D C:\Users\MKruz090\Desktop\New folder (2)

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-07 16:08 - 2016-02-12 22:17 - 000000930 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1706774440-1050106324-3588017053-1003UA.job
2022-03-07 15:41 - 2013-07-28 10:31 - 000003962 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{0339E0E0-E1AB-4C5F-B75C-B25594CEF559}
2022-03-07 12:47 - 2009-07-13 23:45 - 000027936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-03-07 12:47 - 2009-07-13 23:45 - 000027936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-03-07 12:37 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-03-07 12:35 - 2012-05-28 11:51 - 000000000 ____D C:\Users\MKruz090\AppData\LocalLow\Temp
2022-03-07 02:08 - 2016-02-12 22:17 - 000000878 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1706774440-1050106324-3588017053-1003Core.job
2022-03-06 19:24 - 2012-05-28 11:51 - 000000000 ____D C:\Users\MKruz090\AppData\Local\CRE
2022-03-06 19:20 - 2012-10-16 19:56 - 000000000 ____D C:\temp
2022-03-06 19:11 - 2016-02-12 22:01 - 000000000 ____D C:\Program Files (x86)\Steam
2022-03-05 21:40 - 2012-05-02 01:01 - 000000000 ____D C:\ProgramData\Temp
2022-03-05 17:40 - 2009-07-14 00:13 - 000782470 _____ C:\Windows\system32\PerfStringBackup.INI
2022-03-05 17:40 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2022-03-04 23:12 - 2016-02-13 01:11 - 000000000 ____D C:\Program Files\PeerBlock
2022-03-04 23:09 - 2009-07-13 21:34 - 000000702 _____ C:\Windows\win.ini
2022-03-04 18:39 - 2016-11-12 22:50 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2022-03-04 15:42 - 2013-02-06 03:50 - 000000000 ____D C:\Windows\Minidump
2022-03-04 14:35 - 2016-02-13 00:38 - 000000000 ____D C:\ProgramData\Package Cache
2022-03-04 11:58 - 2012-05-27 22:16 - 000000000 ____D C:\Users\MKruz090\AppData\Roaming\Apple Computer
2022-03-03 16:39 - 2013-07-21 21:22 - 000000000 ____D C:\Users\MKruz090\AppData\Local\Deployment
2022-03-03 07:20 - 2012-05-29 20:44 - 000000000 ____D C:\Users\MKruz090\AppData\Local\Mozilla
2022-03-03 07:20 - 2012-05-28 11:51 - 000000000 ____D C:\Users\MKruz090\AppData\Roaming\Mozilla
2022-03-03 01:11 - 2013-11-28 10:34 - 000000000 ____D C:\Users\MKruz090\AppData\Roaming\Dropbox
2022-03-03 00:31 - 2016-02-13 07:23 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2022-03-03 00:28 - 2016-02-13 07:23 - 000002065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-03-03 00:26 - 2012-05-28 18:43 - 000000000 ____D C:\Users\MKruz090\AppData\Local\Adobe
2022-03-01 16:48 - 2012-02-27 12:09 - 000000000 ____D C:\Windows\Panther
2022-02-28 23:12 - 2009-07-13 22:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2022-02-28 23:12 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2022-02-27 22:12 - 2012-02-27 12:09 - 000008192 __RSH C:\BOOTSECT.BAK
2022-02-27 20:57 - 2012-09-10 17:40 - 000000000 ____D C:\Windows\system32\Tasks\Games
2022-02-27 15:37 - 2016-02-13 07:40 - 000000000 ____D C:\Users\MKruz090\AppData\Roaming\uTorrent
2022-02-27 15:36 - 2012-05-28 22:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2022-02-27 15:13 - 2012-06-13 08:42 - 000000000 ____D C:\Users\MKruz090\AppData\Local\ElevatedDiagnostics
2022-02-27 14:29 - 2012-10-16 19:35 - 000000000 ____D C:\Users\MKruz090\AppData\Local\Spoon
2022-02-27 14:29 - 2012-10-16 19:34 - 000000000 ____D C:\Program Files (x86)\Deskshare
2022-02-27 14:26 - 2012-05-21 19:08 - 000000000 ____D C:\Users\MKruz090
2022-02-27 12:44 - 2016-02-13 10:56 - 000000000 ____D C:\ProgramData\PCDr
2022-02-27 10:53 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\oobe
2022-02-27 10:49 - 2016-11-19 18:10 - 000000000 ___HD C:\Windows\system32\WLANProfiles
2022-02-27 10:49 - 2013-01-07 17:16 - 000000000 ____D C:\Program Files (x86)\Clearwire
2022-02-27 10:49 - 2012-05-02 00:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Webcam
2022-02-27 10:49 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\NDF
2022-02-27 10:49 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\registration
2022-02-27 10:48 - 2013-01-07 17:34 - 000000000 ____D C:\ProgramData\Clearwire
2022-02-27 10:48 - 2012-05-28 18:43 - 000000000 ____D C:\Users\MKruz090\AppData\LocalLow\Adobe
2022-02-27 10:48 - 2012-05-02 00:53 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-02-27 10:47 - 2012-05-02 00:53 - 000000000 ____D C:\Program Files (x86)\Dell Webcam
2022-02-27 08:17 - 2012-06-04 18:26 - 000000000 ____D C:\ProgramData\DivX
2022-02-27 08:10 - 2012-06-04 18:28 - 000000000 ____D C:\Users\MKruz090\AppData\Roaming\DivX
2022-02-27 08:02 - 2014-11-11 19:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-02-27 08:02 - 2013-07-12 17:55 - 000000000 ____D C:\Program Files (x86)\Java
2022-02-27 07:59 - 2014-11-11 19:05 - 000165600 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2022-02-27 03:20 - 2016-02-12 22:05 - 000000000 ____D C:\Users\MKruz090\AppData\Local\Steam
2022-02-27 03:17 - 2009-07-13 23:45 - 000419112 _____ C:\Windows\system32\FNTCACHE.DAT
2022-02-27 03:12 - 2012-09-11 22:33 - 000000000 ____D C:\Program Files\Common Files\Apple
2022-02-27 03:09 - 2012-05-27 22:16 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2022-02-27 02:33 - 2009-07-14 00:08 - 000032618 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2022-02-27 02:21 - 2013-07-13 17:47 - 000000000 ____D C:\Windows\system32\MRT
2022-02-27 02:03 - 2012-05-27 21:38 - 149611728 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-02-27 01:43 - 2012-05-28 23:24 - 000775084 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2022-02-27 01:43 - 2012-05-21 19:09 - 000109208 _____ C:\Users\MKruz090\AppData\Local\GDIPFONTCACHEV1.DAT

==================== Files in the root of some directories ========

2013-06-14 20:41 - 2014-04-22 17:47 - 000001875 _____ () C:\Users\MKruz090\AppData\Roaming\SAS7_000.DAT
2016-02-13 01:43 - 2016-02-13 01:43 - 000000044 _____ () C:\Users\MKruz090\AppData\Roaming\WB.CFG

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2018-02-26 09:48
==================== End of FRST.txt ========================

 

[Wally Kever]

Additional.




Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-02-2022
Ran by MKruz090 (07-03-2022 16:35:23)
Running from C:\Users\MKruz090\Downloads
Microsoft Windows 7 Home Premium Service Pack 1 (X64) (2012-05-22 00:08:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1706774440-1050106324-3588017053-500 - Administrator - Disabled)
Guest (S-1-5-21-1706774440-1050106324-3588017053-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1706774440-1050106324-3588017053-1010 - Limited - Enabled)
MKruz090 (S-1-5-21-1706774440-1050106324-3588017053-1003 - Administrator - Enabled) => C:\Users\MKruz090

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.011.20039 - Adobe Systems Incorporated)
Adobe Flash Player 28 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Application Support (32-bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{74CC99EB-7DC0-4CB0-847A-F8C2FE39690C}) (Version: 14.5.0.7 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 99.1.36.109 - Brave Software Inc)
CLEAR Connection Manager (HKLM\...\{CC591B40-F733-4731-9240-CE86FA34532C}) (Version: 2.00.0043.0 - Clearwire)
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3426 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.668 - Dell)
Dell SupportAssistAgent (HKLM\...\{9DD6B149-CEBC-4910-B11A-242393EDF6D3}) (Version: 2.1.4.14 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.204 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
Dropbox (HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\Dropbox) (Version: 143.4.4161 - Dropbox, Inc.)
HotspotShield TAP-Windows 9.24.4 (HKLM\...\HotspotShield TAP-Windows) (Version: 9.24.4 - Pango Inc.) Hidden
InstallIQ Updater (HKLM-x32\...\{8E1CB0F1-67BF-4052-AA23-FA22E94804C1}) (Version: 1.4.3.0 - W3i, LLC)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2345 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{BEE86606-EFB5-4353-9F34-29E0C59CDCFA}) (Version: 15.2.0.0284 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{181BBF43-CA17-4E1A-A78D-81E67A57B8A4}) (Version: 15.02.0000.1258 - Intel Corporation)
iTunes (HKLM\...\{E6FF3475-A35E-481F-8A8E-3D73CF3A30A1}) (Version: 12.10.11.2 - Apple Inc.)
Java 8 Update 321 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180321F0}) (Version: 8.0.3210.7 - Oracle Corporation)
JavaFX 2.1.0 (HKLM-x32\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 99.0.1150.30 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 97.0.2 (x64 en-US)) (Version: 97.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 97.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
ObjectDock Free (HKLM-x32\...\{2C13F8C1-570B-42A9-87B4-8C7903ECD602}) (Version: 2.0 - Stardock Corporation) Hidden
ObjectDock Free (HKLM-x32\...\ObjectDock Free) (Version: 2.0 - Stardock Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
Open Book HVAC Certifications 4.2.00 (HKLM-x32\...\9588-9510-0199-4620) (Version: 4.2.00 - Mainstream Engineering Corporation)
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6267 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.27.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.27.0 - Renesas Electronics Corporation)
Revo Uninstaller 2.3.8 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.8 - VS Revo Group, Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SPCA1528 PC Driver (HKLM-x32\...\{570C2A84-A145-4DF0-AE9D-012584DF09DC}) (Version: 2.2.2.0 - sunplus)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VC 9.0 Runtime (HKLM-x32\...\{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}) (Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\MKruz090\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\MKruz090\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\MKruz090\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\MKruz090\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\MKruz090\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\FileSyncApi64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll (Dropbox, Inc -> Dropbox, Inc.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll [2012-12-25] (Online Media Technologies Ltd. -> Online Media Technologies Ltd.) [File not signed]
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers1_S-1-5-21-1706774440-1050106324-3588017053-1003: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-1706774440-1050106324-3588017053-1003: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-1706774440-1050106324-3588017053-1003: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\DropboxExt64.52.0.dll [2022-02-13] (Dropbox, Inc -> Dropbox, Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2010-10-04 12:54 - 2010-10-04 12:54 - 000807936 _____ () [File not signed] C:\Program Files (x86)\Stardock\ObjectDockFree\CrashRpt.dll
2010-10-04 12:54 - 2010-10-04 12:54 - 000776704 _____ () [File not signed] C:\Program Files (x86)\Stardock\ObjectDockFree\Dock64.dll
2010-10-04 12:54 - 2010-10-04 12:54 - 000094208 _____ () [File not signed] C:\Program Files (x86)\Stardock\ObjectDockFree\Docklets\Clock\Clock.dll
2010-10-04 12:54 - 2010-10-04 12:54 - 000675840 _____ () [File not signed] C:\Program Files (x86)\Stardock\ObjectDockFree\DockShellHook.dll
2010-10-04 12:54 - 2010-10-04 12:54 - 000053760 _____ () [File not signed] C:\Program Files (x86)\Stardock\ObjectDockFree\zlib.dll
2016-11-19 17:53 - 2010-12-20 17:49 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2016-11-19 17:53 - 2010-12-20 17:45 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2012-04-23 17:21 - 2012-04-23 17:21 - 000333312 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\BluetoothHS\BTHSSupplicant.dll
2012-03-15 06:00 - 2012-03-15 06:00 - 000105472 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\BluetoothHS\UsR3IoPort.dll
2019-03-27 23:34 - 2019-03-27 23:34 - 000130560 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Windows\Microsoft.Net\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2010-10-04 12:54 - 2010-10-04 12:54 - 001038848 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Stardock\ObjectDockFree\dbghelp.dll
2013-03-21 21:08 - 2013-03-21 21:08 - 000113664 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.DLL
2012-05-28 18:16 - 2012-05-28 18:16 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2012-05-28 18:16 - 2012-05-28 18:16 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
2013-03-21 21:08 - 2012-12-25 14:47 - 000150888 _____ (Online Media Technologies Ltd. -> Online Media Technologies Ltd.) [File not signed] C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll
2010-05-25 22:18 - 2010-05-25 22:18 - 000135168 _____ (SmithMicro Inc.) [File not signed] C:\Program Files (x86)\Clearwire\Connection Manager\Diagnostic.dll
2010-05-25 22:18 - 2010-05-25 22:18 - 000047104 _____ (SmithMicro Inc.) [File not signed] C:\Program Files (x86)\Clearwire\Connection Manager\RpcSrvApi.dll
2010-05-25 22:18 - 2010-05-25 22:18 - 000643072 _____ (SmithMicro Inc.) [File not signed] C:\Program Files (x86)\Clearwire\Connection Manager\ToolBx.dll
2010-10-04 12:54 - 2010-10-04 12:54 - 000233547 _____ (Stardock) [File not signed] C:\Program Files (x86)\Stardock\ObjectDockFree\Docklets\Power\Power.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.meetup.com/
HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.dell.com
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\ssv.dll [2022-02-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\jp2ssv.dll [2022-02-27] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\dell.com -> dell.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE;C:\PROGRAM FILES (X86)\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE;%SYSTEMROOT%\SYSTEM32;%SYSTEMROOT%;%SYSTEMROOT%\SYSTEM32\WBEM;%SYSTEMROOT%\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES (X86)\COMMON FILES\ROXIO SHARED\OEM\DLLSHARED\;C:\PROGRAM FILES (X86)\COMMON FILES\ROXIO SHARED\OEM\DLLSHARED\;C:\PROGRAM FILES (X86)\COMMON FILES\ROXIO SHARED\OEM\12.0\DLLSHARED\;C:\PROGRAM FILES (X86)\ROXIO\OEM\AUDIOCORE\;C:\PROGRAM FILES (X86)\WINDOWS LIVE\SHARED;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-1706774440-1050106324-3588017053-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\MKruz090\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: RemoteControl9 => "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{57D537EB-1F56-4D61-813B-CC4A35B25EA1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{957DECDA-054C-4594-A689-550D9EBFEA1D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{F1B9505B-418E-4CD8-B20D-056A2CFC4ACE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6ADAB3B2-A065-4407-9AE3-BFCAD735F377}] => (Allow) LPort=2869
FirewallRules: [{A9DCC638-533E-4683-BB11-28E4A165B8CF}] => (Allow) LPort=1900
FirewallRules: [{A9E4DBB9-EAB1-4BA2-9646-9089A11121EC}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{20983BE5-ACA4-4F37-A201-593E644ED23F}] => (Allow) LPort=51001
FirewallRules: [{1D5E967E-17A9-43FD-B554-64E86DCCA015}] => (Allow) C:\Users\MKruz090\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4392E673-47A3-413F-BC94-73D8BD1AA523}] => (Allow) C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{979C3C9B-BD86-4214-BDC8-323B6BB4EE71}] => (Allow) C:\Users\MKruz090\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{B59506A3-37BA-4AA8-AB0C-8950D1BA7807}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{38198E0A-9264-499A-95E9-6BD87C552557}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{96381C05-FE3A-48E0-A6AB-A89CF30D3517}C:\users\mkruz090\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\mkruz090\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [UDP Query User{7DEF2371-BD84-498D-9F5F-591C9EF1E7C6}C:\users\mkruz090\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\mkruz090\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{99185FB5-FF4B-43D8-B65D-B2A437259ABE}] => (Allow) LPort=51001
FirewallRules: [{957F3740-C3CD-46C4-9E80-9059F91AD036}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4F3E9009-BD5C-4D71-BA2B-C81FF28510F3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6BFF1B86-6692-4CA7-AFBF-8F6113AF6F2F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{A1F09BC7-D5C9-42F2-A312-EA6018DDCCDE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe => No File
FirewallRules: [{CD69F0D4-B85E-4F58-8107-61651FCFA2F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{0FC17C5F-5E59-44EE-BEB5-F76D260D957D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [TCP Query User{06B1E09C-B1D6-4227-9A55-B76AF2B33764}C:\program files (x86)\perfect world entertainment\neverwinter_en\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\perfect world entertainment\neverwinter_en\neverwinter\live\gameclient.exe => No File
FirewallRules: [UDP Query User{197307BC-30A4-4C65-94BA-FAFE577E9898}C:\program files (x86)\perfect world entertainment\neverwinter_en\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\perfect world entertainment\neverwinter_en\neverwinter\live\gameclient.exe => No File
FirewallRules: [{0851D6B2-2CFE-4F82-BEA1-7E5673F6A55D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{53036CC3-5551-4CF9-AEA5-14B70AA605E2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2908E009-77C4-46B0-8000-3BAEF94927B9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6515822E-F8B8-412A-90F3-F144365CE7EA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4FAB55FC-33E9-44C0-93F2-ABA9FC89DD86}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [{75E49F19-32FD-476D-9759-1F5139EFCEAE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7A5736DE-B723-4329-9652-4D013D0EC164}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{44787D0A-0D18-427F-AADD-5B38A112E64C}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{47564491-FAAB-4F55-8910-A681F79F55BF}] => (Allow) C:\Users\MKruz090\AppData\Local\Warframe\Downloaded\Public\Warframe.exe => No File
FirewallRules: [{175E4AE3-EBDC-48B9-B4BE-7BEEBD8C628F}] => (Allow) C:\Users\MKruz090\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe => No File
FirewallRules: [{E2E10332-69F6-43D7-A0FC-9A2677ABB910}] => (Allow) C:\Users\MKruz090\AppData\Local\Warframe\Downloaded\Public\Warframe.exe => No File
FirewallRules: [{C4F909A4-8D08-426D-AD75-0EFB8C1F84B7}] => (Allow) C:\Users\MKruz090\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe => No File
FirewallRules: [{05A0317D-AFD0-40E8-A89B-F5F6E3C44FD2}] => (Allow) C:\Users\MKruz090\AppData\Local\Warframe\Downloaded\Public\Warframe.exe => No File
FirewallRules: [{B6BF9088-90DF-4206-BD9B-CCAEBC61B2E8}] => (Allow) C:\Users\MKruz090\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe => No File
FirewallRules: [{07148CD9-2149-49BC-981D-F328ABEE12CE}] => (Allow) C:\Users\MKruz090\AppData\Local\Warframe\Downloaded\Public\Warframe.exe => No File
FirewallRules: [{F8B25E3B-030D-4FFE-80F0-C87E29B419C6}] => (Allow) C:\Users\MKruz090\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe => No File
FirewallRules: [{F5FF8126-E514-4E4E-9F9F-E16281D53FA2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon's Lair\DragonsLair.exe () [File not signed]
FirewallRules: [{16AFD610-C0D4-4E89-9EDD-627D0E5E2E16}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon's Lair\DragonsLair.exe () [File not signed]
FirewallRules: [{5A4ECC1D-5BD3-46E4-977F-C60CB107964B}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{69A37891-845E-4559-A278-41124BBFEE52}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FA5BF607-8068-4112-9957-44646E02D0FF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A6440C46-E438-461B-B82B-F8D74132C9DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\WarfaceMycomSteamLoader.exe (My.Com B.V. -> )
FirewallRules: [{5BEDB7BE-1E6F-49A4-B563-C3A0740B3CF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\WarfaceMycomSteamLoader.exe (My.Com B.V. -> )
FirewallRules: [TCP Query User{A1CF29B5-B123-47C8-A2F7-A899E94795DF}C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe (My.Com B.V. -> )
FirewallRules: [UDP Query User{DB6E2EA3-5B28-4625-876F-4E961E2A6F0D}C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warface\gamecenter\gamecenter.exe (My.Com B.V. -> )
FirewallRules: [TCP Query User{7612889D-F300-4688-B1CB-4DA0866C3778}C:\program files (x86)\steam\steamapps\common\warface\13_2000076\bin64release\game.exe] => (Block) C:\program files (x86)\steam\steamapps\common\warface\13_2000076\bin64release\game.exe (MRAC Warface -> MY.GAMES)
FirewallRules: [UDP Query User{FEF3F5B2-1DFC-4B50-81A6-39B9AEEE0471}C:\program files (x86)\steam\steamapps\common\warface\13_2000076\bin64release\game.exe] => (Block) C:\program files (x86)\steam\steamapps\common\warface\13_2000076\bin64release\game.exe (MRAC Warface -> MY.GAMES)
FirewallRules: [{57B7E832-3C48-4B33-A144-48310C640F31}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E59F7526-7D05-4374-90AD-C383864F39C5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E61D63B7-D883-491C-8AF0-670B796D465B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deadlight\Binaries\Win32\LOTDGame.exe (ENTIDAD TEQUILA WORKS SL - CIF B85767523 - NOMBRE SANCHO RODRIGUEZ LUZ MARIA - NIF 29186069N -> Epic Games, Inc.) [File not signed]
FirewallRules: [{A8FD6321-6179-4A9E-8822-F656414CADE3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deadlight\Binaries\Win32\LOTDGame.exe (ENTIDAD TEQUILA WORKS SL - CIF B85767523 - NOMBRE SANCHO RODRIGUEZ LUZ MARIA - NIF 29186069N -> Epic Games, Inc.) [File not signed]

==================== Restore Points =========================

01-03-2022 14:43:35 Windows Update
03-03-2022 16:12:24 Revo Uninstaller's restore point - Microsoft Edge
04-03-2022 14:35:06 Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133
04-03-2022 16:23:39 Windows Update
04-03-2022 17:27:48 Windows Update
04-03-2022 18:38:57 Revo Uninstaller's restore point - VLC media player
04-03-2022 23:17:10 Windows Update
05-03-2022 17:41:44 Windows Update
05-03-2022 21:04:44 Revo Uninstaller's restore point - Yahoo! Software Update
05-03-2022 21:06:19 Revo Uninstaller's restore point - Settings Manager
05-03-2022 21:06:53 Revo Uninstaller's restore point - Search Protection
05-03-2022 21:07:38 Revo Uninstaller's restore point - Warframe
05-03-2022 21:07:51 Removed Warframe
05-03-2022 21:09:10 Revo Uninstaller's restore point - Warframe
05-03-2022 21:35:46 Removed Dragon NaturallySpeaking 12.0.
05-03-2022 21:38:18 Revo Uninstaller's restore point - Dragon NaturallySpeaking 12
05-03-2022 21:43:46 Revo Uninstaller's restore point - Battle.net
05-03-2022 22:39:46 Windows Update
06-03-2022 23:54:06 Revo Uninstaller's restore point - ZoneAlarm Security Toolbar
07-03-2022 03:00:22 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/07/2022 12:41:10 PM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Net.WebException</Type><Message><![CDATA[The request was aborted: Could not create SSL/TLS secure channel.]]></Message><Source><![CDATA[System]]></Source><StackTrace><![CDATA[ at System.Net.HttpWebRequest.GetResponse()
at eSupport.Common.Client.Core.DownloadHelper.c7830ac1bc4e91dab8bde579f211f329c(String c8673d9709497f3c74ce807a680598785, String c91396822be155ce2c311fce26d8381b0, String c4f92ed345e3cbb336c52d8fa69d33697)]]></StackTrace><SysInfo STag="5BC54S1" SMBIOSMajVer="2" SMBIOSMinVer="6" SMBIOSBIOSVer="A13" SMBIOSPresent="True" Rel_Date="20120905000000.000000+000" DSDVersion="10.0.3.0" Vendor="Dell Inc." PName="Dell System Inspiron N7110" Ident_Num="MININT-NBS308T" TimeZone="(UTC-05:00) Eastern Time (US & Canada)" OSName="Microsoft Windows 7 Home Premium"/><HostIP>192.168.1.13</HostIP></Exception>

Error: (03/07/2022 12:38:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/07/2022 12:35:03 PM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Net.WebException</Type><Message><![CDATA[The request was aborted: Could not create SSL/TLS secure channel.]]></Message><Source><![CDATA[System]]></Source><StackTrace><![CDATA[ at System.Net.HttpWebRequest.GetResponse()
at eSupport.Common.Client.Core.DownloadHelper.c7830ac1bc4e91dab8bde579f211f329c(String c8673d9709497f3c74ce807a680598785, String c91396822be155ce2c311fce26d8381b0, String c4f92ed345e3cbb336c52d8fa69d33697)]]></StackTrace><SysInfo STag="5BC54S1" SMBIOSMajVer="2" SMBIOSMinVer="6" SMBIOSBIOSVer="A13" SMBIOSPresent="True" Rel_Date="20120905000000.000000+000" DSDVersion="10.0.3.0" Vendor="Dell Inc." PName="Dell System Inspiron N7110" Ident_Num="MININT-NBS308T" TimeZone="(UTC-05:00) Eastern Time (US & Canada)" OSName="Microsoft Windows 7 Home Premium"/><HostIP>192.168.1.13</HostIP></Exception>

Error: (03/07/2022 12:20:28 PM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Net.WebException</Type><Message><![CDATA[The request was aborted: Could not create SSL/TLS secure channel.]]></Message><Source><![CDATA[System]]></Source><StackTrace><![CDATA[ at System.Net.HttpWebRequest.GetResponse()
at eSupport.Common.Client.Core.DownloadHelper.c7830ac1bc4e91dab8bde579f211f329c(String c8673d9709497f3c74ce807a680598785, String c91396822be155ce2c311fce26d8381b0, String c4f92ed345e3cbb336c52d8fa69d33697)]]></StackTrace><SysInfo STag="5BC54S1" SMBIOSMajVer="2" SMBIOSMinVer="6" SMBIOSBIOSVer="A13" SMBIOSPresent="True" Rel_Date="20120905000000.000000+000" DSDVersion="10.0.3.0" Vendor="Dell Inc." PName="Dell System Inspiron N7110" Ident_Num="MININT-NBS308T" TimeZone="(UTC-05:00) Eastern Time (US & Canada)" OSName="Microsoft Windows 7 Home Premium"/><HostIP>192.168.1.13</HostIP></Exception>

Error: (03/07/2022 12:17:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/06/2022 11:59:26 PM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Net.WebException</Type><Message><![CDATA[The request was aborted: Could not create SSL/TLS secure channel.]]></Message><Source><![CDATA[System]]></Source><StackTrace><![CDATA[ at System.Net.HttpWebRequest.GetResponse()
at eSupport.Common.Client.Core.DownloadHelper.c7830ac1bc4e91dab8bde579f211f329c(String c8673d9709497f3c74ce807a680598785, String c91396822be155ce2c311fce26d8381b0, String c4f92ed345e3cbb336c52d8fa69d33697)]]></StackTrace><SysInfo STag="5BC54S1" SMBIOSMajVer="2" SMBIOSMinVer="6" SMBIOSBIOSVer="A13" SMBIOSPresent="True" Rel_Date="20120905000000.000000+000" DSDVersion="10.0.3.0" Vendor="Dell Inc." PName="Dell System Inspiron N7110" Ident_Num="MININT-NBS308T" TimeZone="(UTC-05:00) Eastern Time (US & Canada)" OSName="Microsoft Windows 7 Home Premium"/><HostIP>192.168.1.13</HostIP></Exception>

Error: (03/06/2022 11:56:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/06/2022 11:54:06 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {8053a2ce-5fe5-44c1-a4e2-c7b9b8e05c27}


System errors:
=============
Error: (03/07/2022 04:38:47 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} did not register with DCOM within the required timeout.

Error: (03/07/2022 03:07:31 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OSDisk.

Error: (03/07/2022 03:06:59 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OSDisk.

Error: (03/07/2022 03:06:59 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OSDisk.

Error: (03/07/2022 03:06:58 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OSDisk.

Error: (03/07/2022 03:06:58 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OSDisk.

Error: (03/07/2022 03:06:58 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OSDisk.

Error: (03/07/2022 03:06:58 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OSDisk.


==================== Memory info ===========================

BIOS: Dell Inc. A13 09/05/2012
Motherboard: Dell Inc. 0YH79Y
Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 71%
Total physical RAM: 6038.17 MB
Available physical RAM: 1727.92 MB
Total Virtual: 12074.54 MB
Available Virtual: 7394.5 MB

==================== Drives ================================

Drive c: (OSDisk) (Fixed) (Total:452.09 GB) (Free:267.5 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Recovery) (Fixed) (Total:13.67 GB) (Free:6.97 GB) NTFS


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 5A4684A2)
Partition 1: (Active) - (Size=452.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

 

[PeterJ]

Warning: This script was written specifically for this user, for use on that particular machine. Do not run this script on another machine.

1. Download the attachment fixlist.txt and save it to your desktop.
2. Note: Disable the real-time protection of your antivirus program "Microsoft Security Essentials" until the tool is finished.
3. Right-click on FRST64.exe and select "Run as administrator".
4. Press the Fix button.
5. The tool will now process fixlist.txt.
6. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
7. When finished, a log called Fixlog.txt will appear in the same directory the tool is run from.
8. Attach the logfile Fixlog.txt to your next reply.