Last night and today I got alerts from Malwarebytes that it blocked (YAY!) an exploit attempt. FRST logs posted below. I haven't experienced any issues prior to this alert. I ran a full scan with MBAM immediately, no issues found.
Thank you in advance for your help.
Michael
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2023
Ran by Michael (administrator) on MICHAELS-ROG (ASUSTeK COMPUTER INC. G750JW) (25-09-2023 16:33:11)
Running from C:\Users\Michael\Desktop\FRST64.exe
Loaded Profiles: Michael
Platform: Microsoft Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(C:\Program Files\Logitech\SetPointP\SetPoint.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(explorer.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe <8>
(explorer.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <69>
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(explorer.exe ->) (RealDefense, LLC -> SUPERAntiSpyware) D:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(services.exe ->) (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel® Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(services.exe ->) (Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(services.exe ->) (Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) D:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(taskeng.exe ->) () [File not signed] C:\Windows\SysWOW64\UMonit64.exe <2>
(taskeng.exe ->) (ALCPU -> ) C:\Program Files\Core Temp\Core Temp.exe
(taskeng.exe ->) (ASUSTeK Computer Inc. -> ASUS) [File not signed] C:\Program Files\ASUS\P4G\BatteryLife.exe
(taskeng.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(taskeng.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(taskeng.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [UMonit64] => C:\Windows\SysWOW64\UMonit64.exe [40960 2013-03-14] () [File not signed]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18368512 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890640 2013-04-02] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2019-01-29] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3246992 2023-02-08] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-02] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [328504 2013-01-11] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [205184 2012-10-17] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
HKLM-x32\...\Run: [I19C] => C:\Windows\twain_32\Brimi19c\Common\TwDsUiLaunch.exe [94560 2021-01-28] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [BCSSync] => D:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [Allow-LogonScript-NetbiosDisabled] 1
HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\ DisallowedCertificates: 0DA4BF5A428C444A209EC3720EB7A9EE28C3CF9B (U)
HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\ DisallowedCertificates: 91DEEAA727FCEA10CB79F6709AE173DCE881446C (U)
HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\ DisallowedCertificates: A2D24C4708488FE490310CEF7AC667A71921D635 (U)
HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\...\Run: [SUPERAntiSpyware] => d:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [11192552 2023-08-10] (RealDefense, LLC -> SUPERAntiSpyware)
HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\...\Run: [Dropbox Update] => C:\Users\Michael\AppData\Local\DropboxUpdate\Update\DropboxUpdate.exe [130320 2023-05-03] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\...\MountPoints2: {41660191-7547-11e5-9f4b-240a64de56e2} - G:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\...\MountPoints2: {c0164bf6-dd40-11e5-afa2-bcee7b03ad40} - F:\Setup.exe
HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\...\MountPoints2: {c5a00dab-0394-11e8-a056-bcee7b03ad40} - F:\Setup.exe
HKLM\...\Windows x64\Print Processors\hpzppwn7: C:\Windows\System32\spool\prtprocs\x64\hpzppwn7.dll [101376 2009-07-13] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\LMADIQ4C: C:\Windows\System32\spool\prtprocs\x64\LMADIQ4C.DLL [230912 2012-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Lexmark International Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\System32\AdobePDF.dll [55872 2013-12-18] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP A511 Status Monitor: C:\Windows\System32\hpinkstsA511LM.dll [331664 2012-06-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Photosmart 6510 series): C:\Windows\System32\HPDiscoPMA511.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\LM_LMADIQ: C:\Windows\System32\LMADIQLANG.DLL [2945024 2012-09-06] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\PCL hpz3lwn7: C:\Windows\System32\hpz3lwn7.dll [36352 2009-07-13] (Microsoft Windows -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2023-01-26] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> c:\Program Files\WIDCOMM\Bluetooth Software\BtwCP.dll [2012-10-23] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll [2012-10-23] (Broadcom Corporation -> Broadcom Corporation.)
Lsa: [Notification Packages] scecli c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2023-09-21]
ShortcutTarget: Dropbox.lnk -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2B547BDA-CF26-43EC-BE0D-C0031C4E1436} - System32\Tasks\{35A3DAC7-B696-4354-938A-2852AED0C003} => C:\Windows\system32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a C:\Users\Michael\Desktop\Shockwave_Installer_Slim.exe -d C:\Users\Michael\Desktop
Task: {61574E69-EFA4-43B7-B1FE-281973E82FB3} - System32\Tasks\{38B32BE5-7AF0-4696-961B-C985921D58C5} => C:\Windows\system32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a "E:\Adobe Acrobat X\Setup.exe" -d E:\
Task: {C67118B6-1A20-4B2E-B71A-EF9EA3429E40} - System32\Tasks\{73A378C6-83C6-4A91-9FF6-CE3FAD1363F4} => C:\Windows\system32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a C:\Users\Michael\Desktop\jre-8u51-windows-i586-iftw.exe -d C:\Users\Michael\Desktop
Task: {A4BC16B9-BE66-4E76-9EA5-5B877EDF610C} - System32\Tasks\{817CA3FA-3A85-42E1-9328-AFB9E6C14234} => C:\Windows\system32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a C:\Users\Michael\Desktop\jxpiinstall.exe -d C:\Users\Michael\Desktop
Task: {B6F91F48-BD17-4387-9EB7-9B11357DF2E4} - System32\Tasks\{D96828FE-D643-421E-AC02-F02E0B230645} => C:\Windows\system32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a C:\Users\Michael\Desktop\setupwinbootinfo_x86.exe -d C:\Users\Michael\Desktop
Task: {EE772A85-F3F2-40E3-9E27-B83E4DB54D2F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-08-02] (Adobe Inc. -> Adobe Inc.)
Task: {1D07CB0E-36D7-41ED-9F60-E108051AC8E9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_445_Plugin.exe [1502264 2020-10-31] (Adobe Inc. -> Adobe)
Task: {377A8180-A897-45DD-AEE8-C7E5E64A189F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-10-31] (Adobe Inc. -> Adobe)
Task: {5EB455D8-9DB9-4B33-BB1D-6ADC8DCB7DE5} - System32\Tasks\ASUS P4G => c:\Program Files\ASUS\P4G\BatteryLife.exe [986544 2011-11-15] (ASUSTeK Computer Inc. -> ASUS) [File not signed]
Task: {E6097F22-DEB8-4C8F-9FD4-4BC71822A457} - System32\Tasks\ASUS Splendid ACMON => c:\Program Files (x86)\ASUS\Splendid\ACMON.exe [54488 2012-11-28] (ASUSTeK Computer Inc. -> ASUS)
Task: {83ADA87E-88E9-4CF2-90B4-112F60462299} - System32\Tasks\ASUS Splendid ColorU => c:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [176240 2013-02-26] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {457BE312-E51C-4E4A-A40A-BB8367F97EE6} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1124032 2012-09-18] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {40A5748E-EE4B-48BF-A2B1-8B60A9B216C0} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [1957040 2013-01-04] (ASUSTeK Computer Inc. -> ) [File not signed]
Task: {22E23A14-995F-444B-9E72-65E3A6D47219} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [328504 2013-01-11] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {E4EAD466-4839-4A08-935B-69CEDC88C17A} - System32\Tasks\CCleaner Update => D:\Program Files\CCleaner\CCUpdate.exe [714256 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {2DFB56AC-0A37-43F8-B25C-014DFC5E1949} - System32\Tasks\CCleanerCrashReporting => d:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "d:\Program Files\CCleaner\LOG" --programpath "d:\Program Files\CCleaner" --configpath "d:\Program Files\CCleaner\Setup" --guid "4fb937ad-5600-4097-a7a0-3ae0d6af402e" --version "6.11.10455" --silent
Task: {CB7C6B3A-63B6-42BD-9F4D-35A77E2EE513} - System32\Tasks\CCleanerSkipUAC - Michael => D:\Program Files\CCleaner\CCleaner.exe [34159416 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {9B791DBF-A3F7-47EC-9161-F68347D6E482} - System32\Tasks\Core Temp Autostart Michael => C:\Program Files\Core Temp\Core Temp.exe [933352 2016-10-12] (ALCPU -> )
Task: {8B8CFA54-A946-4234-BFC9-553E5C44E286} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3102418866-2490860267-4193198369-1000Core => C:\Users\Michael\AppData\Local\DropboxUpdate\Update\DropboxUpdate.exe [130320 2023-05-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {FA30A355-4ADE-4D25-9698-8274BBB0AB52} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3102418866-2490860267-4193198369-1000UA => C:\Users\Michael\AppData\Local\DropboxUpdate\Update\DropboxUpdate.exe [130320 2023-05-03] (Dropbox, Inc -> Dropbox, Inc.)
Task: {4DCBAD24-888E-4FA8-9620-E27BD72BAE07} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {1FB84C1A-C098-45F6-AC5A-2A20297322B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {066CD43B-A51B-4095-BE86-D3B437EBA4E1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3102418866-2490860267-4193198369-1000Core => C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-09] (Google Inc -> Google Inc.)
Task: {28F4A544-CD21-4ECD-82CF-2433E92EEA8E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3102418866-2490860267-4193198369-1000UA => C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-09] (Google Inc -> Google Inc.)
Task: {DDE9998D-9DBA-410E-AB94-8882B86A8B09} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [724384 2023-09-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {A3371B6B-FBB9-4BEE-85A2-51C75C916844} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [862 2019-04-30] () [File not signed]
Task: {AD02C602-BCEA-42A6-82A9-61A1D1922F06} - System32\Tasks\PowerENGAGE => Command(1): msiexec -> /f {400A01BF-E908-4393-BD39-31E386377BDA} /quiet /qn
Task: {AD02C602-BCEA-42A6-82A9-61A1D1922F06} - System32\Tasks\PowerENGAGE => Command(2): PowerENGAGE.exe -> scheduled-run
Task: {01AC84EB-ECC2-435B-848B-0EDA145CB50A} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {1DB859D6-E12F-4B32-91A5-40FCD21FA564} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {5DA23D47-3179-4F3C-AE77-6F0DAA1387DF} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {9E111C40-52BB-4EAD-A285-C3F6ECB62ED0} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [4838816 2014-09-28] (Samsung Electronics Co., Ltd. -> Samsung Electronics.)
Task: {717D9110-667D-436E-89A2-90D16082150A} - System32\Tasks\SUPERAntiSpyware Scheduled Task 0ed1a7cf-5bee-4e53-a685-6a208c85415d => D:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com) -> "D:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE" /TASK:0ed1a7cf-5bee-4e53-a685-6a208c85415d
Task: {4ED759F8-9028-4FF6-B45C-800120D2BB20} - System32\Tasks\SUPERAntiSpyware Scheduled Task 95283c90-649d-4857-8fa0-47ad5c79ed4c => d:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2013-11-07] (SUPERAntiSpyware.com -> SUPERAdBlocker.com) -> "d:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:95283c90-649d-4857-8fa0-47ad5c79ed4c
Task: {636EF170-6999-4327-A662-C1E4FBDFDDE6} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [40960 2013-03-14] () [File not signed]
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => d:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3102418866-2490860267-4193198369-1000Core.job => C:\Users\Michael\AppData\Local\DropboxUpdate\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3102418866-2490860267-4193198369-1000UA.job => C:\Users\Michael\AppData\Local\DropboxUpdate\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3102418866-2490860267-4193198369-1000Core.job => C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3102418866-2490860267-4193198369-1000UA.job => C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 0ed1a7cf-5bee-4e53-a685-6a208c85415d.job => D:\Program Files\SUPERAntiSpyware\SASTask.exedD:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 95283c90-649d-4857-8fa0-47ad5c79ed4c.job => d:\Program Files\SUPERAntiSpyware\SASTask.exedd:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.50.1
Tcpip\..\Interfaces\{057DC233-566D-4C35-8FA1-D04CFFF3871A}: [DhcpNameServer] 192.168.50.1
FireFox:
========
FF DefaultProfile: wt8v7frv.default-1429230881077-1650327565980
FF ProfilePath: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\wt8v7frv.default-1429230881077-1650327565980 [2023-09-25]
FF DownloadDir: C:\Users\Michael\Desktop
FF Session Restore: Mozilla\Firefox\Profiles\wt8v7frv.default-1429230881077-1650327565980 -> is enabled.
FF Extension: (AdGuard AdBlocker) - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\wt8v7frv.default-1429230881077-1650327565980\Extensions\adguardadblocker@adguard.com.xpi [2023-09-21]
FF Extension: (F.B Purity - Cleans up Facebook) - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\wt8v7frv.default-1429230881077-1650327565980\Extensions\fbpElectroWebExt@fbpurity.com.xpi [2023-09-19] [UpdateUrl:hxxps://www.fbpurity.com/FF-FBP-Ext-Updates.json]
FF Extension: (SimpleFill) - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\wt8v7frv.default-1429230881077-1650327565980\Extensions\jid1-D8dVug3d0bbing@jetpack.xpi [2022-05-26]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2023-01-28] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2019-12-14] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_445.dll [2020-10-31] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_445.dll [2020-10-31] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> D:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> D:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll [No File]
FF Plugin-x32: Adobe Acrobat -> D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3102418866-2490860267-4193198369-1000: @macromedia.com/FlashPlayer10 -> d\WINDOWS\system32\Macromed\Flash\NPSWF32.dll [No File]
FF Plugin HKU\S-1-5-21-3102418866-2490860267-4193198369-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll [2014-04-09] (Google Inc -> Google Inc.)
FF Plugin HKU\S-1-5-21-3102418866-2490860267-4193198369-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll [2014-04-09] (Google Inc -> Google Inc.)
Chrome:
=======
CHR DefaultProfile: Profile 3
CHR Profile: C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default [2022-03-12]
CHR Extension: (Google Docs) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-26]
CHR Extension: (Google Drive) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-26]
CHR Extension: (YouTube) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-26]
CHR Extension: (Google Search) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-13]
CHR Extension: (Bookmark Manager) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-06-26]
CHR Extension: (Google Wallet) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-26]
CHR Extension: (Gmail) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-13]
CHR Profile: C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-09-02]
CHR Profile: C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-01-21]
CHR Extension: (Google Docs Offline) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-20]
CHR Profile: C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Profile 3 [2023-09-25]
CHR DownloadDir: C:\Users\Michael\Desktop
CHR Session Restore: Profile 3 -> is enabled.
CHR Extension: (Fluff Busting Purity) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmkinhboiljjkhaknpaeaicmdjhagpep [2023-09-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-20]
CHR Profile: C:\Users\Michael\AppData\Local\Google\Chrome\User Data\System Profile [2022-09-02]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; d:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-02-18] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [69632 2014-02-08] (Adobe Systems) [File not signed]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-08-02] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-10-31] (Adobe Inc. -> Adobe)
S3 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel® Corporation) [File not signed]
S3 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [3894760 2017-10-19] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
S3 MatSvc; C:\Program Files\Microsoft Fix it Center\Matsvc.exe [343856 2011-06-13] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9287960 2023-09-23] (Malwarebytes Inc. -> Malwarebytes)
S3 Microsoft SharePoint Workspace Audit Service; D:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [30814400 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 OO DiskImage; D:\Program Files\Laplink\Laplink DiskImage\oodiag.exe [3511640 2010-05-27] (Laplink Software -> )
S3 ss_conn_launcher_service; C:\Windows\system32\Samsung\EasySetup\ss_conn_launcher.exe [183816 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_service; d:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 ss_conn_service2; d:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2021-03-01] (Microsoft) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2021-03-01] (Microsoft) [File not signed]
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.236\WsAppService.exe [495840 2018-01-26] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [120096 2018-01-16] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2022-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [215608 2016-08-22] (GENESYS LOGIC, INC. -> GenesysLogic)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [14992 2012-08-02] (ASUSTeK Computer Inc. -> )
R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [224720 2015-08-18] (QFX Software Corporation -> QFX Software Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-11-29] (Qualcomm Atheros -> Qualcomm Atheros Co., Ltd.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [222272 2023-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [200104 2023-09-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [78400 2023-09-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [149464 2023-09-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 MpKsl317ae845; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9DAE803E-B6AC-442D-90E5-C68CA45C33BC}\MpKslDrv.sys [54528 2023-09-25] (Microsoft Windows -> Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R1 npcap; C:\Windows\System32\DRIVERS\npcap.sys [70968 2019-07-30] (Insecure.Com LLC -> Insecure.Com LLC.)
R0 oodisr; C:\Windows\System32\DRIVERS\oodisr.sys [117344 2010-05-27] (Laplink Software -> O&O Software GmbH)
R0 oodisrh; C:\Windows\System32\DRIVERS\oodisrh.sys [40032 2010-05-27] (Laplink Software -> O&O Software GmbH)
R0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [210528 2010-05-27] (Laplink Software -> O&O Software GmbH)
R0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [42592 2010-05-27] (Laplink Software -> O&O Software GmbH)
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (PRINTING COMMUNICATIONS ASSOCIATES, INC -> Printing Communications Assoc., Inc. (PCAUSA))
R1 SASDIFSV; d:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; d:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [168968 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [45064 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R3 ALSysIO; \??\C:\Users\Michael\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S3 DIRECTIO; \??\D:\Program Files\PerformanceTest\DirectIo64.sys [X]
S3 NANMp50; System32\Drivers\NANMp50.sys [X]
S3 NANSp50; System32\Drivers\NANSp50.sys [X]
U4 npcap_wifi; no ImagePath
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-09-25 16:33 - 2023-09-25 16:34 - 000037673 _____ C:\Users\Michael\Desktop\FRST.txt
2023-09-25 16:30 - 2023-09-25 16:30 - 002382848 _____ (Farbar) C:\Users\Michael\Desktop\FRST64.exe
2023-09-25 14:30 - 2023-09-25 14:30 - 000000572 _____ C:\Users\Michael\Desktop\mbam.txt
2023-09-24 22:44 - 2023-09-24 22:46 - 000231488 _____ C:\TDSSKiller.3.1.0.9_24.09.2023_22.44.37_log.txt
2023-09-24 22:41 - 2023-09-24 22:44 - 000002260 _____ C:\Users\Michael\Desktop\Rkill.txt
2023-09-24 22:39 - 2023-09-24 22:41 - 000231488 _____ C:\TDSSKiller.3.1.0.9_24.09.2023_22.39.35_log.txt
2023-09-23 11:33 - 2023-09-23 11:33 - 001227399 _____ C:\Users\Michael\Desktop\2023 beeton Lease 21v.pdf
2023-09-21 15:15 - 2023-09-21 15:15 - 000000000 ____D C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2023-09-13 20:34 - 2023-09-13 20:34 - 000000000 ____D C:\Users\Michael\AppData\Roaming\Microsoft\Publisher
2023-09-12 21:07 - 2023-09-12 21:07 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-09-06 17:12 - 2023-09-06 17:12 - 000068480 _____ C:\Users\Michael\Desktop\drpepper.pdf
2023-09-02 21:08 - 2023-09-02 21:11 - 000000000 ____D C:\Users\Michael\Documents\house
2023-09-02 20:59 - 2023-09-02 21:05 - 000000000 ____D C:\Users\Michael\Documents\Firestone
2023-09-02 20:58 - 2023-09-02 21:10 - 000000000 ____D C:\Users\Michael\Documents\Prize stuff
2023-09-02 20:57 - 2023-09-02 21:08 - 000000000 ____D C:\Users\Michael\Documents\Scott stuff
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-09-25 16:34 - 2015-11-25 07:26 - 000000000 ____D C:\FRST
2023-09-25 16:00 - 2014-04-09 12:22 - 000000000 ____D C:\Program Files (x86)\Google
2023-09-25 15:56 - 2014-02-09 08:56 - 000000514 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 95283c90-649d-4857-8fa0-47ad5c79ed4c.job
2023-09-25 15:55 - 2015-06-18 18:47 - 000000938 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3102418866-2490860267-4193198369-1000UA.job
2023-09-25 08:32 - 2009-07-13 23:45 - 000034640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2023-09-25 08:32 - 2009-07-13 23:45 - 000034640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2023-09-25 07:55 - 2015-06-18 18:47 - 000000886 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3102418866-2490860267-4193198369-1000Core.job
2023-09-25 07:00 - 2009-07-14 00:13 - 000801002 _____ C:\Windows\system32\PerfStringBackup.INI
2023-09-25 07:00 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2023-09-25 06:55 - 2015-06-18 18:47 - 000000000 ____D C:\Users\Michael\AppData\Local\Dropbox
2023-09-25 06:55 - 2014-02-05 20:57 - 000000000 ____D C:\Users\Michael\AppData\Roaming\Dropbox
2023-09-25 06:54 - 2023-04-29 22:21 - 000000000 ____D C:\Users\Michael\AppData\Local\Malwarebytes
2023-09-25 06:53 - 2022-08-30 23:16 - 000000000 ____D C:\ProgramData\NVIDIA
2023-09-25 06:53 - 2014-02-05 13:44 - 000000074 _____ C:\Users\Michael\AppData\Roaming\sp_data.sys
2023-09-25 06:53 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-09-24 22:24 - 2021-07-20 22:23 - 000000000 ____D C:\Program Files (x86)\PowerENGAGE
2023-09-24 17:22 - 2023-05-04 17:22 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-09-24 13:18 - 2014-02-06 01:10 - 000000000 ____D C:\Users\Michael\AppData\Roaming\Microsoft\Excel
2023-09-20 22:07 - 2014-05-22 16:49 - 000000000 ____D C:\Users\Michael\AppData\Roaming\KeePass
2023-09-15 16:55 - 2014-04-09 12:22 - 000003628 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2023-09-15 16:55 - 2014-04-09 12:22 - 000003500 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2023-09-13 07:50 - 2015-06-18 18:47 - 000003912 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskUserS-1-5-21-3102418866-2490860267-4193198369-1000UA
2023-09-13 07:50 - 2015-06-18 18:47 - 000003516 _____ C:\Windows\system32\Tasks\DropboxUpdateTaskUserS-1-5-21-3102418866-2490860267-4193198369-1000Core
2023-09-13 07:37 - 2017-11-15 19:20 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-09-13 07:37 - 2016-12-19 10:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-09-12 17:19 - 2014-02-05 19:12 - 000000000 ____D C:\Windows\system32\MRT
2023-09-12 17:13 - 2014-02-05 19:12 - 177941912 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-09-09 13:07 - 2015-05-13 13:59 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-09-04 06:14 - 2014-02-06 09:59 - 000000000 ____D C:\Users\Michael\AppData\Roaming\Microsoft\Word
2023-09-02 21:05 - 2017-12-07 23:20 - 000000000 ____D C:\Users\Michael\Documents\ASUS
2023-09-02 21:05 - 2016-06-30 00:13 - 000000000 ____D C:\Users\Michael\Documents\samsung
2023-09-02 20:58 - 2019-02-16 07:27 - 000000000 ____D C:\Users\Michael\Documents\Family History
2023-08-31 19:22 - 2009-07-14 00:08 - 000032586 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2023-08-30 20:21 - 2016-12-01 22:19 - 000000000 ____D C:\Users\Michael\AppData\LocalLow\Mozilla
==================== Files in the root of some directories ========
2019-05-12 12:31 - 2019-05-12 12:31 - 000000260 _____ () C:\ProgramData\fontcacheev1.dat
2014-02-05 13:44 - 2023-09-25 06:53 - 000000074 _____ () C:\Users\Michael\AppData\Roaming\sp_data.sys
2014-03-20 22:54 - 2014-03-20 23:01 - 000004608 _____ () C:\Users\Michael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-03-15 01:32 - 2020-03-15 01:32 - 000000218 _____ () C:\Users\Michael\AppData\Local\recently-used.xbel
2020-03-15 01:29 - 2020-03-15 01:29 - 000000000 _____ () C:\Users\Michael\AppData\Local\zenmap.exe.log
2020-10-09 18:43 - 2020-10-09 18:43 - 000000000 _____ () C:\Users\Michael\AppData\Local\{5E736B2B-0FC3-479F-B4CD-238C5BE99D80}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2023-09-19 07:04
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-09-2023
Ran by Michael (25-09-2023 16:35:12)
Running from C:\Users\Michael\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X64) (2014-02-05 18:44:26)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3102418866-2490860267-4193198369-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-3102418866-2490860267-4193198369-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3102418866-2490860267-4193198369-1008 - Limited - Enabled)
Michael (S-1-5-21-3102418866-2490860267-4193198369-1000 - Administrator - Enabled) => C:\Users\Michael
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat X Standard (HKLM-x32\...\{AC76BA86-1033-0000-BA7E-000000000005}) (Version: 10.1.16 - Adobe Systems)
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version: - )
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.445 - Adobe)
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601052}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
Amazon.com Kindle Fire (HKLM\...\Kindle Fire Drivers) (Version: - )
Apple Mobile Device Support (HKLM\...\{74CC99EB-7DC0-4CB0-847A-F8C2FE39690C}) (Version: 14.5.0.7 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
AppLogLibSetup (HKLM-x32\...\{52FB0C8F-DF05-4C61-AEB6-18C55F8C385F}) (Version: 1.0.3.0 - Brother Industries Ltd.) Hidden
ASUS EA-N66 Ethernet Adapter Utilities (HKLM-x32\...\{58FC5E73-F03F-472A-A54B-C739F5ED92AA}) (Version: 1.0.1.0 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.13 - ASUS)
ASUS PC Link (HKLM-x32\...\{52AE8601-EA55-456E-80A9-7FB48E82CF81}_is1) (Version: 3.0.22.1029 - ASUSTEK)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.50 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0005 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.28 - ASUS)
ASUS Wireless Router Device Discovery Utility (HKLM-x32\...\{09CDCA35-23FF-4ED6-AFDA-BBD55235CE4B}) (Version: 1.4.7.4 - ASUS)
ASUS_ROG_THEME (HKLM-x32\...\ASUS_ROG_THEME) (Version: 1.00.14 - ASUSTeK Computer Inc.)
ASUSDVD (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5710.52 - CyberLink Corp.) Hidden
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5710.52 - CyberLink Corp.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0027 - ASUS)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BrLauncher (HKLM-x32\...\{9D02508E-D7FF-4DC4-B423-B4C2AD42FAC5}) (Version: 2.0.27.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{42D72ABA-773E-467A-8A64-4765E990EB75}) (Version: 9.0.0.123 - Brother Industries, Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{85f204b0-595c-4801-8648-a69062f9ce1b}) (Version: 9.0.0.123 - Brother Industries, Ltd.)
Brother MFL-Pro Suite MFC-J630W (HKLM-x32\...\{7FB6B1B7-075B-4B7F-BEB6-97584F73C7B5}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Brother PCFax Driver (HKLM-x32\...\{79262B43-9E15-4732-A034-BFD29D9BD077}) (Version: 1.4.1.0 - Brother Industries Ltd.) Hidden
Brother PowerENGAGE (HKLM-x32\...\{3CE8B8E8-B33B-453C-BB7A-821ED6E18A24}) (Version: 1.0.27 - Aviata, Inc.)
Brother Printer Driver (HKLM-x32\...\{3D44B9C0-A8DB-44EA-8116-2C9175761AB9}) (Version: 1.1.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{0ADE92BE-F42E-4F37-9578-595291FA18E4}) (Version: 1.0.11.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{8B58D1A2-DFAD-4069-A0C0-7FD272B68BB3}) (Version: 1.0.30.0 - Brother Industries Ltd.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.11 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink LabelPrint 2.5 (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5415 - CyberLink Corp.) Hidden
CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5415 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.3625 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.3625 - CyberLink Corp.)
Dropbox (HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\...\Dropbox) (Version: 183.4.7058 - Dropbox, Inc.)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
EaseUS Tools M Beta 0.8.0 (HKLM-x32\...\D72C2F7D-B75E-4641-AFBE-199B95066617_is1) (Version: - EaseUS)
ETDWare PS/2-X64 11.5.8.3_WHQL (HKLM\...\Elantech) (Version: 11.5.8.3 - ELAN Microelectronic Corp.)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.3 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.120 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
HP Photosmart 6510 series Basic Device Software (HKLM\...\{1952AED6-2908-418F-B9D8-AC359651F92D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HttpToUsbBridge (HKLM-x32\...\{2316FF8E-7DEC-4EB9-A50D-64C304A25469}) (Version: 1.5.30.1 - Brother Industries Ltd.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.0.1066 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{5EB368A4-562A-41B6-A5B3-06054A27F5A6}) (Version: 12.5.0.1066 - Intel Corporation) Hidden
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{44B72151-611E-429D-9765-9BA093D7E48A}) (Version: 1.27.798.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{E6FF3475-A35E-481F-8A8E-3D73CF3A30A1}) (Version: 12.10.11.2 - Apple Inc.)
Jewel Quest (HKLM-x32\...\110194827) (Version: - Oberon Media)
KeePass Password Safe 2.53.1 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.53.1 - Dominik Reichl)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Logitech SetPoint 6.69 (HKLM\...\sp6) (Version: 6.69.123 - Logitech)
Macrium Reflect Home Edition (HKLM\...\{8D8420DD-5BA4-4F17-9397-7AB2082F4C78}) (Version: 6.3.1855 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Home Edition (HKLM\...\MacriumReflect) (Version: 6.3 - Paramount Software (UK) Ltd.)
Malwarebytes version 4.6.2.281 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.2.281 - Malwarebytes)
Microsoft .NET Framework 4.8 (HKLM\...\{16735AF7-1D8D-3681-94A5-C578A61EC832}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Fix it Center (HKLM\...\{B7588D45-AFDC-4C93-9E2E-A100F3554B64}) (Version: 1.0.0100 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (HKLM-x32\...\{90140000-0015-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (HKLM-x32\...\{90140000-0117-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (HKLM-x32\...\{90140000-0016-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (HKLM-x32\...\{90140000-00BA-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (HKLM-x32\...\{90140000-0044-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (HKLM-x32\...\{90140000-00A1-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (HKLM-x32\...\{90140000-002C-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (HKLM-x32\...\{90140000-0019-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (HKLM\...\{90140000-002A-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (HKLM\...\{90140000-0116-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (HKLM-x32\...\{90140000-0115-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (HKLM-x32\...\{90140000-001B-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (HKLM\...\{2AA3C13E-0531-41B8-AE48-AE28C940A809}) (Version: 4.10.0209.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24212 (HKLM\...\{F20396E5-D84E-3505-A7A8-7358F0155F6C}) (Version: 14.0.24212 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24212 (HKLM\...\{FAAD7243-0141-3987-AA2F-E56B20F80E41}) (Version: 14.0.24212 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23026 (HKLM-x32\...\{BE960C1C-7BAD-3DE6-8B1A-2616FE532845}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23026 (HKLM-x32\...\{A2563E55-3BEC-3828-8D67-E5E8B9E8B675}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox ESR (x64 en-US) (HKLM\...\Mozilla Firefox 115.2.1 ESR (x64 en-US)) (Version: 115.2.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 103.0 - Mozilla)
Mozilla Thunderbird (x64 en-US) (HKLM\...\Mozilla Thunderbird 102.6.1 (x64 en-US)) (Version: 102.6.1 - Mozilla)
MyHarmony (HKLM-x32\...\{2AD8F8A1-ECE5-4890-BCC2-B4396370A0D4}) (Version: 1.0.308 - Logitech)
Nmap 7.80 (HKLM-x32\...\Nmap) (Version: 7.80 - Nmap Project)
Npcap 0.9982 (HKLM-x32\...\NpcapInst) (Version: 0.9982 - Nmap Project)
NVIDIA 3D Vision Driver 425.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 425.31 - NVIDIA Corporation)
NVIDIA Graphics Driver 425.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 425.31 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.13 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.13.7500 - NVIDIA Corporation) Hidden
Package: SkipSoft ULTIMATE Drivers (HKLM-x32\...\SkipSoftULTIMATEDrivers29) (Version: 1.0.0.0 - SkipSoft Ltd)
PC-FAXReceive (HKLM-x32\...\{56D227E7-9A8E-4EFC-8401-1FFFF7DBA13B}) (Version: 1.8.421.0 - Brother Industries, Ltd.) Hidden
PCFaxTx (HKLM-x32\...\{4A924D32-17F1-4EFC-B2D8-BBCF1BC6E26C}) (Version: 3.7.15.1 - Brother Industries Ltd.) Hidden
PowerENGAGE (HKLM-x32\...\{400A01BF-E908-4393-BD39-31E386377BDA}) (Version: 3.2.16 - Aviata, Inc.) Hidden
Qualcomm Atheros Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0033 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8117 - Realtek Semiconductor Corp.)
Recuva (HKLM-x32\...\Recuva) (Version: 1.43 - Piriform)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.0 - Samsung)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.43.0 - Samsung Electronics Co., Ltd.)
ScannerUtilityInstaller (HKLM-x32\...\{D65C0754-7790-427F-AD73-D7C644260F57}) (Version: 1.19.9.1 - Brother) Hidden
SD Card Formatter (HKLM-x32\...\{10C16E01-F739-4093-89A7-E570589FA0F6}) (Version: 5.0.0 - SD Association)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{8C5A05B6-FF56-480F-A0E6-9F4BCA4B4CAC}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{E4D76E88-C65F-4003-9C71-EC4306679D17}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{03AE1408-7BF1-4AC6-A327-E32E7799BCE4}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{945F1D43-451D-4383-9BBE-241F37950B15}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{03AE1408-7BF1-4AC6-A327-E32E7799BCE4}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17102.8 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17102.8 - Samsung Electronics Co., Ltd.)
SoftwareUpdateNotification (HKLM-x32\...\{E28A6F15-BFBE-4D20-8B5F-6EABAA1E545E}) (Version: 1.0.14.0 - Brother Industries, Ltd.) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
Speedtest by Ookla (HKLM\...\{2F376A46-C44C-4500-8CF3-1086F7000AF9}) (Version: 1.4.53.001 - Ookla)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.3500 - Broadcom Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{3577E42B-3347-4EB8-BFDA-D36E8ED3C519}) (Version: 1.0.24.0 - Microsoft Corporation)
Windows Driver Package - Amazon.com (WinUSB) KindleFireUsbDeviceClass (08/20/2012 1.0.0000.00000) (HKLM\...\289137531F7C014BF296EFFBFC7E3748A293FEE9) (Version: 08/20/2012 1.0.0000.00000 - Amazon.com)
Windows Driver Package - Lexmark International Printer (07/27/2012 2.7.0.0) (HKLM\...\461FA048C1DAB533F4206DDC4886D54BBD2CA3FB) (Version: 07/27/2012 2.7.0.0 - Lexmark International)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.27 - ASUS)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3102418866-2490860267-4193198369-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3102418866-2490860267-4193198369-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll (Google Inc -> Google Inc.)
CustomCLSID: HKU\S-1-5-21-3102418866-2490860267-4193198369-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Michael\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll (Google Inc -> Google Inc.)
SSODL-x32: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\Windows\SysWOW64\shell32.dll (Microsoft Windows -> Microsoft Corporation)
SSODL-x32: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\Windows\SysWOW64\shell32.dll (Microsoft Windows -> Microsoft Corporation)
SSODL-x32: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\Windows\SysWOW64\stobject.dll (Microsoft Windows -> Microsoft Corporation)
SSODL-x32: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\SysWOW64\wpdshserviceobj.dll (Microsoft Windows -> Microsoft Corporation)
ShellServiceObjects-x32: No Name -> {E6FB5E20-DE35-11CF-9C87-00AA005127ED} =>
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6671064 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt.61.0.dll -> No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt.61.0.dll -> No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt.61.0.dll -> No File
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt.61.0.dll -> No File
ShellIconOverlayIdentifiers: [OODIIcon] -> {14A94384-BBED-47ed-86C0-6BF63FD892D0} => D:\Program Files\Laplink\Laplink DiskImage\oodishi.dll [2010-05-27] (Laplink Software -> O&O Software GmbH)
ShellIconOverlayIdentifiers-x32-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt.61.0.dll -> No File
ShellIconOverlayIdentifiers-x32-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt.61.0.dll -> No File
ShellIconOverlayIdentifiers-x32-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt.61.0.dll -> No File
ContextMenuHandlers1: [7-Zip] -> [CC]{23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> [CC]{D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => -> No File
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ReflectShellExt] -> [CC]{DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => -> No File
ContextMenuHandlers1: [TeraCopy] -> [CC]{A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => -> No File
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers2: [OODIDismount] -> [CC]{5B036813-4E35-4421-ADCB-E06925C7A7ED} => -> No File
ContextMenuHandlers2: [ReflectShellExt] -> [CC]{DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => -> No File
ContextMenuHandlers2: [TeraCopy] -> [CC]{A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-05] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> [CC]{23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [TeraCopy] -> [CC]{A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => -> No File
ContextMenuHandlers4: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers4: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2019-04-09] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> [CC]{23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => d:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-05] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [TeraCopy] -> [CC]{A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => -> No File
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1_S-1-5-21-3102418866-2490860267-4193198369-1000-x32: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt.61.0.dll -> No File
ContextMenuHandlers4_S-1-5-21-3102418866-2490860267-4193198369-1000-x32: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt.61.0.dll -> No File
ContextMenuHandlers5_S-1-5-21-3102418866-2490860267-4193198369-1000-x32: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Michael\AppData\Roaming\Dropbox\bin\DropboxExt.61.0.dll -> No File
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [msacm.divxa32] => DivXa32.acm
HKLM\...\Drivers32-x32: [msacm.lameacm] => LameACM.acm
HKLM\...\Drivers32-x32: [msacm.msaudio1] => msaud32.acm
HKLM\...\Drivers32-x32: [msacm.msg723] => msg723.acm
HKLM\...\Drivers32-x32: [msacm.rhetorex] => rhetorex.acm
HKLM\...\Drivers32-x32: [msacm.trspch] => tssoft32.acm
HKLM\...\Drivers32-x32: [vidc.divx] => divx.dll
HKLM\...\Drivers32-x32: [vidc.ffds] => ff_vfw.dll
HKLM\...\Drivers32: [vidc.iv31] => C:\Windows\SysWOW64\ir32_32.dll [197632 2009-07-13] (Microsoft Windows -> Intel® Corporation)
HKLM\...\Drivers32: [vidc.iv32] => C:\Windows\SysWOW64\ir32_32.dll [197632 2009-07-13] (Microsoft Windows -> Intel® Corporation)
HKLM\...\Drivers32: [vidc.iv41] => C:\Windows\SysWOW64\ir41_32.ax [839680 2009-07-13] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [vidc.iv50] => C:\Windows\SysWOW64\ir50_32.dll [746496 2009-07-13] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32-x32: [vidc.M261] => msh261.drv
HKLM\...\Drivers32-x32: [vidc.M263] => msh263.drv
HKLM\...\Drivers32-x32: [vidc.tscc] => d\WINDOWS\system32\tsccvid.dll
HKLM\...\Drivers32-x32: [vidc.vp60] => vp6vfw.dll
HKLM\...\Drivers32-x32: [vidc.vp61] => vp6vfw.dll
HKLM\...\Drivers32-x32: [vidc.vp62] => vp6vfw.dll
HKLM\...\Drivers32-x32: [vidc.xvid] => xvidvfw.dll
HKLM\...\Drivers32-x32: [vidc.yv12] => divx.dll
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GWX Control Panel\GWX Control Panel User Guide.lnk -> hxxp://blog.ultimateoutsider.com/2015/08/using-gwx-stopper-to-permanently-remove.htm
Shortcut: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GWX Control Panel\Ultimate Outsider Downloads.lnk -> hxxp://ultimateoutsider.com/downloads
ShortcutWithArgument: C:\Users\Michael\Desktop\Jewel Quest.lnk -> C:\ProgramData\Oberon Media\Channels\110341560\4.0.0.0\Launcher.exe (Oberon Media) -> /Name="Jewel Quest" /sku=110194827 /url=hxxp://www.iplay.com/client/launcher/4.0.0.0/launcher_page.jsp /Channel="110341560"
ShortcutWithArgument: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Iplay\Jewel Quest\Jewel Quest.lnk -> C:\ProgramData\Oberon Media\Channels\110341560\4.0.0.0\Launcher.exe (Oberon Media) -> /Name="Jewel Quest" /sku=110194827 /url=hxxp://www.iplay.com/client/launcher/4.0.0.0/launcher_page.jsp /Channel="110341560"
ShortcutWithArgument: C:\Users\Michael\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Michael\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Miztrniceguy - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"
==================== Loaded Modules (Whitelisted) =============
2012-01-31 12:25 - 2012-01-31 12:25 - 001163264 _____ () [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2014-02-26 19:23 - 2019-09-26 16:19 - 000121344 _____ () [File not signed] C:\Windows\system32\BrNetSti.dll
2012-01-31 12:25 - 2012-01-31 12:25 - 000080384 _____ (ACTIONTEC Electronics,Inc) [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL
2012-01-31 12:25 - 2012-01-31 12:25 - 000036864 _____ (ATK) [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll
2014-02-26 19:23 - 2008-07-23 11:00 - 000008192 _____ (Brother Industries Ltd.) [File not signed] C:\Windows\system32\spool\DRIVERS\x64\3\BRLFXA5B.DLL
2014-02-26 19:23 - 2008-07-23 11:00 - 000216064 _____ (Brother Industries Ltd.) [File not signed] C:\Windows\system32\spool\DRIVERS\x64\3\BRUFXA5B.dll
2012-01-31 12:25 - 2012-01-31 12:25 - 002891264 _____ (FreeImage) [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\FreeImage.dll
2013-03-22 11:38 - 2013-03-22 11:38 - 000286720 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll
2014-01-29 16:56 - 2013-04-26 07:24 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2013-03-22 11:38 - 2013-03-22 11:38 - 000531456 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll
2014-02-05 22:38 - 2014-02-05 22:38 - 000225280 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2012-01-31 12:25 - 2012-01-31 12:25 - 000331776 _____ (Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\RtlLib.dll
2012-01-31 12:25 - 2012-01-31 12:25 - 000200704 _____ (Realtek) [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\IpLib.dll
2012-01-31 12:25 - 2012-01-31 12:25 - 000303104 _____ (Silicon Integrated Systems Corp.) [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll
2012-01-31 12:25 - 2012-01-31 12:25 - 001069056 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\Wireless Console 3\LIBEAY32.dll
2012-11-26 15:14 - 2012-11-26 15:14 - 001600000 _____ (TODO: <Company name>) [File not signed] c:\Program Files (x86)\ASUS\Splendid\Alb_ASUSLib.dll
2013-01-29 12:53 - 2013-01-29 12:53 - 006221824 _____ (TODO: <Company name>) [File not signed] c:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:23E3D912 [144]
AlternateDataStreams: C:\ProgramData\Temp:2EAD18C2 [742]
AlternateDataStreams: C:\ProgramData\Temp:718F6FF0 [165]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\11629450.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\11629450.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*hxxp://www.yahoo.com
HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?gws_rd=ssl
HKU\S-1-5-21-3102418866-2490860267-4193198369-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3102418866-2490860267-4193198369-1000 -> {F28685F4-B136-4735-B105-E26AD8739DCE} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
SearchScopes: HKU\S-1-5-21-3102418866-2490860267-4193198369-500 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2019-01-29] (Logitech Inc -> Logitech, Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2019-01-29] (Logitech Inc -> Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
IE Session Restore: HKU\S-1-5-21-3102418866-2490860267-4193198369-1000 -> is enabled.
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: HKLM-x32 {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1311956158140
DPF: HKLM-x32 {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1345005854921
DPF: HKLM-x32 {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} hxxp://das.microsoft.com/activate/cab/x86/i486/NTANSI/retail/DASAct.cab
DPF: HKLM-x32 {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\...\123simsen.com -> www.123simsen.com
There are 7867 more sites.
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-500\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-500\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-500\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-500\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-500\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-500\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-500\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-500\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-500\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-500\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-500\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-500\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-500\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-500\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-500\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-500\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-500\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-500\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-500\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3102418866-2490860267-4193198369-500\...\123simsen.com -> www.123simsen.com
There are 7864 more sites.
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2009-06-10 16:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
2018-01-22 07:07 - 2018-01-22 07:16 - 000000375 _____ C:\Windows\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Windows\System32;C:\adb;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-3102418866-2490860267-4193198369-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3102418866-2490860267-4193198369-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.50.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\software\wow6432node\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName4 -> h323.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^iPSNotifier.lnk => C:\Windows\pss\iPSNotifier.lnk.CommonStartup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: BCSSync => "D:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BrotherSoftwareUpdateNotification => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe /Autorun
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: CLMLServer => "c:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: ControlCenter3 => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
MSCONFIG\startupreg: EaseUS FixTool => "C:\Program Files (x86)\EaseUS\EaseUS Tools M\bin\UpdateExe.exe" autostart
MSCONFIG\startupreg: GwxControlPanelMonitor => "d:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe" /traymode
MSCONFIG\startupreg: HP Photosmart 6510 series (NET) => "C:\Program Files\HP\HP Photosmart 6510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN19S421WM05QB:NW" -scfn "HP Photosmart 6510 series (NET)" -AutoStart 1
MSCONFIG\startupreg: iTunesHelper => "D:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesAirMessage => D:\Program Files\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => D:\Program Files\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => D:\Program Files\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: OODITRAY.EXE => D:\Program Files\Laplink\Laplink DiskImage\ooditray.exe
MSCONFIG\startupreg: RemoteControl10 => "d:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: WinPatrol => D:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{DEC8D687-7F65-4F50-BA39-E0481C1BFE26}] => (Allow) C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{5730B341-26A6-4C3D-A841-F2DF89F9E018}] => (Allow) C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [TCP Query User{12466116-22AA-449F-8043-1AF9C906DB29}C:\users\michael\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\michael\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [UDP Query User{CE1191D1-5201-4D84-A56C-397F688151AC}C:\users\michael\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\michael\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{47B8D8DC-4DA4-4B67-B95E-A9C7CB3AD107}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10c\FAXRX.exe (Brother Industries Ltd.) [File not signed]
FirewallRules: [{98D609A5-EC5F-426C-85BA-AB6A0DF5A57E}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10c\FAXRX.exe (Brother Industries Ltd.) [File not signed]
FirewallRules: [{8CE28AC7-8BBB-4989-98F5-7190EFBB4881}] => (Allow) LPort=54925
FirewallRules: [{2966749F-9229-4C0D-BB20-56A62E77AC23}] => (Allow) C:\Program Files (x86)\ASUS\EA-N66 Ethernet Adapter Utilities\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{4E7859F6-620B-4972-BEA5-45A72EB4DA67}] => (Allow) C:\Program Files (x86)\ASUS\EA-N66 Ethernet Adapter Utilities\Discovery.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{AD4E6BDE-80BC-43BC-A635-184BA6FF0266}] => (Allow) C:\Program Files (x86)\ASUS\EA-N66 Ethernet Adapter Utilities\Rescue.exe (ASUSTek COMPUTER INC.) [File not signed]
FirewallRules: [{F644F075-CF4C-4A3F-BA4A-E50FCB5E2BE3}] => (Allow) C:\Program Files (x86)\ASUS\EA-N66 Ethernet Adapter Utilities\Rescue.exe (ASUSTek COMPUTER INC.) [File not signed]
FirewallRules: [{A6D61D89-DBEF-46A4-ACFD-55FE8444CD99}] => (Allow) C:\Program Files (x86)\ASUS\PC Link\PCLinkService.exe (ASUSTeK Computer Inc. -> ASUS) [File not signed]
FirewallRules: [{0E0E574F-4A8B-4C4D-BC95-50A42AD2019B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{A6ED8A7D-AC78-474B-AA93-8F51621183A8}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{93938924-29E4-4D8F-BC3D-C8ECAC8FCA86}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{42A2524A-F1D4-4A22-B9B9-3872FD742FF2}] => (Allow) C:\Program Files\HP\HP Photosmart 6510 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{F7C39A0D-84A7-4866-9379-8E73CDEEB421}] => (Allow) C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{D5195731-6A89-4D06-8A39-D1E5F67110CC}] => (Allow) C:\Program Files\HP\HP Photosmart 6510 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{E79DD516-586E-44D7-BC90-2887C02155B0}] => (Allow) D:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{3DB73B26-0E01-49E8-A8FB-20EBD4C59AE1}] => (Allow) D:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{B3340A11-0BF1-4489-9E10-106E2A330C48}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3633B0A1-6B75-438B-9275-545E759479AD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{ED4C1548-6633-43A4-ABBB-8F1F0DEE9D87}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6597B9C5-C163-4293-A726-3844E54CCAD5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4E2B87FB-4A74-4834-BDA5-75EFDA290AA5}] => (Allow) D:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BF7DF26C-BBBF-4237-B8A8-42D47D8E5C27}] => (Allow) LPort=54925
FirewallRules: [{2740147A-351C-4688-A83C-1C6B6C0C90D3}] => (Allow) LPort=54950
FirewallRules: [{84F025F9-866A-4DFA-BFC4-3D6B928D251A}] => (Allow) LPort=54955
FirewallRules: [{1BAA1F32-1D21-4BC3-B83C-B9902E247B64}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe (Brother Industries, Ltd. -> Brother Industries, Ltd.)
FirewallRules: [{AC1EFAA7-811C-4B9F-942A-E8B19E58E880}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe (Brother Industries, Ltd. -> Brother Industries, Ltd.)
FirewallRules: [{80739E01-E5E7-4CCA-BFC4-DC7B3FFD8C07}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
Name: Bluetooth Module
Description: Bluetooth Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (09/25/2023 04:24:01 PM) (Source: MsiInstaller) (EventID: 11706) (User: Michaels-ROG)
Description: Product: PowerENGAGE -- Error 1706. An installation package for the product PowerENGAGE cannot be found. Try the installation again using a valid copy of the installation package 'PowerENGAGE-3.2.16.msi'.
Error: (09/25/2023 10:23:56 AM) (Source: MsiInstaller) (EventID: 11706) (User: Michaels-ROG)
Description: Product: PowerENGAGE -- Error 1706. An installation package for the product PowerENGAGE cannot be found. Try the installation again using a valid copy of the installation package 'PowerENGAGE-3.2.16.msi'.
Error: (09/25/2023 07:03:29 AM) (Source: MsiInstaller) (EventID: 11706) (User: Michaels-ROG)
Description: Product: PowerENGAGE -- Error 1706. An installation package for the product PowerENGAGE cannot be found. Try the installation again using a valid copy of the installation package 'PowerENGAGE-3.2.16.msi'.
Error: (09/25/2023 06:55:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (09/25/2023 06:53:28 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.
Error: (09/25/2023 06:53:28 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...
Error: (09/25/2023 06:53:28 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
Error: (09/25/2023 06:53:28 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...
System errors:
=============
Error: (09/25/2023 04:38:52 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} did not register with DCOM within the required timeout.
Error: (09/25/2023 03:56:15 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (09/25/2023 03:56:15 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (09/25/2023 03:53:32 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (09/25/2023 03:53:32 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (09/25/2023 02:53:39 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (09/25/2023 02:53:39 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (09/25/2023 02:53:32 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
==================== Memory info ===========================
BIOS: American Megatrends Inc. G750JW.210 12/11/2013
Motherboard: ASUSTeK COMPUTER INC. G750JW
Processor: Intel® Core i7-4700HQ CPU @ 2.40GHz
Percentage of memory in use: 65%
Total physical RAM: 16333.51 MB
Available physical RAM: 5611.86 MB
Total Virtual: 32665.16 MB
Available Virtual: 14760.66 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:465.76 GB) (Free:292.46 GB) (Model: ATA Samsung SSD 850 SCSI Disk Device) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:674.28 GB) (Model: ATA ST1000LM024 HN-M SCSI Disk Device) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 18BD372B)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 41D98A57)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================