HP Pavilion Laptop – lots of HDD activity & very slow

We have a laptop that for several months has become so slow that it is almost not worth using.  I’ve searched for Malware & viruses etc but haven’t managed to find anything.  There are no popups happening just lots of drive activity for 3 hours or so after its turned on and things running incredibly slow (lots of not responding msgs)

 

I now need some help to see if we can get this laptop running better.

 

Any help you can provide would be greatly appreciated.  You have helped me in the past and I really appreciate your time.

 

Below are the results of the FRST scans

 

Thanks again

Mike

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-12-2021

Ran by Rob (administrator) on MARKWELLKENNELS (Hewlett-Packard HP Pavilion 15 Notebook PC) (05-12-2021 17:13:09)

Running from C:UsersRobDownloads

Loaded Profiles: Rob

Platform: Microsoft Windows 10 Home Version 21H1 19043.1348 (X64) Language: English (United States)

Default browser: IE

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Adlice -> ) C:Program FilesRogueKillerRogueKiller64.exe

(Adlice -> ) C:Program FilesRogueKillerRogueKillerSvc.exe

(Adobe Inc. -> Adobe Inc.) C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe

(Adobe Inc. -> Adobe Inc.) C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe

(Advanced Micro Devices, Inc. -> ) C:Program FilesATI TechnologiesATI.ACEa4AdaptiveSleepService.exe

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:Program FilesAMDCNextCNextamdow.exe

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:Program FilesAMDCNextCNextAMDRSServ.exe

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:Program FilesAMDCNextCNextRadeonSoftware.exe

(Advanced Micro Devices, Inc. -> AMD) C:WindowsSystem32DriverStoreFileRepositoryc0360470.inf_amd64_b06c374aee20d185B360357atieclxx.exe

(Advanced Micro Devices, Inc. -> AMD) C:WindowsSystem32DriverStoreFileRepositoryc0360470.inf_amd64_b06c374aee20d185B360357atiesrxx.exe

(Andrea Electronics -> Andrea Electronics Corporation) C:Program FilesRealtekAudioHDAAERTSr64.exe

(Apple Inc. -> Apple Inc.) C:Program FilesBonjourmDNSResponder.exe

(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAntivirusaswEngSrv.exe

(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAntivirusaswidsagent.exe

(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAntivirusAvBugReport.exe

(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAntivirusAvEmUpdate.exe

(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAntivirusAVGSvc.exe

(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAntivirusavgToolsSvc.exe

(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAntivirusAVGUI.exe <4>

(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:Program Files (x86)AVGAntiviruswsc_proxy.exe

(AVG Technologies USA, LLC -> AVG Technologies) C:Program FilesCommon FilesAVGOverseeroverseer.exe

(Brother Industries, Ltd.) [File not signed] C:Program Files (x86)Browny02BrotherBrStMonW.exe

(Brother Industries, Ltd.) [File not signed] C:Program Files (x86)Browny02BrYNSvc.exe

(CyberLink -> CyberLink Corp.) C:Program Files (x86)CyberLinkPower2Go8CLVDLauncher.exe

(CyberLink -> CyberLink Corp.) C:Program Files (x86)CyberLinkPowerDVD10PDVD10Serv.exe

(CyberLink -> CyberLink) C:Program Files (x86)CyberLinkPower2Go8CLMLSvc_P2G8.exe

(CyberLink -> CyberLink) C:Program Files (x86)CyberLinkYouCamYCMMirage.exe

(Dropbox, Inc -> Dropbox, Inc.) C:UsersRobAppDataLocalDropboxUpdateDropboxUpdate.exe

(Google Inc -> Google Inc.) C:Program Files (x86)GoogleUpdateGoogleUpdate.exe <3>

(Google Inc -> Google Inc.) C:UsersRobAppDataLocalGoogleUpdateGoogleUpdate.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleChromeApplicationchrome.exe <13>

(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.112GoogleCrashHandler.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleUpdate1.3.36.112GoogleCrashHandler64.exe

(Google LLC -> Google) C:UsersRobAppDataLocalGoogleChromeUser DataSwReporter93.269.200software_reporter_tool.exe <2>

(Hewlett-Packard Company -> Hewlett-Packard Company) C:Program Files (x86)Hewlett-PackardSharedhpqWmiEx.exe

(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:Program Files (x86)Hewlett-PackardHP CoolSenseCoolSense.exe

(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:Program Files (x86)Hewlett-PackardHP System EventHPMSGSVC.exe

(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:Program Files (x86)Hewlett-PackardHP System EventHPWMISVC.exe

(Microsoft Corporation -> Microsoft Corporation) C:Program Files (x86)MicrosoftEdgeUpdateMicrosoftEdgeUpdate.exe <5>

(Microsoft Corporation -> Microsoft Corporation) C:Program FilesMicrosoft Office 15ClientX64officec2rclient.exe

(Microsoft Corporation -> Microsoft Corporation) C:Program FilesMicrosoft Office 15ClientX64officeclicktorun.exe

(Microsoft Corporation -> Microsoft Corporation) C:Program FilesMicrosoft Office 15rootoffice15msoia.exe <2>

(Microsoft Corporation -> Microsoft Corporation) C:UsersRobAppDataLocalMicrosoftOneDriveOneDriveStandaloneUpdater.exe

(Microsoft Corporation) C:Program FilesWindowsAppsmicrosoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbweHxTsr.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsImmersiveControlPanelSystemSettings.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32CompatTelRunner.exe <2>

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32DeviceCensus.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe <3>

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32MoUsoCoreWorker.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32MusNotification.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32rundll32.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSysWOW64dllhost.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:Program FilesWindows DefenderMpCmdRun.exe

(Realtek Semiconductor Corp -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARAVBg64.exe <2>

(Realtek Semiconductor Corp -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARtkAudioService64.exe

(Realtek Semiconductor Corp -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARtkNGUI64.exe

(Softland S.R.L. -> Softland) C:Program Files (x86)SoftlandBackup4all Professional 4Backup4all.exe <2>

(Synaptics Incorporated -> Synaptics Incorporated) C:Program FilesSynapticsSynTPSynTPEnh.exe

(Synaptics Incorporated -> Synaptics Incorporated) C:Program FilesSynapticsSynTPSynTPEnhService.exe

(Synaptics Incorporated -> Synaptics Incorporated) C:Program FilesSynapticsSynTPSynTPHelper.exe

(TeamViewer -> TeamViewer GmbH) C:Program Files (x86)TeamViewerVersion9TeamViewer_Service.exe

 

==================== Registry (Whitelisted) ===================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM…Run: [RTHDVCPL] => C:Program FilesRealtekAudioHDARtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)

HKLM…Run: [RtHDVBg] => C:Program FilesRealtekAudioHDARAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)

HKLM…Run: [AVGUI.exe] => C:Program Files (x86)AVGAntivirusAvLaunch.exe [168376 2021-11-09] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

HKLM-x32…Run: [RemoteControl10] => C:Program Files (x86)CyberLinkPowerDVD10PDVD10Serv.exe [93296 2012-07-14] (CyberLink -> CyberLink Corp.)

HKLM-x32…Run: [HPMessageService] => C:Program Files (x86)Hewlett-PackardHP System EventHPMSGSVC.exe [1045304 2013-02-26] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)

HKLM-x32…Run: [HP CoolSense] => C:Program Files (x86)Hewlett-PackardHP CoolSenseCoolSense.exe [1343904 2012-11-06] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)

HKLM-x32…Run: [BrStsMon00] => C:Program Files (x86)Browny02BrotherBrStMonW.exe [4513792 2013-12-19] (Brother Industries, Ltd.) [File not signed]

HKUS-1-5-21-3870363634-1779439790-3996191095-1002…Run: [Google Update] => C:UsersRobAppDataLocalGoogleUpdate1.3.36.112GoogleUpdateCore.exe [223816 2021-10-01] (Google LLC -> Google LLC)

HKUS-1-5-21-3870363634-1779439790-3996191095-1002…Run: [Dropbox Update] => C:UsersRobAppDataLocalDropboxUpdateDropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)

HKLM…PrintMonitorsHP Universal Port Monitor: C:WINDOWSsystem32hpbprtmon.dll [365568 2012-12-02] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)

HKLMSoftwareWow6432NodeMicrosoftActive SetupInstalled Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program Files (x86)GoogleChromeApplication96.0.4664.45Installerchrmstp.exe [2021-11-15] (Google LLC -> Google LLC)

Startup: C:UsersRobAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupAutenticacao.gov.pt.lnk [2021-03-04]

ShortcutTarget: Autenticacao.gov.pt.lnk -> C:Program Files (x86)plugin Autenticacao.GovAutenticacao.gov.pt.exe (No File)

Startup: C:UsersRobAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupDropbox.lnk [2021-11-13]

ShortcutTarget: Dropbox.lnk -> C:UsersRobAppDataRoamingDropboxbinDropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

HKLMSOFTWAREPoliciesMozillaFirefox: Restriction <==== ATTENTION

HKLMSOFTWAREPoliciesGoogle: Restriction <==== ATTENTION

 

==================== Scheduled Tasks (Whitelisted) ============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {0862A5B9-75F4-46F3-A246-3465276DED48} – System32Tasksb4a_Document Backup => C:Program Files (x86)SoftlandBackup4all Professional 4b4aSchedStarter.exe [2699112 2012-05-03] (Softland S.R.L. -> Softland)

Task: {094CD275-5C71-4753-B57E-5566CA859498} – System32TasksMicrosoftWindowsSideShowAutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}

Task: {0F6DBBD1-1FA5-490B-A482-1F43FCC689E6} – System32TasksMicrosoftWindowsSideShowSystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}

Task: {14DCE96F-0835-4502-8463-EA84A16E5A17} – System32TasksStartCN => C:Program FilesAMDCNextCNextcncmd.exe [61624 2020-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

Task: {1AAA7E35-C064-40A7-BE3A-8BF7BD3F0159} – System32TasksStartDVR => C:Program FilesAMDCNextCNextRSServCmd.exe [69304 2020-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

Task: {28798160-0CEB-4D62-9B0B-E307C5270868} – System32TasksBackup4all Professional 4_Rob => C:Program Files (x86)SoftlandBackup4all Professional 4Backup4all.exe [7034728 2012-05-03] (Softland S.R.L. -> Softland)

Task: {299E2BDF-EB0A-4878-AD06-4723C2E66A3F} – System32TasksAntivirus Emergency Update => C:Program Files (x86)AVGAntivirusAvEmUpdate.exe [5008312 2021-11-09] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} – System32TasksMicrosoftWindowsWorkplace JoinAutomatic-Workplace-Join => C:WINDOWSSystem32AutoWorkplace.exe join (No File)

Task: {38C9A796-198F-49A0-AF01-ACCE7F44A344} – System32TasksHewlett-PackardHP Support AssistantHP Support Assistant Quick Start => C:Program Files (x86)Hewlett-PackardHP Support FrameworkHPSF.exe [525728 2012-09-27] (Hewlett-Packard Company -> Hewlett-Packard Company)

Task: {3A2F8F7F-2AFD-433B-BC94-6D72BDFDF3D8} – System32TasksGoogleUpdateTaskUserS-1-5-21-3870363634-1779439790-3996191095-1002Core => C:UsersRobAppDataLocalGoogleUpdateGoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)

Task: {421A5DAF-3AD8-41B0-8786-0AC77AD0F49D} – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)

Task: {48D80FDC-8F88-4A62-A71D-0F2236270D80} – System32TasksAVGOverseer => C:Program FilesCommon FilesAVGOverseeroverseer.exe [1821968 2021-05-01] (AVG Technologies USA, LLC -> AVG Technologies)

Task: {55CF6402-2D53-4407-99C6-A4CA66E83B22} – System32TasksGoogleUpdateTaskUserS-1-5-21-3870363634-1779439790-3996191095-1002UA1d2583f12ea470a => C:UsersRobAppDataLocalGoogleUpdateGoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)

Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} – System32TasksMicrosoftWindowsSkyDriveIdle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Task: {7901F3E9-6508-4D32-9622-61C208A69677} – System32TasksMicrosoftOfficeOfficeTelemetryAgentFallBack => C:Program FilesMicrosoft Office 15rootOffice15msoia.exe [286088 2020-06-19] (Microsoft Corporation -> Microsoft Corporation)

Task: {7AC9FDC4-D3ED-416F-A7E0-C052B08ED0B1} – System32TasksSynaptics TouchPad Enhancements => Program FilesSynapticsSynTPSynTPEnh.exe [4179040 2016-12-27] (Synaptics Incorporated -> Synaptics Incorporated)

Task: {8601D166-6378-400F-BE06-2BAE4F315E30} – System32TasksDropboxUpdateTaskUserS-1-5-21-3870363634-1779439790-3996191095-1002Core1d238cf5c3f4474 => C:UsersRobAppDataLocalDropboxUpdateDropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)

Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} – System32TasksMicrosoftWindowsSkyDriveRoutine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}

Task: {8AF51A4D-0AC5-4CD6-AD71-C8E551440132} – System32TasksHewlett-PackardHP Support AssistantUpdate Check => C:ProgramDataHewlett-PackardHP Support FrameworkResourcesUpdater7HPSFUpdater.exe [592288 2012-09-06] (Hewlett-Packard Company -> Hewlett-Packard Company)

Task: {8B6759EE-1C08-4B8F-955C-774AB5A6544E} – System32TasksMicrosoftWindowsSideShowSessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}

Task: {90677C86-F853-456F-BDE0-D90B752459D4} – System32TasksAdobe Uninstaller => C:Program Files (x86)AdobeAdobe Creative CloudACCCreative Cloud.exe –sapCode=ILST –productVersion=25.3.1 –productPlatform=win64 –appletID=AppsPanel_BL –appletVersion=1.0 –appMode=Uninstall (No File)

Task: {90799327-3404-4B90-B883-5A52045953D3} – System32TasksCLVDLauncher => C:Program Files (x86)CyberLinkPower2Go8CLVDLauncher.exe [338544 2012-07-24] (CyberLink -> CyberLink Corp.)

Task: {95F2CBA4-D735-478F-A1F1-4E50AD3947EE} – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)

Task: {A5215784-4F88-49C4-9A81-6EE4251C32ED} – System32TasksMirageAgent => C:Program Files (x86)CyberLinkYouCamYCMMirage.exe [136488 2013-01-18] (CyberLink -> CyberLink)

Task: {AF38C0E7-260B-42C2-87DF-16DB8E79CCAD} – System32Tasksb4a_Photo Backup => C:Program Files (x86)SoftlandBackup4all Professional 4b4aSchedStarter.exe [2699112 2012-05-03] (Softland S.R.L. -> Softland)

Task: {B2936B9E-718E-4F7F-9F77-9D0B9C4D0DE7} – System32TasksMicrosoftWindowsShellFamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}

Task: {BC7EEEA3-0471-40D1-BC75-6FA62BC0F12E} – System32Tasksb4a_Home => C:Program Files (x86)SoftlandBackup4all Professional 4b4aSchedStarter.exe [2699112 2012-05-03] (Softland S.R.L. -> Softland)

Task: {C6A8CA97-7C7B-4FD9-B2D3-0DA0A2DA7B0A} – System32TasksGoogleUpdateTaskUserS-1-5-21-3870363634-1779439790-3996191095-1002Core1d2583f12cc3731 => C:UsersRobAppDataLocalGoogleUpdateGoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)

Task: {C9DCF59E-6B97-4C0C-8641-B8261089C8CA} – System32TasksMicrosoftWindowsMobilePCHotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}

Task: {CE2DE968-E342-40D7-9566-427D45E4A886} – System32TasksMicrosoftWindowsPerfTrackBackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}

Task: {D746C0C2-4CA2-452A-A1B6-B14B88BA5B8E} – System32TasksCLMLSvc_P2G8 => C:Program Files (x86)CyberLinkPower2Go8CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink -> CyberLink)

Task: {DB21EF32-6BA9-4118-BBC1-BC4FF48961E5} – System32TasksMicrosoftWindowsSideShowGadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}

Task: {E890F2B6-A1CE-47EF-84A6-EE94B65C37F7} – System32TasksDropboxUpdateTaskUserS-1-5-21-3870363634-1779439790-3996191095-1002UA1d238cf5c883365 => C:UsersRobAppDataLocalDropboxUpdateDropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)

Task: {F083B5E7-097A-4BB8-94E9-6B5F495373DA} – System32TasksMicrosoftOfficeOffice ClickToRun Service Monitor => C:Program FilesMicrosoft Office 15ClientX64OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)

Task: {F3633E23-3AD6-47D8-A894-5A71A40A615D} – System32TasksMicrosoftWindows LiveSOXEExtractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}

Task: {F86F9791-699C-435A-9016-10395F7C31C9} – System32TasksMicrosoftOfficeOffice Automatic Updates => C:Program FilesMicrosoft Office 15ClientX64OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)

Task: {F8821065-ABFF-44D6-B8B7-1DFD511DACF1} – System32TasksAdobe Acrobat Update Task => C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe [1331792 2020-05-07] (Adobe Inc. -> Adobe Inc.)

Task: {FAFA34C4-CB85-4F0E-B89C-992C24074A18} – System32TasksMicrosoftOfficeOfficeTelemetryAgentLogOn => C:Program FilesMicrosoft Office 15rootOffice15msoia.exe [286088 2020-06-19] (Microsoft Corporation -> Microsoft Corporation)

Task: {FDBDBD5E-1BB8-4009-8632-CD45DA8E3FB7} – System32TasksGoogleUpdateTaskUserS-1-5-21-3870363634-1779439790-3996191095-1002UA => C:UsersRobAppDataLocalGoogleUpdateGoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:WINDOWSTasksb4a_Document Backup(1).job => C:Program Files (x86)SoftlandBackup4all Professional 4b4aSchedStarter.exe

Task: C:WINDOWSTasksb4a_Document Backup(2).job => C:Program Files (x86)SoftlandBackup4all Professional 4b4aSchedStarter.exe

Task: C:WINDOWSTasksb4a_Document Backup.job => C:Program Files (x86)SoftlandBackup4all Professional 4b4aSchedStarter.exe

Task: C:WINDOWSTasksb4a_Email Backup.job => C:Program Files (x86)SoftlandBackup4all Professional 4b4aSchedStarter.exe

Task: C:WINDOWSTasksb4a_Home(1).job => C:Program Files (x86)SoftlandBackup4all Professional 4b4aSchedStarter.exe

Task: C:WINDOWSTasksb4a_Home(2).job => C:Program Files (x86)SoftlandBackup4all Professional 4b4aSchedStarter.exe

Task: C:WINDOWSTasksb4a_Home.job => C:Program Files (x86)SoftlandBackup4all Professional 4b4aSchedStarter.exe

Task: C:WINDOWSTasksb4a_Photo Backup(1).job => C:Program Files (x86)SoftlandBackup4all Professional 4b4aSchedStarter.exe

Task: C:WINDOWSTasksb4a_Photo Backup(2).job => C:Program Files (x86)SoftlandBackup4all Professional 4b4aSchedStarter.exe

Task: C:WINDOWSTasksb4a_Photo Backup.job => C:Program Files (x86)SoftlandBackup4all Professional 4b4aSchedStarter.exe

Task: C:WINDOWSTasksDropboxUpdateTaskUserS-1-5-21-3870363634-1779439790-3996191095-1002Core1d238cf5c3f4474.job => C:UsersRobAppDataLocalDropboxUpdateDropboxUpdate.exe

Task: C:WINDOWSTasksDropboxUpdateTaskUserS-1-5-21-3870363634-1779439790-3996191095-1002UA1d238cf5c883365.job => C:UsersRobAppDataLocalDropboxUpdateDropboxUpdate.exe

Task: C:WINDOWSTasksGoogleUpdateTaskUserS-1-5-21-3870363634-1779439790-3996191095-1002Core.job => C:UsersRobAppDataLocalGoogleUpdateGoogleUpdate.exe

Task: C:WINDOWSTasksGoogleUpdateTaskUserS-1-5-21-3870363634-1779439790-3996191095-1002UA.job => C:UsersRobAppDataLocalGoogleUpdateGoogleUpdate.exe

Task: C:WINDOWSTasksSynaptics TouchPad Enhancements.job => C:Program FilesSynapticsSynTPSynTPEnh.exe

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

TcpipParameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

Tcpip..Interfaces{0e3711f6-9704-44c7-baa5-7741c37502f8}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Tcpip..Interfaces{5deaac77-8ae8-41b2-bd67-7ebcebeaf3ea}: [DhcpNameServer] 192.168.1.1 192.168.1.1

 

Edge: 

=======

Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsAutoFormFill [not found]

Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsBookViewer [not found]

Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsLearningTools [not found]

Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:WindowsSystemAppsMicrosoft.MicrosoftEdge_8wekyb3d8bbweAssetsHostExtensionsPinJSAPI [not found]

Edge Profile: C:UsersRobAppDataLocalMicrosoftEdgeUser DataDefault [2021-11-17]

Edge DefaultSearchURL: Default -> hxxps://www.google.co.nz/search?q={searchTerms}&ie={inputEncoding?}&oe={outputEncoding?}

Edge DefaultSearchKeyword: Default -> google.co.nz

 

FireFox:

========

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:WINDOWSSysWOW64AdobeDirectornp32dsw_1228198.dll [2017-02-27] (Adobe Systems, Inc.) [File not signed]

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft Office 15rootOffice15NPSPWRAP.DLL [2013-09-03] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll [2012-09-13] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:Program Files (x86)WildTangent GamesAppBrowserIntegrationRegisteredNP_wtapp.dll [2012-10-13] (WildTangent Inc -> )

FF Plugin-x32: Adobe Reader -> C:Program Files (x86)AdobeAcrobat Reader DCReaderAIRnppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)

FF Plugin HKUS-1-5-21-3870363634-1779439790-3996191095-1002: SkypePlugin -> C:UsersRobAppDataLocalSkypePlugin7.17.0.44npGatewayNpapi.dll [2016-03-31] (Microsoft Corporation -> Skype Technologies S.A.)

FF Plugin HKUS-1-5-21-3870363634-1779439790-3996191095-1002: SkypePlugin64 -> C:UsersRobAppDataLocalSkypePlugin7.17.0.44npGatewayNpapi-x64.dll [2016-03-31] (Microsoft Corporation -> Skype Technologies S.A.)

 

Chrome: 

=======

CHR DefaultProfile: Default

CHR Profile: C:UsersRobAppDataLocalGoogleChromeUser DataDefault [2021-12-05]

CHR Notifications: Default -> hxxps://app.houseparty.com; hxxps://bachcaresupport.webpush.freshchat.com; hxxps://singaporeairlines.api.sociaplus.com; hxxps://www.facebook.com; hxxps://www.pinterest.nz

CHR HomePage: Default -> hxxp://www.stuff.co.nz/

CHR StartupUrls: Default -> “hxxp://www.stuff.co.nz/”

CHR Extension: (Skype) – C:UsersRobAppDataLocalGoogleChromeUser DataDefaultExtensionslifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-02]

CHR Extension: (Chrome Web Store Payments) – C:UsersRobAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-02-02]

CHR Profile: C:UsersRobAppDataLocalGoogleChromeUser DataSystem Profile [2020-05-15]

CHR HKLM-x32…ChromeExtension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]

 

==================== Services (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AdaptiveSleepService; C:Program FilesATI TechnologiesATI.ACEA4AdaptiveSleepService.exe [155016 2017-09-22] (Advanced Micro Devices, Inc. -> )

R2 AdobeARMservice; C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe [169032 2020-05-07] (Adobe Inc. -> Adobe Inc.)

R2 AERTFilters; C:Program FilesRealtekAudioHDAAERTSr64.EXE [106952 2015-06-24] (Andrea Electronics -> Andrea Electronics Corporation)

R2 AVG Antivirus; C:Program Files (x86)AVGAntivirusAVGSvc.exe [713656 2021-11-09] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R2 AVG Tools; C:Program Files (x86)AVGAntivirusavgToolsSvc.exe [460728 2021-11-09] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R3 avgbIDSAgent; C:Program Files (x86)AVGAntivirusaswidsagent.exe [8413296 2021-11-09] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R2 AvgWscReporter; C:Program Files (x86)AVGAntiviruswsc_proxy.exe [109480 2021-05-25] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R3 BrYNSvc; C:Program Files (x86)Browny02BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]

R2 ClickToRunSvc; C:Program FilesMicrosoft Office 15ClientX64OfficeClickToRun.exe [3052952 2021-03-17] (Microsoft Corporation -> Microsoft Corporation)

S2 HP Support Assistant Service; C:Program Files (x86)Hewlett-PackardHP Support Frameworkhpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]

R2 HPWMISVC; C:Program Files (x86)Hewlett-PackardHP System EventHPWMISVC.exe [1039160 2013-02-02] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)

R2 rkrtservice; C:Program FilesRogueKillerRogueKillerSvc.exe [13048888 2020-04-30] (Adlice -> )

S3 WdNisSvc; C:Program FilesWindows DefenderNisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

S3 WinDefend; C:Program FilesWindows DefenderMsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

 

===================== Drivers (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 AKCCID; C:WINDOWSSystem32driversAKCCID.sys [57296 2018-01-02] (Alcor Micro, Corp. -> Generic)

S0 amdkmafd; C:WINDOWSSystem32driversamdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

R0 avgArDisk; C:WINDOWSSystem32driversavgArDisk.sys [35848 2021-12-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R1 avgArPot; C:WINDOWSSystem32driversavgArPot.sys [222232 2021-12-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R1 avgbidsdriver; C:WINDOWSSystem32driversavgbidsdriver.sys [368240 2021-12-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R0 avgbidsh; C:WINDOWSSystem32driversavgbidsh.sys [252000 2021-12-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R0 avgbuniv; C:WINDOWSSystem32driversavgbuniv.sys [99424 2021-12-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R0 avgElam; C:WINDOWSSystem32driversavgElam.sys [21960 2021-09-23] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)

R1 avgKbd; C:WINDOWSSystem32driversavgKbd.sys [41496 2021-12-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R1 avgMonFlt; C:WINDOWSSystem32driversavgMonFlt.sys [185360 2021-12-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R1 avgNetHub; C:WINDOWSSystem32driversavgNetHub.sys [539128 2021-12-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R1 avgRdr; C:WINDOWSSystem32driversavgRdr2.sys [107992 2021-12-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R0 avgRvrt; C:WINDOWSSystem32driversavgRvrt.sys [83056 2021-12-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R1 avgSnx; C:WINDOWSSystem32driversavgSnx.sys [852880 2021-12-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R1 avgSP; C:WINDOWSSystem32driversavgSP.sys [544248 2021-12-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R2 avgStm; C:WINDOWSSystem32driversavgStm.sys [214496 2021-11-09] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

R0 avgVmm; C:WINDOWSSystem32driversavgVmm.sys [317840 2021-12-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

S3 BthA2dp; C:WINDOWSSystem32driversBthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]

S3 BthHFEnum; C:WINDOWSSystem32driversbthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]

R1 CLVirtualDrive; C:WINDOWSsystem32DRIVERSCLVirtualDrive.sys [92536 2012-06-26] (CyberLink -> CyberLink)

R3 RSP2STOR; C:WINDOWSsystem32DRIVERSRtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)

S3 RTSPER; C:WINDOWSSystem32DRIVERSRtsPer.sys [448072 2013-02-02] (Realtek Semiconductor Corp -> RTS Corporation)

S3 ssudmdm; C:WINDOWSsystem32DRIVERSssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)

U3 TrueSight; C:WindowsSystem32driverstruesight.sys [28272 2021-11-27] (Adlice -> )

S3 WdBoot; C:WINDOWSsystem32driversWdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S3 WdFilter; C:WINDOWSsystem32driversWdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:WINDOWSSystem32DriversWdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

R3 WirelessButtonDriver64; C:WINDOWSSystem32driversWirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One month (created) (Whitelisted) =========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-12-05 17:10 – 2021-12-05 17:10 – 002311680 _____ (Farbar) C:UsersRobDownloadsFRST64 (3).exe

2021-12-05 17:05 – 2021-12-05 17:05 – 002311680 _____ (Farbar) C:UsersRobDownloadsFRST64 (2).exe

2021-12-05 17:01 – 2021-12-05 17:01 – 002311680 _____ (Farbar) C:UsersRobDownloadsFRST64 (1).exe

2021-12-05 16:59 – 2021-12-05 16:59 – 000000000 ____D C:Repair

2021-12-05 16:51 – 2021-12-05 16:49 – 000336824 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32avgBoot.exe

2021-12-05 16:51 – 2021-12-05 16:49 – 000214512 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32Driversasw492100c60e94a9a2.tmp

2021-12-05 16:36 – 2021-12-05 16:36 – 000000000 ____D C:UsersRobAppDataRoamingMicrosoftWindowsStart MenuProgramsDropbox

2021-11-27 10:42 – 2021-11-27 10:42 – 000028272 _____ C:WINDOWSsystem32Driverstruesight.sys

2021-11-17 11:20 – 2021-11-17 11:20 – 000574726 _____ C:UsersRobDownloadsStatement20211109.pdf

2021-11-11 09:47 – 2021-11-11 09:47 – 000125614 _____ C:UsersRobDownloadsClaiming a tax deduction for personal contributions 2018_19.pdf

2021-11-11 09:40 – 2021-11-11 09:40 – 000708784 _____ C:UsersRobDownloadsU3RhdGVtZW50LU1UMjA5NV9QRVJTT05BTF80NjQzMDQ3Xzg1XzIwMjEwMzMxX3g3OTAyMTMzOC5wZGYtNDFkNjg1NTItYTQ3Mi00M2Q0LWEwMGEtZjY4MzE4YmIxNGU1.pdf

2021-11-10 22:15 – 2021-11-10 22:15 – 000011363 _____ C:WINDOWSsystem32DrtmAuthTxt.wim

2021-11-10 22:14 – 2021-11-10 22:14 – 000223744 _____ C:WINDOWSSysWOW64TpmTool.exe

2021-11-10 22:14 – 2021-11-10 22:14 – 000060928 _____ C:WINDOWSsystem32runexehelper.exe

2021-11-10 22:12 – 2021-11-10 22:12 – 000272384 _____ C:WINDOWSsystem32TpmTool.exe

2021-11-10 21:06 – 2021-11-10 21:06 – 000000000 ___HD C:$WinREAgent

2021-11-09 19:34 – 2021-11-09 19:34 – 000131542 _____ C:UsersRobDownloadsMEL_Payment_Advice_2021_10_15.pdf

2021-11-09 19:20 – 2021-11-09 19:21 – 000234269 _____ C:UsersRobDownloads5136371_317_1_20210930_122 (1).pdf

2021-11-09 19:19 – 2021-11-09 19:19 – 000234269 _____ C:UsersRobDownloads5136371_317_1_20210930_122.pdf

2021-11-09 17:41 – 2021-11-09 17:39 – 000214496 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgStm.sys

 

==================== One month (modified) ==================

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-12-05 17:35 – 2020-05-12 20:06 – 000030103 _____ C:UsersRobDownloadsFRST.txt

2021-12-05 17:29 – 2017-04-29 12:16 – 000000000 ____D C:FRST

2021-12-05 17:23 – 2019-12-07 22:14 – 000000000 ____D C:ProgramDataregid.1991-06.com.microsoft

2021-12-05 17:09 – 2014-12-12 10:37 – 000000000 ____D C:Program Files (x86)Google

2021-12-05 16:51 – 2019-12-07 22:14 – 000000000 ___HD C:WINDOWSELAMBKUP

2021-12-05 16:50 – 2018-06-16 20:10 – 000317840 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgVmm.sys

2021-12-05 16:49 – 2020-10-16 12:12 – 000185360 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgMonFlt.sys

2021-12-05 16:49 – 2020-06-20 16:27 – 000539128 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgNetHub.sys

2021-12-05 16:49 – 2019-01-06 20:20 – 000252000 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32Driversavgbidsh.sys

2021-12-05 16:49 – 2019-01-06 20:20 – 000099424 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32Driversavgbuniv.sys

2021-12-05 16:49 – 2018-10-12 14:47 – 000041496 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgKbd.sys

2021-12-05 16:49 – 2018-06-16 20:10 – 000544248 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgSP.sys

2021-12-05 16:49 – 2018-06-16 20:10 – 000107992 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgRdr2.sys

2021-12-05 16:49 – 2018-06-16 20:10 – 000083056 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgRvrt.sys

2021-12-05 16:46 – 2014-08-24 22:48 – 000000000 ____D C:UsersRobAppDataRoamingDropbox

2021-12-05 16:45 – 2019-01-06 20:20 – 000035848 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgArDisk.sys

2021-12-05 16:45 – 2018-06-16 20:10 – 000852880 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgSnx.sys

2021-12-05 16:45 – 2018-06-16 20:10 – 000222232 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32DriversavgArPot.sys

2021-12-05 16:44 – 2019-01-15 18:39 – 000368240 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32Driversavgbidsdriver.sys

2021-12-05 16:23 – 2013-09-01 22:51 – 000000000 __RHD C:UsersPublicAccountPictures

2021-12-05 16:07 – 2015-06-22 21:07 – 000000000 ____D C:UsersRobAppDataLocalDropbox

2021-12-05 16:00 – 2020-08-06 11:16 – 000004164 _____ C:WINDOWSsystem32TasksUser_Feed_Synchronization-{EDE3C385-EACD-40A5-80A1-E953E1B75EE6}

2021-12-05 16:00 – 2013-07-12 23:47 – 000000000 ____D C:ProgramDataTemp

2021-11-27 10:49 – 2020-08-06 10:48 – 000883876 _____ C:WINDOWSsystem32PerfStringBackup.INI

2021-11-27 10:49 – 2019-12-07 22:13 – 000000000 ____D C:WINDOWSINF

2021-11-27 10:43 – 2015-10-27 23:04 – 000000000 ____D C:ProgramDataAvg

2021-11-27 10:42 – 2020-08-06 11:16 – 000000006 ____H C:WINDOWSTasksSA.DAT

2021-11-27 10:42 – 2020-08-06 10:16 – 000008192 ___SH C:DumpStack.log.tmp

2021-11-27 10:42 – 2019-12-07 22:14 – 000000000 ____D C:WINDOWSServiceState

2021-11-27 10:42 – 2016-11-07 21:17 – 000000942 _____ C:WINDOWSTasksDropboxUpdateTaskUserS-1-5-21-3870363634-1779439790-3996191095-1002UA1d238cf5c883365.job

2021-11-27 10:42 – 2016-11-07 21:17 – 000000890 _____ C:WINDOWSTasksDropboxUpdateTaskUserS-1-5-21-3870363634-1779439790-3996191095-1002Core1d238cf5c3f4474.job

2021-11-27 10:40 – 2019-12-07 22:03 – 000786432 _____ C:WINDOWSsystem32configBBI

2021-11-27 10:40 – 2017-08-27 11:45 – 000065536 _____ C:WINDOWSsystem32spu_storage.bin

2021-11-24 10:22 – 2020-08-06 10:17 – 000000000 ____D C:WINDOWSsystem32SleepStudy

2021-11-21 20:12 – 2019-12-07 22:14 – 000000000 ____D C:WINDOWSAppReadiness

2021-11-21 20:11 – 2020-06-06 01:02 – 000002445 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMicrosoft Edge.lnk

2021-11-21 20:11 – 2020-06-06 01:02 – 000002283 _____ C:UsersPublicDesktopMicrosoft Edge.lnk

2021-11-21 20:11 – 2019-12-07 22:14 – 000000000 ___HD C:Program FilesWindowsApps

2021-11-19 10:51 – 2018-07-15 12:28 – 000000000 ____D C:ProgramDataPackages

2021-11-19 08:05 – 2019-01-15 18:39 – 000367712 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32Driversaswa09ab243e908d256.tmp

2021-11-19 08:03 – 2020-08-06 11:16 – 000003480 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineUA

2021-11-19 08:03 – 2020-08-06 11:16 – 000003356 _____ C:WINDOWSsystem32TasksMicrosoftEdgeUpdateTaskMachineCore

2021-11-17 13:58 – 2018-08-26 19:45 – 000000000 ____D C:UsersRobAppDataLocalD3DSCache

2021-11-15 23:14 – 2014-12-12 10:40 – 000002308 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2021-11-15 23:14 – 2014-12-12 10:40 – 000002267 _____ C:UsersPublicDesktopGoogle Chrome.lnk

2021-11-12 16:22 – 2020-08-06 11:16 – 000003986 _____ C:WINDOWSsystem32TasksDropboxUpdateTaskUserS-1-5-21-3870363634-1779439790-3996191095-1002UA1d238cf5c883365

2021-11-12 16:22 – 2020-08-06 11:16 – 000003610 _____ C:WINDOWSsystem32TasksDropboxUpdateTaskUserS-1-5-21-3870363634-1779439790-3996191095-1002Core1d238cf5c3f4474

2021-11-10 23:29 – 2018-06-16 20:10 – 000317840 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32Driversasw97ce6b54004ab525.tmp

2021-11-10 23:11 – 2020-08-06 10:17 – 000318768 _____ C:WINDOWSsystem32FNTCACHE.DAT

2021-11-10 23:07 – 2019-12-07 22:14 – 000000000 ___SD C:WINDOWSsystem32DiagSvcs

2021-11-10 23:07 – 2019-12-07 22:14 – 000000000 ___RD C:WINDOWSImmersiveControlPanel

2021-11-10 23:07 – 2019-12-07 22:14 – 000000000 ____D C:WINDOWSSysWOW64setup

2021-11-10 23:07 – 2019-12-07 22:14 – 000000000 ____D C:WINDOWSSysWOW64Dism

2021-11-10 23:07 – 2019-12-07 22:14 – 000000000 ____D C:WINDOWSSystemResources

2021-11-10 23:07 – 2019-12-07 22:14 – 000000000 ____D C:WINDOWSsystem32setup

2021-11-10 23:07 – 2019-12-07 22:14 – 000000000 ____D C:WINDOWSsystem32oobe

2021-11-10 23:07 – 2019-12-07 22:14 – 000000000 ____D C:WINDOWSsystem32Dism

2021-11-10 23:07 – 2019-12-07 22:14 – 000000000 ____D C:WINDOWSShellExperiences

2021-11-10 23:07 – 2019-12-07 22:14 – 000000000 ____D C:WINDOWSbcastdvr

2021-11-10 23:07 – 2019-12-07 22:03 – 000000000 ____D C:WINDOWSservicing

2021-11-10 22:41 – 2019-12-07 22:03 – 000000000 ____D C:WINDOWSCbsTemp

2021-11-10 20:58 – 2013-09-02 11:53 – 000000000 ____D C:WINDOWSsystem32MRT

2021-11-10 20:41 – 2015-07-16 23:07 – 141529560 ____C (Microsoft Corporation) C:WINDOWSsystem32MRT.exe

2021-11-09 17:44 – 2020-08-06 11:16 – 000004004 _____ C:WINDOWSsystem32TasksAntivirus Emergency Update

2021-11-09 17:39 – 2020-10-16 12:12 – 000184800 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32Driversasw397fb65203e7b10f.tmp

2021-11-09 17:39 – 2020-06-20 16:27 – 000539144 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32Driversaswb5300253bccff12f.tmp

2021-11-09 17:39 – 2019-01-06 20:20 – 000250456 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32Driversasw1d34d5e2d1e7bf71.tmp

2021-11-09 17:39 – 2019-01-06 20:20 – 000099432 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32Driversasw2ea78f05024c4997.tmp

2021-11-09 17:39 – 2018-10-12 14:47 – 000041504 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32Driversasw3086327e36428c42.tmp

2021-11-09 17:39 – 2018-06-16 20:10 – 000557784 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32Driversasw419f02aff1ef15aa.tmp

2021-11-09 17:39 – 2018-06-16 20:10 – 000107976 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32Driversasw58362d8343a6643d.tmp

2021-11-09 17:39 – 2018-06-16 20:10 – 000083040 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32Driversasw098750c6f97fed98.tmp

2021-11-09 17:38 – 2020-08-06 10:23 – 000000000 ____D C:UsersRob

2021-11-09 17:38 – 2019-01-06 20:20 – 000035872 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32Driversasw7d7b20c0e72f3152.tmp

2021-11-09 17:38 – 2018-06-16 20:10 – 000852352 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32Driversaswef9adb5235e57913.tmp

2021-11-09 17:38 – 2018-06-16 20:10 – 000222264 _____ (AVG Technologies CZ, s.r.o.) C:WINDOWSsystem32Driversasw923b560dde09beb0.tmp

 

==================== Files in the root of some directories ========

 

2014-05-25 16:47 – 2015-07-08 00:25 – 000007680 _____ () C:UsersRobAppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2021-07-19 19:31 – 2021-07-31 18:14 – 000000410 _____ () C:UsersRobAppDataLocaloobelibMkey.log

2021-05-01 07:19 – 2021-05-01 07:19 – 000000000 _____ () C:UsersRobAppDataLocal{EE2FA35F-71A1-46CA-A1F4-8BC5BB903E75}

 

==================== SigCheck ============================

 

(There is no automatic fix for files that do not pass verification.)

 

==================== End of FRST.txt ========================

 

 

 

 

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-12-2021

Ran by Rob (05-12-2021 17:42:35)

Running from C:UsersRobDownloads

Microsoft Windows 10 Home Version 21H1 19043.1348 (X64) (2020-08-05 22:18:37)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

 

(If an entry is included in the fixlist, it will be removed.)

 

Administrator (S-1-5-21-3870363634-1779439790-3996191095-500 – Administrator – Disabled)

DefaultAccount (S-1-5-21-3870363634-1779439790-3996191095-503 – Limited – Disabled)

Guest (S-1-5-21-3870363634-1779439790-3996191095-501 – Limited – Disabled)

Rob (S-1-5-21-3870363634-1779439790-3996191095-1002 – Administrator – Enabled) => C:UsersRob

WDAGUtilityAccount (S-1-5-21-3870363634-1779439790-3996191095-504 – Limited – Disabled)

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Windows Defender (Disabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: AVG Antivirus (Enabled – Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}

AS: Windows Defender (Disabled – Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: AVG Antivirus (Enabled – Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}

 

==================== Installed Programs ======================

 

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

4 Elements II (HKLM-x32…WTA-61c37639-9e2c-4dc5-8cb8-69d40e30f0d5) (Version: 2.2.0.98 – WildTangent) Hidden

7-Zip 9.20 (x64 edition) (HKLM…{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 – Igor Pavlov)

Adobe Acrobat Reader DC (HKLM-x32…{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.009.20067 – Adobe Systems Incorporated)

Adobe Shockwave Player 12.2 (HKLM-x32…Adobe Shockwave Player) (Version: 12.2.8.198 – Adobe Systems, Inc.)

Airport Mania (HKLM-x32…WTA-68f48d4a-66be-4eb9-9945-d4d37de6e103) (Version: 2.2.0.95 – WildTangent) Hidden

Aloha TriPeaks (HKLM-x32…WTA-3e18a2c3-0a8d-454e-b637-cbf556579bb7) (Version: 2.2.0.98 – WildTangent) Hidden

AMD Catalyst Install Manager (HKLM…{AB1FC306-0E04-81D5-F105-C929F912CF20}) (Version: 8.0.911.0 – Advanced Micro Devices, Inc.)

AMD Radeon Settings (HKLM…WUCCCApp) (Version: 2020.0821.1329.24282 – Advanced Micro Devices, Inc.)

AVG AntiVirus FREE (HKLM…AVG Antivirus) (Version: 21.10.3213 – AVG Technologies)

AVG Web TuneUp (HKLM-x32…AVG Web TuneUp) (Version: 4.3.7.452 – AVG Technologies)

Azteca (HKLM-x32…WTA-fb21c90f-a727-402e-af5f-2699c1bd7236) (Version: 2.2.0.97 – WildTangent) Hidden

Backup4all Professional 4 (HKLM-x32…{B2D762D9-4B30-4D1A-86E6-1B50727AACB0}) (Version: 4.7.270 – Softland)

Bejeweled 3 (HKLM-x32…WTA-0da333ce-4702-497c-8e77-3520957eb4af) (Version: 2.2.0.98 – WildTangent) Hidden

Bonjour (HKLM…{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 – Apple Inc.)

Bounce Symphony (HKLM-x32…WTA-70a09c94-e61a-42e2-b464-97cea407c71d) (Version: 2.2.0.97 – WildTangent) Hidden

Build-a-lot (HKLM-x32…WTA-fdd24740-37dc-4156-bda1-587304d2b505) (Version: 2.2.0.98 – WildTangent) Hidden

ChromecastApp (HKUS-1-5-21-3870363634-1779439790-3996191095-1002…{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 – Google Inc.)

Cradle of Rome 2 (HKLM-x32…WTA-06b1e7cb-096c-4744-9abb-084ee71c9c46) (Version: 2.2.0.98 – WildTangent) Hidden

Curse at Twilight (HKLM-x32…WTA-15548160-bbef-4789-826f-0848894eced9) (Version: 3.0.2.32 – WildTangent) Hidden

CyberLink LabelPrint (HKLM-x32…InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3.5901 – CyberLink Corp.)

CyberLink Media Suite 10 (HKLM-x32…InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.3.2608 – CyberLink Corp.)

Cyberlink PhotoDirector (HKLM-x32…InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.3919 – CyberLink Corp.)

CyberLink Power2Go 8 (HKLM-x32…InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.2527 – CyberLink Corp.)

CyberLink PowerDirector 10 (HKLM-x32…InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2606 – CyberLink Corp.)

CyberLink PowerDVD (HKLM-x32…InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.8.5004 – CyberLink Corp.)

CyberLink YouCam (HKLM-x32…InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.6.6117 – CyberLink Corp.)

D3DX10 (HKLM-x32…{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 – Microsoft) Hidden

Delicious: Emily’s Childhood Memories Premium Edition (HKLM-x32…WTA-d3062316-8f31-418e-8c2f-77501e01e270) (Version: 3.0.2.32 – WildTangent) Hidden

Dropbox (HKUS-1-5-21-3870363634-1779439790-3996191095-1002…Dropbox) (Version: 136.4.4345 – Dropbox, Inc.)

Energy Star (HKLM-x32…{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 – Hewlett-Packard Company)

Eudora (HKLM-x32…{DDAA6CE5-550B-477D-BFBB-0385B5FB232E}) (Version: 7.0 – )

Farm Frenzy (HKLM-x32…WTA-bbc9ceed-6396-4dbb-9b55-7ad0aab40a21) (Version: 2.2.0.98 – WildTangent) Hidden

Golden Videos (HKLM-x32…GoldenVideos) (Version:  – NCH Software)

Google Chrome (HKLM-x32…Google Chrome) (Version: 96.0.4664.45 – Google LLC)

Google Earth Pro (HKLM…{9BFB06CD-3925-49E2-BAB7-EA695821CE4C}) (Version: 7.3.4.8248 – Google)

Governor of Poker 2 Premium Edition (HKLM-x32…WTA-0ce6baf6-9b07-485a-9378-fc2bd4d5f327) (Version: 2.2.0.110 – WildTangent) Hidden

Hewlett-Packard ACLM.NET v1.2.1.1 (HKLM-x32…{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 – Hewlett-Packard Company) Hidden

HL-L2360D series (HKLM-x32…{46B58839-2405-48D6-A59D-F8246158A6ED}) (Version: 0.0.13.0 – Brother Industries, Ltd.)

House of 1000 Doors: Family Secrets (HKLM-x32…WTA-bb330283-b88b-4e1e-a965-68bfb937b311) (Version: 2.2.0.98 – WildTangent) Hidden

HP 3D DriveGuard (HKLM-x32…{AE2F1669-5B1F-47C5-B639-78D74DD0BCE4}) (Version: 6.0.9.1 – Hewlett-Packard Company)

HP CoolSense (HKLM-x32…{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}) (Version: 2.10.51 – Hewlett-Packard Company)

HP Documentation (HKLM-x32…{F2481209-98FE-4943-8903-90D19E1B7062}) (Version: 1.2.0.0 – Hewlett-Packard)

HP Quick Start (HKLM-x32…{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 – Hewlett-Packard)

HP Registration Service (HKLM…{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 – Hewlett-Packard)

HP Support Assistant (HKLM-x32…{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 – Hewlett-Packard Company)

HP System Event Utility (HKLM-x32…{C27D60E4-3132-45A3-A71A-E3BD1DA3F794}) (Version: 1.0.4 – Hewlett-Packard Company)

HP Utility Center (HKLM…{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 – Hewlett-Packard Company)

HP Wireless Button Driver (HKLM-x32…{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.6.1 – Hewlett-Packard Company)

IrfanView (remove only) (HKLM-x32…IrfanView) (Version: 4.36 – Irfan Skiljan)

Jewel Match 3 (HKLM-x32…WTA-aab0994c-6db5-4133-b5f7-d221c8e3383a) (Version: 2.2.0.98 – WildTangent) Hidden

Letters from Nowhere 2 (HKLM-x32…WTA-b031a6ed-e3d0-4821-89f8-55f9264f08ab) (Version: 2.2.0.97 – WildTangent) Hidden

Luxor Evolved (HKLM-x32…WTA-751db679-fc06-4c3a-87a1-b64909280d4e) (Version: 2.2.0.98 – WildTangent) Hidden

Mah Jong Medley (HKLM-x32…WTA-63a53bff-b738-4fef-90b6-7102fe29ba81) (Version: 2.2.0.95 – WildTangent) Hidden

Mahjongg Dimensions Deluxe: Tiles in Time (HKLM-x32…WTA-cff31dc9-c56f-40f5-85fe-df6ddad6b27e) (Version: 2.2.0.98 – WildTangent) Hidden

Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 96.0.1054.29 – Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32…{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  – Microsoft)

Microsoft Office File Validation Add-In (HKLM-x32…{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 – Microsoft Corporation)

Microsoft Office Home and Student 2007 (HKLM-x32…HOMESTUDENTR) (Version: 12.0.6612.1000 – Microsoft Corporation)

Microsoft OneDrive (HKUS-1-5-21-3870363634-1779439790-3996191095-1002…OneDriveSetup.exe) (Version: 20.064.0329.0008 – Microsoft Corporation)

Microsoft Outlook 2013 – en-us (HKLM…OutlookRetail – en-us) (Version: 15.0.5381.1000 – Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32…{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 – Microsoft Corporation)

Microsoft Update Health Tools (HKLM…{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32…{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32…{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.4148 (HKLM…{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.17 (HKLM-x32…{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.4148 (HKLM-x32…{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.50727 (HKLM-x32…{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.40664 (HKLM-x32…{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 – Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.40664 (HKLM-x32…{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.23.27820 (HKLM-x32…{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.23.27820 (HKLM-x32…{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 – Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM…Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 – Microsoft Corporation)

Movie Maker (HKLM-x32…{5BABDA39-61CF-41EE-992D-4054B6649A9B}) (Version: 16.4.3505.0912 – Microsoft Corporation) Hidden

Movie Maker (HKLM-x32…{ED6C77F9-4D7E-447C-9EC0-9A212D075535}) (Version: 16.4.3505.0912 – Microsoft Corporation) Hidden

Mozilla Maintenance Service (HKLM-x32…MozillaMaintenanceService) (Version: 60.7.0.7076 – Mozilla)

Mozilla Thunderbird 17.0.8 (x86 en-US) (HKLM-x32…Mozilla Thunderbird 17.0.8 (x86 en-US)) (Version: 17.0.8 – Mozilla)

Mozilla Thunderbird 60.7.0 (x86 en-GB) (HKLM-x32…Mozilla Thunderbird 60.7.0 (x86 en-GB)) (Version: 60.7.0 – Mozilla)

OEM Application Profile (HKLM-x32…{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 – Advanced Micro Devices, Inc.)

Office 15 Click-to-Run Extensibility Component (HKLM-x32…{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5381.1000 – Microsoft Corporation) Hidden

Office 15 Click-to-Run Licensing Component (HKLM…{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5381.1000 – Microsoft Corporation) Hidden

Office 15 Click-to-Run Localization Component (HKLM-x32…{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5381.1000 – Microsoft Corporation) Hidden

OutlookFreeware.com Utilities (HKLM-x32…{46C3BCD6-F992-4D94-9C03-4960FF5F5A81}) (Version: 2.5.3 – Relief Software)

Peggle Nights (HKLM-x32…WTA-f3ba9803-3200-4b5b-a02d-cceeb1395bf0) (Version: 2.2.0.98 – WildTangent) Hidden

Plants vs. Zombies – Game of the Year (HKLM-x32…WTA-72722c3f-c466-4c00-91fd-4b77b8c3792a) (Version: 2.2.0.98 – WildTangent) Hidden

Polar Bowler (HKLM-x32…WTA-ef273868-4a76-4531-a474-a38e084a2aff) (Version: 2.2.0.97 – WildTangent) Hidden

Realtek Ethernet Controller Driver (HKLM-x32…{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 – Realtek)

Realtek High Definition Audio Driver (HKLM-x32…{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 – Realtek Semiconductor Corp.)

Realtek PCIE Card Reader (HKLM-x32…{BCDA54F6-C4B6-4519-A09E-FA064A6B4098}) (Version: 1.1.9200.007 – Realtek Semiconductor Corp.)

REALTEK Wireless LAN Driver (HKLM-x32…{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.12.0906 – REALTEK Semiconductor Corp.)

Roads of Rome 3 (HKLM-x32…WTA-71805a57-3238-4e43-89ba-f2df83b85b6a) (Version: 2.2.0.98 – WildTangent) Hidden

RogueKiller version 14.4.2.0 (HKLM…8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.4.2.0 – Adlice Software)

Royal Envoy 2 Collector’s Edition (HKLM-x32…WTA-cf92fb20-a2d4-4582-9f6a-c47710ea9bb2) (Version: 3.0.2.32 – WildTangent) Hidden

Skype Click to Call (HKLM-x32…{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 – Microsoft Corporation)

Skype Web Plugin (HKLM-x32…{7E4C8063-6644-4580-B27F-6B70B1A51F0E}) (Version: 7.17.0.44 – Skype Technologies S.A.)

Skype™ 7.22 (HKLM-x32…{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 – Skype Technologies S.A.)

Sophos Virus Removal Tool (HKLM-x32…{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.6 – Sophos Limited)

swMSM (HKLM-x32…{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 – Adobe Systems, Inc) Hidden

Synaptics Pointing Device Driver (HKLM…SynTPDeinstKey) (Version: 19.3.11.45 – Synaptics Incorporated)

TeamViewer 9 (HKLM-x32…TeamViewer 9) (Version: 9.0.28223 – TeamViewer)

The Treasures of Mystery Island: The Ghost Ship (HKLM-x32…WTA-0d9fb12f-20d3-4c4d-82e4-fa1a918b1b6c) (Version: 2.2.0.98 – WildTangent) Hidden

Trinklit Supreme (HKLM-x32…WTA-1c2489ec-1105-43cc-99a6-adeaeb899703) (Version: 2.2.0.98 – WildTangent) Hidden

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32…{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  – Microsoft)

Update for Windows 10 for x64-based Systems (KB4023057) (HKLM…{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 – Microsoft Corporation) Hidden

Update Installer for WildTangent Games App (HKLM-x32…{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  – WildTangent) Hidden

USB Video/Audio Device Driver (HKLM-x32…{CFB75739-90E3-4D26-83B5-25CA8262A991}) (Version: 1.00.0000 – EETI)

Vacation Quest™ – Australia (HKLM-x32…WTA-7ffba6e9-5273-4a25-9a2b-0db8b532cd16) (Version: 3.0.2.32 – WildTangent) Hidden

Visual Studio 2012 x64 Redistributables (HKLM…{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 – AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32…{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 – AVG Technologies CZ, s.r.o.)

WildTangent Games (HKLM-x32…WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 – WildTangent)

WildTangent Games App (HP Games) (HKLM-x32…{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.10.5 – WildTangent) Hidden

Windows Live Essentials (HKLM-x32…WinLiveSuite) (Version: 16.4.3505.0912 – Microsoft Corporation)

Youda Jewel Shop (HKLM-x32…WTA-5936cbb1-5be7-417c-a369-600c6d12773a) (Version: 3.0.2.32 – WildTangent) Hidden

Zoom (HKUS-1-5-21-3870363634-1779439790-3996191095-1002…ZoomUMX) (Version: 5.7.1 (543) – Zoom Video Communications, Inc.)

Zuma’s Revenge (HKLM-x32…WTA-72333582-e21c-4819-a219-077d2a9772fa) (Version: 2.2.0.98 – WildTangent) Hidden

 

Packages:

=========

Candy Crush Saga -> C:Program FilesWindowsAppsking.com.CandyCrushSaga_1.2150.1.0_x86__kgqvnymyfvs32 [2021-11-12] (king.com)

eBay -> C:Program FilesWindowsAppseBayInc.eBay_1.6.0.34_neutral__1618n3s9xq8tw [2014-11-04] (eBay, Inc)

Facebook -> C:Program FilesWindowsAppsFACEBOOK.FACEBOOK_2021.927.1.0_neutral__8xx8rvfyw5nnt [2021-09-28] (Facebook Inc)

Fitbit -> C:Program FilesWindowsAppsFitbit.Fitbit_2.44.1997.0_x64__6mqt6hf9g46tw [2019-10-05] (Fitbit)

Getting Started with Windows 8 -> C:Program FilesWindowsAppsAD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6 [2015-03-03] (Hewlett-Packard Company)

HP Games -> C:Program FilesWindowsAppsAD2F1837.HPGames_1.0.0.50_neutral__v10z8vjag6ke6 [2013-07-12] (Hewlett-Packard Company)

HP Registration -> C:Program FilesWindowsAppsAD2F1837.HPRegistration_1.2.1.166_neutral__v10z8vjag6ke6 [2014-12-02] (Hewlett-Packard Company)

HP+ -> C:Program FilesWindowsAppsAD2F1837.HP_1.2.0.93_neutral__v10z8vjag6ke6 [2013-11-28] (Hewlett-Packard Company)

Kindle -> C:Program FilesWindowsAppsAMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2015-06-21] (AMZN Mobile LLC)

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:Program FilesWindowsAppsMicrosoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]

Microsoft Mahjong -> C:Program FilesWindowsAppsMicrosoft.MicrosoftMahjong_4.1.10060.0_x64__8wekyb3d8bbwe [2021-10-30] (Microsoft Studios) [MS Ad]

Microsoft Solitaire Collection -> C:Program FilesWindowsAppsMicrosoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-10-31] (Microsoft Studios) [MS Ad]

MSN Food & Drink -> C:Program FilesWindowsAppsMicrosoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]

MSN Health & Fitness -> C:Program FilesWindowsAppsMicrosoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]

MSN Travel -> C:Program FilesWindowsAppsMicrosoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]

Norton Studio -> C:Program FilesWindowsAppsSymantecCorporation.NortonStudio_2.2.0.0_x86__v68kp9n051hdp [2018-04-24] (Symantec Corporation)

Snapfish -> C:Program FilesWindowsAppsAD2F1837.HPConnectedPhotopoweredbySnapfish_6.1.736.0_x86__v10z8vjag6ke6 [2021-08-25] (Snapfish)

Twitter -> C:Program FilesWindowsApps9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-16] (Twitter Inc.)

YouCam for HP -> C:Program FilesWindowsAppsCyberLinkCorp.hs.YouCamforHP_1.0.2.29632_x86__06qsbagp91rvg [2014-03-27] (CYBERLINKCOM CORP)

 

==================== Custom CLSID (Whitelisted): ==============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKUS-1-5-21-3870363634-1779439790-3996191095-1002_ClassesCLSID{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}localserver32 -> C:UsersRobAppDataRoamingDropboxbinDropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-3870363634-1779439790-3996191095-1002_ClassesCLSID{041F9391-C79D-44EE-AA4E-AF4E029C4B47}InprocServer32 -> C:UsersRobAppDataLocalGoogleUpdate1.3.36.112psuser_64.dll (Google LLC -> Google LLC)

CustomCLSID: HKUS-1-5-21-3870363634-1779439790-3996191095-1002_ClassesCLSID{0BFBE3EE-00BF-49F9-BC19-26B42AF261C1}InprocServer32 -> C:UsersRobAppDataLocalSkypePlugin7.17.0.44GatewayActiveX-x64.dll (Microsoft Corporation -> Skype Technologies S.A.)

CustomCLSID: HKUS-1-5-21-3870363634-1779439790-3996191095-1002_ClassesCLSID{2F81B25E-7507-4844-BFF2-77D2CC24CED4}localserver32 -> “C:Program FilesAdobeAdobe Creative CloudACCCreative Cloud.exe” -ToastActivated => No File

CustomCLSID: HKUS-1-5-21-3870363634-1779439790-3996191095-1002_ClassesCLSID{6D264B70-DA18-401D-910C-B202D89670C6}InprocServer32 -> C:UsersRobAppDataLocalGoogleUpdate1.3.36.32psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-3870363634-1779439790-3996191095-1002_ClassesCLSID{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}InprocServer32 -> C:UsersRobAppDataLocalGoogleUpdate1.3.36.112psuser_64.dll (Google LLC -> Google LLC)

CustomCLSID: HKUS-1-5-21-3870363634-1779439790-3996191095-1002_ClassesCLSID{8B480070-D37D-4090-A063-7A429F849652}InprocServer32 -> C:UsersRobAppDataLocalGoogleUpdate1.3.36.92psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-3870363634-1779439790-3996191095-1002_ClassesCLSID{BE5C2E39-090F-46A2-AFAA-47540743B4FE}InprocServer32 -> C:UsersRobAppDataLocalGoogleUpdate1.3.36.102psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-3870363634-1779439790-3996191095-1002_ClassesCLSID{CA8FA699-91CD-412F-9D13-9B1222F4370E}InprocServer32 -> C:UsersRobAppDataLocalGoogleUpdate1.3.36.82psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-3870363634-1779439790-3996191095-1002_ClassesCLSID{CA919489-0396-4164-A6E7-94CDED45A707}InprocServer32 -> C:UsersRobAppDataLocalGoogleUpdate1.3.36.52psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-3870363634-1779439790-3996191095-1002_ClassesCLSID{D9AC5E73-BB10-467b-B884-AA1E475C51F5}ShellOpenCommand -> C:Program FilesSynapticsSynTPSynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)

CustomCLSID: HKUS-1-5-21-3870363634-1779439790-3996191095-1002_ClassesCLSID{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}InprocServer32 -> C:UsersRobAppDataLocalGoogleUpdate1.3.36.72psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-3870363634-1779439790-3996191095-1002_ClassesCLSID{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [dropbox-NamespaceExtensionRole.Personal] => C:UsersRobDropbox [2014-08-24 22:55]

CustomCLSID: HKUS-1-5-21-3870363634-1779439790-3996191095-1002_ClassesCLSID{E31EA727-12ED-4702-820C-4B6445F28E1B} -> [dropbox-NamespaceExtensionRole.Business] => 

CustomCLSID: HKUS-1-5-21-3870363634-1779439790-3996191095-1002_ClassesCLSID{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}InprocServer32 -> C:UsersRobAppDataLocalGoogleUpdate1.3.36.112psuser_64.dll (Google LLC -> Google LLC)

CustomCLSID: HKUS-1-5-21-3870363634-1779439790-3996191095-1002_ClassesCLSID{E9E7529D-7F09-410B-AF2A-CC154473B19C}InprocServer32 -> C:UsersRobAppDataLocalGoogleUpdate1.3.35.452psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-3870363634-1779439790-3996191095-1002_ClassesCLSID{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}InprocServer32 -> C:UsersRobAppDataRoamingDropboxbinDropboxExt64.51.0.dll (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-3870363634-1779439790-3996191095-1002_ClassesCLSID{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}InprocServer32 -> C:UsersRobAppDataRoamingDropboxbinDropboxExt64.51.0.dll (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-3870363634-1779439790-3996191095-1002_ClassesCLSID{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}InprocServer32 -> C:UsersRobAppDataRoamingDropboxbinDropboxExt64.51.0.dll (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-3870363634-1779439790-3996191095-1002_ClassesCLSID{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}InprocServer32 -> C:UsersRobAppDataRoamingDropboxbinDropboxExt64.51.0.dll (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-3870363634-1779439790-3996191095-1002_ClassesCLSID{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}InprocServer32 -> C:UsersRobAppDataRoamingDropboxbinDropboxExt64.51.0.dll (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-3870363634-1779439790-3996191095-1002_ClassesCLSID{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}InprocServer32 -> C:UsersRobAppDataRoamingDropboxbinDropboxExt64.51.0.dll (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-3870363634-1779439790-3996191095-1002_ClassesCLSID{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}InprocServer32 -> C:UsersRobAppDataRoamingDropboxbinDropboxExt64.51.0.dll (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-3870363634-1779439790-3996191095-1002_ClassesCLSID{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}InprocServer32 -> C:UsersRobAppDataRoamingDropboxbinDropboxExt64.51.0.dll (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-3870363634-1779439790-3996191095-1002_ClassesCLSID{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}InprocServer32 -> C:UsersRobAppDataRoamingDropboxbinDropboxExt64.51.0.dll (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-3870363634-1779439790-3996191095-1002_ClassesCLSID{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}InprocServer32 -> C:UsersRobAppDataRoamingDropboxbinDropboxExt64.51.0.dll (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-3870363634-1779439790-3996191095-1002_ClassesCLSID{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}InprocServer32 -> C:UsersRobAppDataRoamingDropboxbinDropboxExt64.51.0.dll (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-3870363634-1779439790-3996191095-1002_ClassesCLSID{FBC9D74C-AF55-4309-9FB2-C426E071637F}InprocServer32 -> C:UsersRobAppDataRoamingDropboxbinDropboxExt64.51.0.dll (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [“DropboxExt1”] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:UsersRobAppDataRoamingDropboxbinDropboxExt64.51.0.dll [2021-10-10] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [“DropboxExt2”] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:UsersRobAppDataRoamingDropboxbinDropboxExt64.51.0.dll [2021-10-10] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [“DropboxExt3”] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:UsersRobAppDataRoamingDropboxbinDropboxExt64.51.0.dll [2021-10-10] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [“DropboxExt4”] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:UsersRobAppDataRoamingDropboxbinDropboxExt64.51.0.dll [2021-10-10] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [“DropboxExt5”] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:UsersRobAppDataRoamingDropboxbinDropboxExt64.51.0.dll [2021-10-10] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [“DropboxExt6”] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:UsersRobAppDataRoamingDropboxbinDropboxExt64.51.0.dll [2021-10-10] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [“DropboxExt7”] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:UsersRobAppDataRoamingDropboxbinDropboxExt64.51.0.dll [2021-10-10] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [“DropboxExt8”] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:UsersRobAppDataRoamingDropboxbinDropboxExt64.51.0.dll [2021-10-10] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:Program Files (x86)AVGAntivirusashShell.dll [2021-11-09] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:Program Files (x86)AVGAntivirusashShell.dll [2021-11-09] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2010-11-19] (Igor Pavlov) [File not signed]

ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:Program Files (x86)AVGAntivirusashShell.dll [2021-11-09] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:Program Files (x86)Common FilesCyberLinkShellExtComponentCLVDShellExt.dll [2013-01-29] (CyberLink -> Cyberlink)

ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:Program Files (x86)Common FilesCyberLinkShellExtComponentCLVDShellExt.dll [2013-01-29] (CyberLink -> Cyberlink)

ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:Program Files (x86)AVGAntivirusashShell.dll [2021-11-09] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2010-11-19] (Igor Pavlov) [File not signed]

ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:Program FilesAMDCNextCNextatiacm64.dll [2020-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:Program Files (x86)AVGAntivirusashShell.dll [2021-11-09] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

ContextMenuHandlers1_S-1-5-21-3870363634-1779439790-3996191095-1002: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:UsersRobAppDataRoamingDropboxbinDropboxExt64.51.0.dll [2021-10-10] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers4_S-1-5-21-3870363634-1779439790-3996191095-1002: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:UsersRobAppDataRoamingDropboxbinDropboxExt64.51.0.dll [2021-10-10] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers5_S-1-5-21-3870363634-1779439790-3996191095-1002: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:UsersRobAppDataRoamingDropboxbinDropboxExt64.51.0.dll [2021-10-10] (Dropbox, Inc -> Dropbox, Inc.)

 

==================== Codecs (Whitelisted) ====================

 

==================== Shortcuts & WMI ========================

 

(The entries could be listed to be restored or removed.)

 

Shortcut: C:UsersRobFavoritesNCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm

ShortcutWithArgument: C:UsersRobAppDataLocalMicrosoftWindowsApplication ShortcutsMicrosoft.InternetExplorer.Default9176798760.lnk -> C:Program FilesInternet Exploreriexplore.exe (Microsoft Corporation) -> -pinnedSite -contentTile -formatVersion 0x00000002 -pinnedTimeLow 0x144fcef9 -pinnedTimeHigh 0x01cea7b4 -securityFlags 0x00000000 -url 0x00000019 hxxps://www.facebook.com/

 

==================== Loaded Modules (Whitelisted) =============

 

2014-09-01 12:51 – 2009-02-27 17:38 – 000139264 ____R () [File not signed] C:Program Files (x86)BrotherBrUtilitiesBrLogAPI.dll

2010-09-16 19:03 – 2010-09-16 19:03 – 000684032 ____R () [File not signed] C:Program Files (x86)SoftlandBackup4all Professional 4LIBEAY32.dll

2011-01-19 11:48 – 2011-01-19 11:48 – 000558133 ____R () [File not signed] C:Program Files (x86)SoftlandBackup4all Professional 4sqlite3.dll

2010-09-16 19:03 – 2010-09-16 19:03 – 000155648 ____R () [File not signed] C:Program Files (x86)SoftlandBackup4all Professional 4ssleay32.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 000017920 _____ () [File not signed] C:Program FilesAMDCNextCNextlibEGL.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 003567616 _____ () [File not signed] C:Program FilesAMDCNextCNextlibGLESv2.dll

2020-08-21 13:19 – 2020-08-21 13:19 – 001562624 _____ (Advanced Micro Devices, Inc.) [File not signed] C:Program FilesAMDWVROpenVRbinwin64driver_amdwvr.dll

2014-09-01 12:52 – 2013-06-12 20:06 – 000385024 ____R (Brother Industries, Ltd.) [File not signed] C:Program Files (x86)Browny02BrMonitor.dll

2014-09-01 12:52 – 2010-09-29 18:07 – 000180224 ____N (Brother Industries, Ltd.) [File not signed] C:Program Files (x86)Browny02BroSNMP.dll

2014-09-01 12:52 – 2011-02-28 12:32 – 000208896 ____N (Brother Industries, Ltd.) [File not signed] C:Program Files (x86)Browny02BrotherBrFirmUpdateCheck.dll

2014-09-01 12:52 – 2013-10-10 22:55 – 002040320 ____N (Brother Industries, Ltd.) [File not signed] C:Program Files (x86)Browny02BrotherBrStMonWRes.dll

2010-11-19 17:08 – 2010-11-19 17:08 – 000086016 _____ (Igor Pavlov) [File not signed] C:Program Files7-Zip7-zip.dll

2013-07-13 00:01 – 2013-07-13 00:01 – 000348160 ____N (Microsoft Corporation) [File not signed] C:Program Files (x86)CyberLinkPowerDVD10MSVCR71.dll

2010-09-16 19:03 – 2010-09-16 19:03 – 000110592 ____R (Prolific Technology Inc.) [File not signed] C:Program Files (x86)SoftlandBackup4all Professional 4PLX507.dll

2010-09-16 19:03 – 2010-09-16 19:03 – 001547264 ____R (Softland) [File not signed] C:Program Files (x86)SoftlandBackup4all Professional 4bckEmail.dll

2012-05-03 13:31 – 2012-05-03 13:31 – 000151552 _____ (Softland) [File not signed] C:Program Files (x86)SoftlandBackup4all Professional 4LINKSOTBLink.dll

2012-05-03 13:31 – 2012-05-03 13:31 – 000156672 _____ (Softland) [File not signed] C:Program Files (x86)SoftlandBackup4all Professional 4LINKSOTBSATALink.dll

2013-09-08 21:28 – 2012-05-03 13:31 – 000193536 _____ (Softland) [File not signed] C:UsersRobAppDataRoamingSoftlandBackup4all Professional 4PluginsMicrosoftOutlookSources.dll

2013-09-08 21:28 – 2012-05-03 13:31 – 000177152 _____ (Softland) [File not signed] C:UsersRobAppDataRoamingSoftlandBackup4all Professional 4PluginsOutlookExpressSources.dll

2010-09-16 19:03 – 2010-09-16 19:03 – 000176128 ____R (Sunplus Technology Inc.) [File not signed] C:Program Files (x86)SoftlandBackup4all Professional 4SP216.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 000031744 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqgif.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 000039424 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqicns.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 000031744 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqico.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 000413696 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqjpeg.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 000025088 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqsvg.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 000025088 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqtga.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 000023552 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqwbmp.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 000519168 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsimageformatsqwebp.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 001431040 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsplatformsqwindows.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 001180672 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginssqldriversqsqlite.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 000135680 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextpluginsstylesqwindowsvistastyle.dll

2020-08-21 13:28 – 2020-08-21 13:28 – 006010880 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Core.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 006345216 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Gui.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 001078272 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Network.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 000313856 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Positioning.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 004000256 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Qml.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 003802624 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Quick.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 000171008 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5QuickControls2.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 001083904 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5QuickTemplates2.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 000205312 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Sql.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 000329728 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Svg.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 000113152 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5WebChannel.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 000376320 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5WebEngine.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 092323328 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5WebEngineCore.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 005560832 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Widgets.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 000463360 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5WinExtras.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 000188416 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5Xml.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 002888704 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQt5XmlPatterns.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 000053760 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtGraphicalEffectsprivateqtgraphicaleffectsprivate.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 000059392 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtGraphicalEffectsqtgraphicaleffectsplugin.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 000017408 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuick.2qtquick2plugin.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 000287232 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickControls.2qtquickcontrols2plugin.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 000329216 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickControlsqtquickcontrolsplugin.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 000136192 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickDialogsdialogplugin.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 000089088 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickLayoutsqquicklayoutsplugin.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 000312320 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickTemplates.2qtquicktemplates2plugin.dll

2020-07-14 17:32 – 2020-07-14 17:32 – 000017920 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtQuickWindow.2windowplugin.dll

2020-08-21 13:28 – 2020-08-21 13:28 – 000085504 _____ (The Qt Company Ltd.) [File not signed] C:Program FilesAMDCNextCNextQtWebEngineqtwebengineplugin.dll

 

==================== Alternate Data Streams (Whitelisted) ========

 

(If an entry is included in the fixlist, only the ADS will be removed.)

 

AlternateDataStreams: C:ProgramDataTemp:21654C57 [171]

 

==================== Safe Mode (Whitelisted) ==================

 

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

 

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalavgSP.sys => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkavgSP.sys => “”=”Driver”

 

==================== Association (Whitelisted) =================

 

==================== Internet Explorer (Whitelisted) ==========

 

HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = hxxp://g.jp.msn.com/HPALL13/15

HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = hxxp://g.jp.msn.com/HPALL13/15

HKUS-1-5-21-3870363634-1779439790-3996191095-1002SoftwareMicrosoftInternet ExplorerMain,Start Page = hxxps://www.google.co.nz/

HKUS-1-5-21-3870363634-1779439790-3996191095-1002SoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = hxxp://g.jp.msn.com/HPALL13/15

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS

SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

SearchScopes: HKUS-1-5-21-3870363634-1779439790-3996191095-1002 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={736A6049-B09B-4019-919D-449BD5D420D5}&mid=3c3c528e48ee47d3a1eb71015ae4dc8d-c85ce77bd04a77a37d883645313696788573d964&lang=en&ds=AVG&coid=avgtbavg&cmpid=1015tb&pr=fr&d=2014-11-08 08:58:41&v=4.3.7.452&pid=wtu&sg=&sap=dsp&q={searchTerms}

SearchScopes: HKUS-1-5-21-3870363634-1779439790-3996191095-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS

SearchScopes: HKUS-1-5-21-3870363634-1779439790-3996191095-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={736A6049-B09B-4019-919D-449BD5D420D5}&mid=3c3c528e48ee47d3a1eb71015ae4dc8d-c85ce77bd04a77a37d883645313696788573d964&lang=en&ds=AVG&coid=avgtbavg&cmpid=1015tb&pr=fr&d=2014-11-08 08:58:41&v=4.3.7.452&pid=wtu&sg=&sap=dsp&q={searchTerms}

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:Program FilesMicrosoft Office 15rootVFSProgramFilesX64Microsoft OfficeOffice15OCHelper.dll [2021-05-21] (Microsoft Corporation -> Microsoft Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:Program FilesMicrosoft Office 15rootVFSProgramFilesX64Microsoft OfficeOffice15GROOVEEX.DLL [2021-05-21] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:Program Files (x86)Hewlett-PackardHP Support FrameworkResourcesHPNetworkCheckHPNetworkCheckPlugin.dll [2012-07-10] (Hewlett-Packard Company -> Hewlett-Packard)

Handler-x32: osf – {D924BDC6-C83A-4BD5-90D0-095128A113D1} – C:Program FilesMicrosoft Office 15rootOffice15MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation)

 

==================== Hosts content: =========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2013-08-23 02:25 – 2020-03-18 07:22 – 000000826 _____ C:WINDOWSsystem32driversetchosts

 

==================== Other Areas ===========================

 

(Currently there is no automatic fix for this section.)

 

HKUS-1-5-21-3870363634-1779439790-3996191095-1002Control PanelDesktop\Wallpaper -> C:UsersRobAppDataLocalMicrosoftWindowsThemesRoamedThemeFilesDesktopBackgroundimg0.jpg

DNS Servers: 192.168.1.1

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorer => (SmartScreenEnabled: RequireAdmin)

HKLMsoftwaremicrosoftWindowsCurrentVersionTelephonyProviders => ProviderFileName2 -> ndptsp.tsp (No File)

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

==================== FirewallRules (Whitelisted) ================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [{CB89595D-21FA-4851-A758-B1008F4C0AB5}] => (Allow) C:Program Files (x86)SkypePhoneSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{646184C6-CDFB-4ECF-9D4D-46045E035562}] => (Allow) C:Program Files (x86)SoftlandBackup4all Professional 4b4aCmd.exe (Softland S.R.L. -> Softland)

FirewallRules: [{B7B3B2E1-AE58-4606-AED7-DE0740AEE035}] => (Allow) C:Program Files (x86)SoftlandBackup4all Professional 4Backup4all.exe (Softland S.R.L. -> Softland)

FirewallRules: [{AACCF27B-C9D4-4043-B819-695C264CF11A}] => (Allow) C:Program Files (x86)CyberLinkPowerDirector10PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)

FirewallRules: [{098745B9-59CD-43C1-9591-07DAA09CAF88}] => (Allow) C:Program Files (x86)CyberLinkPowerDVD10PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)

FirewallRules: [{2A738626-1808-4608-B04C-026E4F42B171}] => (Allow) C:Program Files (x86)BonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{B893E1D6-9A54-4A61-B7E5-B6087B83717A}] => (Allow) C:Program Files (x86)BonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{ABF9CF90-369E-4F76-8799-636BF0CEA88D}] => (Allow) C:Program FilesBonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{1DFA4E24-776D-4DBD-A524-1141E815E98D}] => (Allow) C:Program FilesBonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{AD8C1573-93EB-446D-935F-F37570B23524}] => (Allow) LPort=1900

FirewallRules: [{5631B785-B6A7-4AEC-8346-81DC6558B03B}] => (Allow) LPort=2869

FirewallRules: [{5072D25B-0ADD-4DF0-AE6B-1621AD703067}] => (Allow) C:Program Files (x86)Windows LiveContactswlcomm.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{4D9E0894-60DD-413E-9332-2EDB5A66E73E}] => (Allow) C:Program FilesMicrosoft Office 15rootOffice15outlook.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{D1C57694-15E9-4032-8A02-A3A0B21EC05E}] => (Allow) C:Program Files (x86)TeamViewerVersion9TeamViewer.exe (TeamViewer -> TeamViewer GmbH)

FirewallRules: [{15B726C4-CE8E-4E8C-8C15-E738238EDD7C}] => (Allow) C:Program Files (x86)TeamViewerVersion9TeamViewer.exe (TeamViewer -> TeamViewer GmbH)

FirewallRules: [{7EDD48F5-F73F-41DB-BBDA-DAA36A6B0D38}] => (Allow) C:Program Files (x86)TeamViewerVersion9TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)

FirewallRules: [{848C2DC5-8703-4A50-B051-126CACD42DC9}] => (Allow) C:Program Files (x86)TeamViewerVersion9TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)

FirewallRules: [{A0002499-D3DD-4768-B1C6-074E2C0BA86B}] => (Allow) C:UsersRobAppDataRoamingDropboxbinDropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

FirewallRules: [{E117C027-94B2-4FB6-A7F9-03725D80D543}] => (Allow) C:UsersRobAppDataRoamingDropboxbinDropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

FirewallRules: [TCP Query User{5381B58F-A172-46AF-9BFC-9CB1F19AC88C}C:usersrobappdataroamingdropboxbindropbox.exe] => (Block) C:usersrobappdataroamingdropboxbindropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

FirewallRules: [UDP Query User{94289302-CFB4-4AE3-94F8-CFEE1A2669A3}C:usersrobappdataroamingdropboxbindropbox.exe] => (Block) C:usersrobappdataroamingdropboxbindropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

FirewallRules: [TCP Query User{7607145F-3F38-4F45-8C61-3D6A6A80D308}C:usersrobappdatalocalskypeplugin7.17.0.44pluginhost.exe] => (Allow) C:usersrobappdatalocalskypeplugin7.17.0.44pluginhost.exe (Microsoft Corporation -> Skype Technologies S.A.)

FirewallRules: [UDP Query User{3E98D13B-ECAF-4D7F-9CAD-D43C9E219AF4}C:usersrobappdatalocalskypeplugin7.17.0.44pluginhost.exe] => (Allow) C:usersrobappdatalocalskypeplugin7.17.0.44pluginhost.exe (Microsoft Corporation -> Skype Technologies S.A.)

FirewallRules: [{98176F27-2F5E-4846-AFDC-10CBC15D989B}] => (Block) C:Program Files (x86)AVGAntivirusAVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

FirewallRules: [{ECE23D56-B05B-46DA-A36D-76876C0B8E92}] => (Block) C:Program Files (x86)AVGAntivirusAVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

FirewallRules: [{08869F5C-A3F2-43B8-9990-E42990454AC3}] => (Block) C:Program Files (x86)AVGAntivirusAVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

FirewallRules: [{59D35EB4-2BE0-4A6B-8809-A082E98192AB}] => (Block) C:Program Files (x86)AVGAntivirusAVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

FirewallRules: [{15CC3AC2-16D1-40FE-B933-4393D6D49C83}] => (Block) C:Program Files (x86)AVGAntivirusAVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

FirewallRules: [{268092D2-9399-4F0C-BDC8-856144C9D92D}] => (Block) C:Program Files (x86)AVGAntivirusAVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

FirewallRules: [{96D5A3E9-9D2F-4561-8519-A1C19BE12B97}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{CE5B23E9-4405-4D76-8552-E066AB37236D}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{086970E9-46CC-4003-B073-D49E848BB705}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{01A76914-6626-4F64-86D5-5CC0CC95605F}] => (Allow) C:Program FilesWindowsAppsMicrosoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5cSkypeSkype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{9351DAE8-FB59-40BC-A56C-13A128E0C0BD}] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

FirewallRules: [{9D39ABD1-F87B-43A4-8299-8FCF3F832C97}] => (Block) C:Program Files (x86)AVGAntivirusAVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

FirewallRules: [{A56EB812-56D3-4899-82F6-66531E0855C0}] => (Block) C:Program Files (x86)AVGAntivirusAVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

 

==================== Restore Points =========================

 

19-11-2021 08:27:14 Scheduled Checkpoint

05-12-2021 19:19:53 Scheduled Checkpoint

 

==================== Faulty Device Manager Devices ============

 

 

==================== Event log errors: ========================

 

Application errors:

==================

Error: (12/05/2021 07:20:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

 

Details:

AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

 

System Error:

Access is denied.

.

 

Error: (12/05/2021 07:19:29 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )

Description: The storage optimizer couldn’t complete retrim on RECOVERY (D:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

 

Error: (12/05/2021 07:19:28 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )

Description: The storage optimizer couldn’t complete retrim on Windows (C:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

 

Error: (12/05/2021 05:00:57 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program Music.UI.exe version 10.21102.1141.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

 

Process ID: 1e1c

 

Start Time: 01d7e98b165676ab

 

Termination Time: 4294967295

 

Application Path: C:Program FilesWindowsAppsMicrosoft.ZuneMusic_10.21102.11411.0_x64__8wekyb3d8bbweMusic.UI.exe

 

Report Id: 3e34811a-71a1-4e03-9ce1-27ec8a4f5746

 

Faulting package full name: Microsoft.ZuneMusic_10.21102.11411.0_x64__8wekyb3d8bbwe

 

Faulting package-relative application ID: Microsoft.ZuneMusic

 

Hang type: Navigation

 

Error: (12/05/2021 04:22:13 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: svchost.exe_FrameServer, version: 10.0.19041.546, time stamp: 0x058e175a

Faulting module name: KERNELBASE.dll, version: 10.0.19041.1348, time stamp: 0x76fcd692

Exception code: 0xc00d4e24

Fault offset: 0x000000000010b302

Faulting process id: 0x2170

Faulting application start time: 0x01d7e9872a3e625f

Faulting application path: C:WINDOWSSystem32svchost.exe

Faulting module path: C:WINDOWSSystem32KERNELBASE.dll

Report Id: ea63dc81-56f3-474a-b544-0924ed1b1e66

Faulting package full name: 

Faulting package-relative application ID:

 

Error: (12/05/2021 04:00:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Local Hostname MarkwellKennels.local already in use; will try MarkwellKennels-2.local instead

 

Error: (12/05/2021 04:00:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 MarkwellKennels.local. Addr 169.254.227.5

 

Error: (12/05/2021 04:00:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: mDNSCoreReceiveResponse: Received from 169.254.227.5:5353   16 MarkwellKennels.local. AAAA 2407:7000:9837:4500:0000:0000:0000:0002

 

 

System errors:

=============

Error: (12/05/2021 07:28:56 PM) (Source: DCOM) (EventID: 10029) (User: MARKWELLKENNELS)

Description: The activation of the CLSID {4991D34B-80A1-4291-83B6-3328366B9097} timed out waiting for the service BITS to stop.

 

Error: (12/05/2021 07:24:55 PM) (Source: DCOM) (EventID: 10029) (User: MARKWELLKENNELS)

Description: The activation of the CLSID {4991D34B-80A1-4291-83B6-3328366B9097} timed out waiting for the service BITS to stop.

 

Error: (12/05/2021 07:20:54 PM) (Source: DCOM) (EventID: 10029) (User: NT AUTHORITY)

Description: The activation of the CLSID {4991D34B-80A1-4291-83B6-3328366B9097} timed out waiting for the service BITS to stop.

 

Error: (12/05/2021 07:16:53 PM) (Source: DCOM) (EventID: 10029) (User: MARKWELLKENNELS)

Description: The activation of the CLSID {F087771F-D74F-4C1A-BB8A-E16ACA9124EA} timed out waiting for the service BITS to stop.

 

Error: (12/05/2021 07:12:51 PM) (Source: DCOM) (EventID: 10029) (User: MARKWELLKENNELS)

Description: The activation of the CLSID {4991D34B-80A1-4291-83B6-3328366B9097} timed out waiting for the service BITS to stop.

 

Error: (12/05/2021 07:08:50 PM) (Source: DCOM) (EventID: 10029) (User: NT AUTHORITY)

Description: The activation of the CLSID {4991D34B-80A1-4291-83B6-3328366B9097} timed out waiting for the service BITS to stop.

 

Error: (12/05/2021 07:04:49 PM) (Source: DCOM) (EventID: 10029) (User: MARKWELLKENNELS)

Description: The activation of the CLSID {6D18AD12-BDE3-4393-B311-099C346E6DF9} timed out waiting for the service BITS to stop.

 

Error: (12/05/2021 07:00:48 PM) (Source: DCOM) (EventID: 10029) (User: MARKWELLKENNELS)

Description: The activation of the CLSID {4991D34B-80A1-4291-83B6-3328366B9097} timed out waiting for the service BITS to stop.

 

 

CodeIntegrity:

===============

Date: 2021-12-05 16:31:07

Description: 

Code Integrity determined that a process (DeviceHarddiskVolume4Program Files (x86)AVGAntivirusAVGSvc.exe) attempted to load DeviceHarddiskVolume4Program Files (x86)AVGAntivirussetupuat_3156.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

Date: 2021-12-05 16:30:37

Description: 

Code Integrity determined that a process (DeviceHarddiskVolume4Program FilesWindows DefenderMpCmdRun.exe) attempted to load DeviceHarddiskVolume4Program Files (x86)AVGAntivirusaswAMSI.dll that did not meet the Microsoft signing level requirements.

 

Date: 2021-12-05 16:30:32

Description: 

Code Integrity determined that a process (DeviceHarddiskVolume4WindowsSystem32svchost.exe) attempted to load DeviceHarddiskVolume4Program Files (x86)AVGAntivirusaswAMSI.dll that did not meet the Windows signing level requirements.

 

 

==================== Memory info =========================== 

 

BIOS: Insyde F.14 06/03/2013

Motherboard: Hewlett-Packard 2139

Processor: AMD A6-5200 APU with Radeon™ HD Graphics 

Percentage of memory in use: 68%

Total physical RAM: 3549.01 MB

Available physical RAM: 1103.66 MB

Total Virtual: 7901.01 MB

Available Virtual: 2333.09 MB

 

==================== Drives ================================

 

Drive c: (Windows) (Fixed) (Total:439.32 GB) (Free:309.33 GB) NTFS ==>[system with boot components (obtained from drive)]

Drive d: (RECOVERY) (Fixed) (Total:23.58 GB) (Free:0.84 GB) NTFS ==>[system with boot components (obtained from drive)]

 

\?Volume{83e9580b-be52-43a4-9bff-fd45072c0eab} (WINRE) (Fixed) (Total:0.39 GB) (Free:0.13 GB) NTFS

\?Volume{7d876300-a0de-4442-806f-ee1b96c31d66} () (Fixed) (Total:1.75 GB) (Free:0.86 GB) NTFS

\?Volume{97580feb-aeca-4691-99d1-380a4f1874d9} () (Fixed) (Total:0.34 GB) (Free:0.3 GB) NTFS

\?Volume{38368b00-1e80-4a7a-9db4-565b184c25b9} () (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32

 

==================== MBR & Partition Table ====================

 

==========================================================

Disk: 0 (Size: 465.8 GB) (Disk ID: B0C0F406)

 

Partition: GPT.

 

==================== End of Addition.txt =======================

 

 


https://www.bleepingcomputer.com/forums/t/764609/hp-pavilion-laptop-lots-of-hdd-activity-very-slow/

Erlando F Rasatro

Next Post

How to use the minimal hosting model in ASP.NET Core 6

Mon Jan 24 , 2022
ASP.NET Core 6 has introduced a new hosting model that is much more simplified and streamlined, reducing the amount of boilerplate code you need to write to get your ASP.NET Core application up and running. This article introduces this new hosting model with relevant code examples wherever appropriate. To work […]