Ok, here is FRST.txt:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.04.2024 01
Ran by Dave (administrator) on DAVE-PC (03-05-2024 17:27:41)
Running from C:\Users\Dave\Desktop\FRST64.exe
Loaded Profiles: Dave
Platform: Microsoft Windows 10 Pro Version 22H2 19045.4355 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(C:\Program Files (x86)\Airlink101\Airlink101 WLAN Monitor\RtlService.exe ->) (Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Airlink101\Airlink101 WLAN Monitor\RtWLan.exe
(C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\1.3.863.1\DropboxCrashHandler.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe ->) (Plex, Inc. -> ) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
(C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe ->) (Plex, Inc. -> ) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(C:\Program Files\Google\Drive File Stream\90.0.3.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\90.0.3.0\crashpad_handler.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(conhost.exe ->) (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <8>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <9>
(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\90.0.3.0\GoogleDriveFS.exe <7>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_866484083fc526af\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(services.exe ->) (Realtek) [File not signed] C:\Program Files (x86)\Airlink101\Airlink101 WLAN Monitor\RtlService.exe
(services.exe ->) (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(services.exe ->) (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(services.exe ->) (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(services.exe ->) (voidtools -> voidtools) C:\Program Files\Everything\Everything.exe
(services.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files\Common Files\Zoom\Support\CptService.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (INNOVATIVE SOLUTIONS GRUP SRL -> Innovative Solutions GRUP SRL) C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\uninstaller.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2401.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2403.5.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [367456 2023-11-28] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11551624 2024-05-01] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5109624 2023-01-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\90.0.3.0\GoogleDriveFS.exe [60567840 2024-04-27] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\90.0.3.0\GoogleDriveFS.exe [60567840 2024-04-27] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-4182419237-4015324695-3907471336-1000\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [26066696 2024-03-14] (Plex, Inc. -> Plex, Inc.)
HKU\S-1-5-21-4182419237-4015324695-3907471336-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\90.0.3.0\GoogleDriveFS.exe [60567840 2024-04-27] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-4182419237-4015324695-3907471336-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [6975864 2023-01-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKU\S-1-5-21-4182419237-4015324695-3907471336-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45380000 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-4182419237-4015324695-3907471336-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [11247648 2024-04-21] (RealDefense LLC -> SUPERAntiSpyware)
HKU\S-1-5-21-4182419237-4015324695-3907471336-1000\...\Run: [MicrosoftEdgeAutoLaunch_525658F00744E14F17037BCCD3CC786D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [4081192 2024-05-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4182419237-4015324695-3907471336-500\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (No File)
HKU\S-1-5-21-4182419237-4015324695-3907471336-500\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\90.0.3.0\GoogleDriveFS.exe [60567840 2024-04-27] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-4182419237-4015324695-3907471336-500\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-4182419237-4015324695-3907471336-500\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\90.0.3.0\GoogleDriveFS.exe [60567840 2024-04-27] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [26066696 2024-03-14] (Plex, Inc. -> Plex, Inc.)
HKLM\...\Print\Monitors\HP 0853 Status Monitor: C:\WINDOWS\system32\hpinksts0853LM.dll [476856 2019-03-15] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\HP C611 Status Monitor: C:\WINDOWS\system32\hpinkstsC611LM.dll [333344 2013-05-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP ENVY 5000 series): C:\WINDOWS\system32\HPDiscoPM0853.dll [987040 2019-03-18] (HP Inc -> HP Inc.)
HKLM\Software\...\AppCompatFlags\Custom\iexplore.exe: [{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb] -> Internet Explorer (Enable DEP)
HKLM\Software\...\AppCompatFlags\InstalledSDB\{a9264802-8a7a-40fe-a135-5c6d204aed7a}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb [2011-12-19]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\124.0.6367.119\Installer\chrmstp.exe [2024-05-03] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {4B868A5A-309C-4B26-8510-45FEAEEBDD39} - System32\Tasks\{FD54965B-CC62-49DD-B566-0FB9EC51EB21} => C:\Windows\System32\pcalua.exe [53760 2023-11-15] (Microsoft Windows -> Microsoft Corporation) -> -a C:\Users\Dave\Desktop\ENGLISH\Driver\Inst\ENGLISH\setup.exe -d C:\Users\Dave\Desktop\ENGLISH\Driver\Inst\ENGLISH
Task: {DFCD6C2B-3897-4B02-97C2-7AC16B827023} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {941B174E-0870-49FD-89D9-D12D31D41760} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {93BBBB91-41ED-40D4-AC8A-80E778716B1F} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [302968 2023-11-17] (Now.gg, INC -> BlueStack Systems, Inc.)
Task: {E88A9596-EE2F-4093-A61C-56FCA62C2893} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {415D11DF-2D38-47EC-8E0D-B72054A94B7F} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "1e19de12-5a41-46bc-b82b-e4e77ac56060" --version "6.23.11010" --silent
Task: {0CCB9D4C-FA40-4825-B33F-C5914611F588} - System32\Tasks\CCleanerSkipUAC - Dave => C:\Program Files\CCleaner\CCleaner.exe [39118752 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {DDD5A1FC-AEA1-42EE-AF98-2AEF1B1C866D} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5672240 2024-05-01] (Microsoft Windows -> Microsoft Corporation)
Task: {CD166542-F4D9-4FAC-812B-963A101BEE40} - System32\Tasks\Driver Booster SkipUAC (Dave) => "C:\Program Files (x86)\IObit\Driver Booster\11.0.0\DriverBooster.exe" /skipuac (No File)
Task: {1B36D84A-2374-42A4-97C9-E52C14743354} - System32\Tasks\Driver Booster Update => "C:\Program Files (x86)\IObit\Driver Booster\11.0.0\AutoUpdate.exe" /auto (No File)
Task: {6A375C80-2380-48EB-B719-CC2A21488DF8} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [4036480 2023-06-06] (Easeware Technology Limited -> Easeware) -> C:\Program Files\Easeware\DriverEasy\--scan
Task: {C5E29409-A453-4712-ADED-CE411BA4AA2C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-10] (Dropbox, Inc -> Dropbox, Inc.)
Task: {325E84FF-A85B-4A4C-B566-8E84D86A8297} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-10] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F32E5FAB-96F5-4089-B997-AF71FC138FC6} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem126.0.6441.0{C34C7799-B7DD-4786-B4F2-31BBE57956B0} => C:\Program Files (x86)\Google\GoogleUpdater\126.0.6441.0\updater.exe [4789536 2024-04-26] (Google LLC -> Google LLC)
Task: {2F40F489-3391-456A-AE87-7F2ED37ABE73} - System32\Tasks\Health-Check => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe [6854344 2023-04-20] (INNOVATIVE SOLUTIONS GRUP SRL -> Innovative Solutions)
Task: {D82E3D48-16D1-433F-8335-57803A159015} - System32\Tasks\Health-Check-deep => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe [6854344 2023-04-20] (INNOVATIVE SOLUTIONS GRUP SRL -> Innovative Solutions)
Task: {3F877861-7CC3-4D44-B8BB-B21139C5195B} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64464 2024-03-07] (HP Inc. -> HP Inc.)
Task: {2E73767F-4AC5-4CAD-AA2E-6FA24787E7C8} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64464 2024-03-07] (HP Inc. -> HP Inc.)
Task: {8322D888-280B-466F-AD72-0CA25B41BC45} - System32\Tasks\HPCustPartic.exe_{A9B495E6-E826-4F50-97A5-032272AB3E58} => C:\Program Files\HP\HP ENVY 5000 series\Bin\HPCustPartic.exe [6666840 2022-06-16] (HP Inc. -> HP Inc.)
Task: {1D0C96DD-8C6B-42BB-B762-1F164072629F} - System32\Tasks\HPCustParticipation HP ENVY 5000 series => C:\Program Files\HP\HP ENVY 5000 series\Bin\HPCustPartic.exe [6666840 2022-06-16] (HP Inc. -> HP Inc.)
Task: {493CA380-C4C0-4F5B-8E87-3E3736DA7106} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges (No File)
Task: {67FEBD2C-00B8-4088-8722-C0E619675FFB} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => %windir%\system32\sipnotify.exe -LogonOrUnlock (No File)
Task: {096904DC-4194-4ECF-B773-68CAE46BA45A} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => %windir%\system32\sipnotify.exe -Daily (No File)
Task: {FD1AC3FB-F420-45A1-9C95-521055A59BC2} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch (No File)
Task: {5B28B241-5329-4026-A326-ADF510444C52} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (No File)
Task: {D57E5365-BB8B-471D-A7DA-CC1D6B58B7BB} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (No File)
Task: {069BD4D8-2593-40CF-B3AE-E1292D13B17C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe /DRMInit (No File)
Task: {2ABC0882-5F8B-4489-AFC2-2FCABB6CCFB6} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (No File)
Task: {08EA6DBA-60B8-4BE3-B61D-30D0A234A9FA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate $(Arg0) (No File)
Task: {D796E70E-A3B2-498E-B46E-5FDCACF0571E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask (No File)
Task: {4CACF05D-5EA3-4484-86C4-654473548659} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask (No File)
Task: {7A071A03-0F85-4AB0-A056-D149DD8BBACA} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate (No File)
Task: {A3B3620B-494D-493A-88CB-AD136F949375} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (No File)
Task: {99456242-E155-4444-B6A1-2C2353B77678} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery (No File)
Task: {2E9572EE-E4F6-4E7E-BF55-4E26494045F4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (No File)
Task: {E2FBF8C3-C68D-4E93-84E8-2366FD125899} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (No File)
Task: {FF5876C5-4EFB-49E8-9D80-1B89D2717DE3} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe -pscn 0 (No File)
Task: {BB6E729F-9653-43F8-A5FB-02FD38E777E6} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask (No File)
Task: {92CEC713-5199-4946-9AAE-F610BD442836} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe -PvrSchedule (No File)
Task: {5F36ADB3-20A9-454D-ADCD-E39E74EF675B} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec /RestartRecording (No File)
Task: {9C61194E-54BF-4AE0-9FDA-39876A1DB0DF} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (No File)
Task: {8190DCFC-256D-438E-98A5-9F1745933597} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot (No File)
Task: {338ECEFE-E0EA-455E-9234-F71F36E78584} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask (No File)
Task: {BDA8A301-B92B-492B-BAD2-75488FF18606} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (No File)
Task: {9369BBC8-4A57-4A67-A10B-1FE6A1A2C1C2} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB}
Task: {500A976C-603C-42CF-91A0-2CE8A08066AA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {0F7CFD29-316A-4055-8288-33DE28F4A258} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {9ACB4B99-6459-4C3C-BC4C-53C4EAA21893} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {73ACFD01-D105-4D4F-9290-7DA6C7675159} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {EE0FE736-87AF-4B80-8DE9-FACC26A64EBE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {507785E3-6B72-4CF6-9AD5-BB36AA807E06} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {34807CC3-8BD0-455F-A2D5-EEE6C14E770C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1B06297C-4AD8-4FB2-BFC4-739AAAC9BE2C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Update => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0481C891-69DB-4BE1-B215-CB75542F2DB5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8FBF4108-1525-4D9D-AF78-22962B0BB15F} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674208 2023-11-16] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {177F6B9F-5D04-4E03-8C05-6624740BFD3C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [35232 2023-11-16] (Mozilla Corporation -> Mozilla Foundation)
Task: {41ED38DF-BB53-494A-8034-49AA0AB13C30} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-01] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {777492D2-6149-4DE1-8A08-83EF445583E6} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-01] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9FFD823A-65CC-4D8C-A94D-5D747D65F82B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-01] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {20D17AF5-8FEF-4EE6-8848-BAFA6276989A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-01] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {97E1C190-5DAA-40C3-9A62-3EB64613831C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-01] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {09021979-FAC0-4FF5-BBA0-05B0960506E0} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-01] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B694463C-A27B-4A9F-974E-5DF2DE13C6AD} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-01] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {753BC523-A924-4E65-BFA2-0D2B75CDD1DF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-01] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4FC122B3-712B-471F-AD11-D1C9E8C132E6} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-01] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5CDD4E97-AB3F-465C-A3F3-AE1D03CB1770} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4182419237-4015324695-3907471336-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {2E2132F2-F3AA-41A9-AA06-8744A399C049} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4182419237-4015324695-3907471336-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {8A36A838-4160-4129-A7F0-B6946B94849F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [5339512 2023-02-14] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {65659F3C-E07D-400C-B2B6-DFA494F0AA60} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [5659512 2023-02-14] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {B7AABF2A-BE29-4D72-B944-8833FF3ACA28} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [5839224 2023-02-14] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {EAA67B9E-D7F7-4480-A88A-00F260B75845} - System32\Tasks\Software Update => C:\Program Files (x86)\Glarysoft\Software Update\Software Update.exe [1023384 2023-11-28] (Glarysoft Ltd -> Glarysoft Ltd)
Task: {1DBF6FE4-3581-4937-98B4-934241C099D7} - System32\Tasks\Systweak Software Updater AppUpdate Scheduler => C:\Program Files (x86)\Systweak Software Updater\SystweakSoftwareUpdater.exe updatecheck (No File)
Task: {8A55307B-7731-448F-9DF9-73F3846F20D7} - System32\Tasks\Systweak Software Updater DBUpdate Scheduler => C:\Program Files (x86)\Systweak Software Updater\SystweakSoftwareUpdater.exe SSU_DBUpdate (No File)
Task: {B010E9C5-7CFC-4E16-A2ED-5E57EE95942A} - System32\Tasks\Systweak Software Updater Notifier => C:\Program Files (x86)\Systweak Software Updater\SystweakSoftwareUpdater.exe ssu_notifiernag (No File)
Task: {1BE79A07-E15B-43A2-B073-2A8C4961274F} - System32\Tasks\Systweak Software UpdaterNotifier => C:\Program Files (x86)\Systweak Software Updater\SSUNotifier.exe neweventtrigger (No File)
Task: {8E3D182C-B0C2-41BD-B072-41360EE178FC} - System32\Tasks\Systweak Software UpdaterNotifier_startup => C:\Program Files (x86)\Systweak Software Updater\SSUNotifier.exe startup (No File)
Task: {E8412613-E2EB-40DC-9CE4-89E79A23B3E6} - System32\Tasks\Systweak Software UpdaterNotifier_trigger => C:\Program Files (x86)\Systweak Software Updater\SSUNotifier.exe startup neweventtrigger (No File)
Task: {11B453D6-C9BA-4031-94DE-1AE4AB4FD297} - System32\Tasks\UninstallMonitor => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\uninstaller.exe [18164424 2023-04-20] (INNOVATIVE SOLUTIONS GRUP SRL -> Innovative Solutions GRUP SRL) -> C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\\-AUSCAN
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\Health-Check-deep.job => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
Task: C:\WINDOWS\Tasks\Health-Check.job => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{adc4a8a3-7941-4ef7-a488-dc84f6088265}: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{adc4a8a3-7941-4ef7-a488-dc84f6088265}: [DhcpDomain] home
Tcpip\..\Interfaces\{adc4a8a3-7941-4ef7-a488-dc84f6088265}\44166756: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{EB5A33E1-62AA-4BF6-9C6D-6E67CAAB6B05}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{EB5A33E1-62AA-4BF6-9C6D-6E67CAAB6B05}: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Dave\AppData\Local\Microsoft\Edge\User Data\Default [2024-05-03]
Edge Notifications: Default ->
hxxps://djst.orgEdge HomePage: Default ->
hxxp://google.com/Edge StartupUrls: Default -> "hxxp://google.com/"
Edge Extension: (PayPal Honey: Automatic Coupons & Cash Back) - C:\Users\Dave\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\amnbcmdbanbkjhnfoeceemmmdiepnbpp [2024-02-27]
Edge Extension: (Eno® from Capital One®) - C:\Users\Dave\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\clmkdohmabikagpnhjmgacbclihgmdje [2024-04-04]
Edge Extension: (Google Docs Offline) - C:\Users\Dave\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-01]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Dave\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-04-11]
Edge Extension: (WOT Website Security & Privacy Protection) - C:\Users\Dave\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\iiclaphjclecagpkkaacljnpcppnoibi [2023-01-05]
Edge Extension: (Chrome Remote Desktop) - C:\Users\Dave\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2023-01-05]
Edge Extension: (Edge relevant text changes) - C:\Users\Dave\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-23]
Edge Extension: (Capital One Shopping: Save Now) - C:\Users\Dave\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kiiaghlmeikbpmeabhilfphikfcefljn [2024-04-23]
Edge Profile: C:\Users\Dave\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2024-03-21]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: rvkvazm3.default-1674403214688
FF ProfilePath: C:\Users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\rvkvazm3.default-1674403214688 [2024-04-27]
FF HKLM\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi => not found
FF HKLM\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi => not found
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-04-10] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2023-11-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2023-11-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2023-11-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2023-11-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2023-11-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default [2024-04-25]
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR Extension: (Slides) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-23]
CHR Extension: (Docs) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-23]
CHR Extension: (Google Drive) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-23]
CHR Extension: (YouTube) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-23]
CHR Extension: (Sheets) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-23]
CHR Extension: (Google Docs Offline) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-26]
CHR Extension: (Gmail) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-09-22]
CHR Extension: (Chrome Media Router) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-01-26]
CHR Profile: C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-04-25]
CHR Profile: C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-05-03]
CHR Notifications: Profile 1 ->
hxxps://www.hp.com; hxxps://www.youtube.comCHR HomePage: Profile 1 ->
hxxp://google.com/CHR StartupUrls: Profile 1 -> "hxxp://google.com/"
CHR Extension: (WOT: Website Security & Safety Checker) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2024-04-14]
CHR Extension: (PayPal Honey: Automatic Coupons & Cash Back) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2024-04-01]
CHR Extension: (Foxit PDF Creator) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cifnddnffldieaamihfkhkdgnbhfmaci [2023-09-26]
CHR Extension: (Eno® from Capital One®) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\clmkdohmabikagpnhjmgacbclihgmdje [2024-04-05]
CHR Extension: (Google Docs Offline) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-21]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2022-12-07]
CHR Extension: (Capital One Shopping: Save Now) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2024-04-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\Dave\AppData\Local\Google\Chrome\User Data\System Profile [2024-04-25]
CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\ChromeAddin\ChromeAddin.crx <not found>
CHR HKU\S-1-5-21-4182419237-4015324695-3907471336-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Dave\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx <not found>
CHR HKU\S-1-5-21-4182419237-4015324695-3907471336-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\ChromeAddin\ChromeAddin.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2021-01-09] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103776 2023-11-09] (Apple Inc. -> Apple Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1085856 2024-04-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\124.0.6367.18\remoting_host.exe [74016 2024-03-26] (Google LLC -> Google LLC)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-10] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-10] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2024-05-01] (Dropbox, Inc -> Dropbox, Inc.)
S4 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-03-22] (Digital Wave Ltd -> Digital Wave Ltd.)
R2 Everything; C:\Program Files\Everything\Everything.exe [2265096 2023-05-25] (voidtools -> voidtools)
S3 FoxitPhantomPDFUpdateService; C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Editor\FoxitPDFEditorUpdateService.exe [2366048 2023-04-17] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2438128 2023-11-11] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S2 GoogleUpdaterInternalService126.0.6441.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6441.0\updater.exe [4789536 2024-04-26] (Google LLC -> Google LLC)
S2 GoogleUpdaterService126.0.6441.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6441.0\updater.exe [4789536 2024-04-26] (Google LLC -> Google LLC)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [234968 2024-03-07] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8887264 2024-05-02] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpDefenderCoreService.exe [1459968 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_866484083fc526af\Display.NvContainer\NVDisplay.Container.exe [1274992 2023-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [829208 2024-03-14] (Plex, Inc. -> Plex, Inc.)
R2 Realtek92SU; C:\Program Files (x86)\Airlink101\Airlink101 WLAN Monitor\RtlService.exe [40960 2009-02-05] (Realtek) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2737016 2023-02-14] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4588408 2023-02-14] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522200 2024-05-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe [3199648 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe [133576 2024-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZoomCptService; "C:\Program Files\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\Dave\AppData\Roaming\Zoom"
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2023-11-06] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [310672 2023-11-17] (Microsoft Windows Hardware Compatibility Publisher -> Bluestack System Inc.)
S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2023-11-06] (CHENGDU AOMEI Tech Co., Ltd. -> )
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-04-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2020-10-13] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-13] (Nvidia Corporation -> NVIDIA Corporation)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [18160 2023-08-25] (RealDefense, LLC -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [15600 2023-08-25] (RealDefense, LLC -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S3 usbscan; C:\WINDOWS\System32\drivers\usbscan.sys [49664 2022-07-15] (Microsoft Corporation) [File not signed]
R3 VClone; C:\WINDOWS\System32\drivers\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20936 2024-04-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601376 2024-04-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105760 2024-04-10] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-05-03 17:27 - 2024-05-03 17:30 - 000049875 _____ C:\Users\Dave\Desktop\FRST.txt
2024-05-03 15:10 - 2024-05-03 15:14 - 000260802 _____ C:\WINDOWS\ntbtlog.txt
2024-05-02 14:08 - 2024-05-02 14:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2024-05-02 08:25 - 2024-05-02 08:25 - 002289580 _____ C:\Users\Dave\Downloads\wp_E_202407 (1)c.pdf
2024-05-01 23:33 - 2024-05-01 23:33 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2024-04-30 16:38 - 2024-04-30 16:38 - 000000000 ___HD C:\$WinREAgent
2024-04-30 12:53 - 2024-04-30 12:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2024-04-29 15:10 - 2024-05-03 15:14 - 118226944 _____ C:\WINDOWS\system32\config\SOFTWARE
2024-04-29 14:57 - 2024-04-29 15:10 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2024-04-29 14:23 - 2024-04-29 14:23 - 000000424 __RSH C:\ProgramData\ntuser.pol
2024-04-27 19:16 - 2024-04-28 08:10 - 000001418 _____ C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2024-04-27 19:16 - 2024-04-27 19:16 - 000000000 ____D C:\Users\Dave\AppData\Local\ESET
2024-04-27 19:06 - 2024-04-27 19:08 - 000000000 ____D C:\AdwCleaner
2024-04-27 07:14 - 2024-04-27 07:14 - 000002166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2024-04-26 08:47 - 2024-04-26 08:47 - 001609850 _____ C:\Users\Dave\Documents\bookmarks_4_26_24.html
2024-04-23 14:19 - 2024-04-22 16:48 - 002394112 _____ (Farbar) C:\Users\Dave\Desktop\FRST64.exe
2024-04-23 14:03 - 2024-05-03 17:29 - 000000000 ____D C:\FRST
2024-04-22 08:14 - 2024-04-22 08:14 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4182419237-4015324695-3907471336-500
2024-04-22 08:13 - 2024-04-22 08:14 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4182419237-4015324695-3907471336-500
2024-04-22 08:13 - 2024-04-22 08:14 - 000002424 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-04-22 08:11 - 2024-04-22 08:11 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Apple Computer
2024-04-22 08:11 - 2024-04-22 08:11 - 000000000 ____D C:\Users\Administrator\AppData\Local\Dropbox
2024-04-22 08:11 - 2024-04-22 08:11 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2024-04-22 08:10 - 2024-04-22 08:10 - 000000000 ____D C:\Users\Administrator\AppData\Local\PlaceholderTileLogoFolder
2024-04-22 08:07 - 2024-04-22 08:12 - 000000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2024-04-22 08:06 - 2024-04-22 08:06 - 000000000 ____D C:\Users\Administrator\AppData\Local\CEF
2024-04-22 08:06 - 2024-04-22 08:06 - 000000000 ____D C:\Users\Administrator\ansel
2024-04-22 08:05 - 2024-04-22 08:16 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2024-04-22 08:05 - 2024-04-22 08:06 - 000000000 ____D C:\Users\Administrator\AppData\Local\Malwarebytes
2024-04-22 08:05 - 2024-04-22 08:05 - 000002348 _____ C:\Users\Administrator\Desktop\Microsoft Edge.lnk
2024-04-22 08:05 - 2024-04-22 08:05 - 000002332 _____ C:\Users\Administrator\Desktop\Google Chrome.lnk
2024-04-22 08:05 - 2024-04-22 08:05 - 000000000 ___RD C:\Users\Administrator\3D Objects
2024-04-22 08:05 - 2024-04-22 08:05 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2024-04-22 08:05 - 2024-04-22 08:05 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\NVIDIA
2024-04-22 08:05 - 2024-04-22 08:05 - 000000000 ____D C:\Users\Administrator\AppData\Local\D3DSCache
2024-04-22 08:04 - 2024-04-27 07:14 - 000002008 _____ C:\Users\Administrator\Desktop\Google Slides.lnk
2024-04-22 08:04 - 2024-04-27 07:14 - 000002008 _____ C:\Users\Administrator\Desktop\Google Sheets.lnk
2024-04-22 08:04 - 2024-04-27 07:14 - 000001996 _____ C:\Users\Administrator\Desktop\Google Docs.lnk
2024-04-22 08:04 - 2024-04-22 08:06 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows
2024-04-22 08:04 - 2024-04-22 08:06 - 000000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA Corporation
2024-04-22 08:04 - 2024-04-22 08:05 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2024-04-22 08:04 - 2024-04-22 08:05 - 000000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2024-04-22 08:04 - 2024-04-22 08:04 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2024-04-22 08:04 - 2024-04-22 08:04 - 000000000 ___SD C:\Users\Administrator\AppData\Roaming\Microsoft\SystemCertificates
2024-04-22 08:04 - 2024-04-22 08:04 - 000000000 ___SD C:\Users\Administrator\AppData\Roaming\Microsoft\Protect
2024-04-22 08:04 - 2024-04-22 08:04 - 000000000 ___SD C:\Users\Administrator\AppData\Roaming\Microsoft\Crypto
2024-04-22 08:04 - 2024-04-22 08:04 - 000000000 ___SD C:\Users\Administrator\AppData\Roaming\Microsoft\Credentials
2024-04-22 08:04 - 2024-04-22 08:04 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Vault
2024-04-22 08:04 - 2024-04-22 08:04 - 000000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA
2024-04-22 08:04 - 2021-06-20 17:47 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Network
2024-04-22 08:04 - 2018-10-23 13:45 - 000000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2024-04-22 08:04 - 2009-07-14 00:45 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Media Center Programs
2024-04-22 08:03 - 2024-04-25 20:06 - 000000000 ____D C:\Users\Administrator
2024-04-22 08:03 - 2024-04-22 08:13 - 000000000 ___RD C:\Users\Administrator\OneDrive
2024-04-21 18:30 - 2024-05-03 15:11 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2024-04-21 10:30 - 2023-06-07 07:38 - 000455008 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20240421-103051.backup
2024-04-19 13:04 - 2024-04-19 13:12 - 000000000 ____D C:\Users\Dave\Downloads\Operating Systems
2024-04-19 11:57 - 2024-04-19 12:50 - 000000000 ____D C:\Users\Dave\Downloads\Virtual Machine
2024-04-19 11:04 - 2024-04-19 11:04 - 000000000 ____D C:\ProgramData\obs-studio-hook
2024-04-19 11:04 - 2024-04-19 11:04 - 000000000 ____D C:\ProgramData\obs-studio
2024-04-19 11:03 - 2024-04-19 11:05 - 000000000 ____D C:\Users\Dave\AppData\Roaming\obs-studio
2024-04-18 08:38 - 2024-04-19 12:52 - 000000000 ____D C:\Users\Dave\Documents\Medical
2024-04-18 08:06 - 2024-04-18 08:06 - 001719622 _____ C:\Users\Dave\Downloads\ws_E_202407c.pdf
2024-04-11 09:18 - 2024-04-11 09:18 - 000020861 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-04-11 09:17 - 2024-04-11 09:17 - 000020861 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-04-08 08:32 - 2024-04-19 14:56 - 000000000 ____D C:\Users\Dave\Documents\Z Payments
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-05-03 17:22 - 2018-10-20 01:48 - 000000000 ___SD C:\Users\Dave\AppData\Roaming\Microsoft\Credentials
2024-05-03 17:21 - 2021-06-20 17:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-05-03 15:31 - 2021-06-21 12:39 - 000000000 ____D C:\Users\Dave\AppData\Roaming\FreeFileSync
2024-05-03 15:29 - 2018-10-21 14:12 - 000000000 ___RD C:\Users\Dave\Dropbox
2024-05-03 15:29 - 2018-10-21 14:08 - 000000000 ____D C:\Users\Dave\AppData\Roaming\Dropbox
2024-05-03 15:29 - 2018-10-21 14:01 - 000000000 ____D C:\Users\Dave\AppData\Local\Dropbox
2024-05-03 15:23 - 2021-06-20 17:41 - 000801452 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-05-03 15:23 - 2019-12-07 02:13 - 000000000 ____D C:\WINDOWS\INF
2024-05-03 15:23 - 2018-10-19 17:13 - 000000000 ____D C:\ProgramData\NVIDIA
2024-05-03 15:18 - 2020-04-20 21:04 - 000000000 ___RD C:\Users\Dave\Google Drive
2024-05-03 15:18 - 2018-12-13 17:39 - 000000000 ____D C:\Users\Dave\AppData\Local\Plex Media Server
2024-05-03 15:17 - 2023-05-09 16:15 - 000000000 ____D C:\Users\Dave\AppData\Local\Malwarebytes
2024-05-03 15:16 - 2022-07-08 12:34 - 000239576 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2024-05-03 15:16 - 2021-06-20 17:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-05-03 15:16 - 2021-06-20 17:35 - 000008192 ___SH C:\DumpStack.log.tmp
2024-05-03 15:16 - 2019-12-07 02:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-05-03 15:14 - 2019-12-07 02:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-05-03 15:08 - 2018-10-22 15:59 - 000000000 ____D C:\Users\Dave\AppData\Local\Everything
2024-05-03 15:08 - 2018-10-22 15:37 - 000000000 ____D C:\Users\Dave\AppData\Roaming\Everything
2024-05-03 15:05 - 2023-06-08 16:00 - 000000000 _____ C:\Users\Dave\Documents\HPSmartPrintingPort
2024-05-03 13:00 - 2021-12-17 10:01 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-05-03 12:05 - 2019-12-07 02:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-05-03 12:05 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-05-03 08:53 - 2018-10-23 19:30 - 000000000 ____D C:\Users\Dave\AppData\Roaming\WinX YouTube Downloader
2024-05-03 08:52 - 2019-06-19 22:22 - 000000000 ____D C:\Users\Dave\.cache
2024-05-03 08:15 - 2018-10-23 12:31 - 000000000 ____D C:\Program Files (x86)\Google
2024-05-02 14:09 - 2018-10-21 14:01 - 000000000 ____D C:\Program Files (x86)\Dropbox
2024-05-02 14:08 - 2018-10-23 12:51 - 000000000 ____D C:\Users\Dave\AppData\Roaming\Microsoft\Word
2024-05-02 08:46 - 2018-10-25 16:39 - 000000000 ____D C:\Users\Dave\Documents\Passwords
2024-05-02 08:41 - 2021-06-20 17:36 - 000458168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-05-02 08:36 - 2019-12-07 02:54 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2024-05-02 08:36 - 2019-12-07 02:54 - 000000000 ____D C:\Program Files\Windows Portable Devices
2024-05-02 08:36 - 2019-12-07 02:54 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2024-05-02 08:36 - 2019-12-07 02:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-05-02 08:36 - 2019-12-07 02:54 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2024-05-02 08:36 - 2019-12-07 02:54 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2024-05-02 08:36 - 2019-12-07 02:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-05-02 08:36 - 2019-12-07 02:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-05-02 08:36 - 2019-12-07 02:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-05-02 08:36 - 2019-12-07 02:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-05-02 08:36 - 2019-12-07 02:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-05-02 08:36 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-05-02 08:36 - 2019-12-07 02:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-05-02 08:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-05-02 08:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-05-02 08:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-05-02 08:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-05-02 08:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-05-02 08:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-05-02 08:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-05-02 08:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-05-02 08:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-05-02 08:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-05-02 08:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-05-02 08:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-05-02 08:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-05-02 08:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-05-02 08:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-05-02 08:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-05-02 08:36 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\servicing
2024-05-02 08:27 - 2020-09-03 07:53 - 000000000 ____D C:\Users\Dave\AppData\Local\CrashDumps
2024-05-01 08:30 - 2018-10-21 10:36 - 000000000 ____D C:\Users\Dave\Downloads\Uninstallers
2024-05-01 07:58 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-05-01 07:33 - 2021-06-20 17:38 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-04-30 16:01 - 2018-12-23 10:45 - 000000000 ____D C:\Users\Dave\AppData\Roaming\Microsoft\Excel
2024-04-30 14:18 - 2018-10-25 10:58 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2024-04-29 16:00 - 2021-07-31 13:59 - 000000000 ____D C:\Users\Dave\Documents\Test Folder
2024-04-29 13:48 - 2009-07-13 20:20 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2024-04-28 08:12 - 2018-10-25 10:26 - 000000000 ____D C:\Users\Dave\Desktop\Virus and Spyware
2024-04-27 21:05 - 2018-10-21 10:33 - 000000000 ____D C:\Users\Dave\Downloads\backupwindowskey
2024-04-27 19:14 - 2018-10-21 10:36 - 000000000 ____D C:\Users\Dave\Downloads\Virus and Spyware Removal Tools
2024-04-27 19:08 - 2023-05-09 13:05 - 000000000 ____D C:\Users\Dave\AppData\Roaming\IObit
2024-04-27 16:47 - 2022-03-15 08:13 - 000000000 ____D C:\Users\Dave\AppData\LocalLow\Temp
2024-04-27 16:32 - 2021-06-20 17:42 - 000000000 ____D C:\Users\Dave
2024-04-27 11:06 - 2021-07-20 13:29 - 000003810 _____ C:\WINDOWS\system32\Tasks\UninstallMonitor
2024-04-27 07:14 - 2021-09-20 18:54 - 000002008 _____ C:\Users\Default\Desktop\Google Slides.lnk
2024-04-27 07:14 - 2021-09-20 18:54 - 000002008 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2024-04-27 07:14 - 2021-09-20 18:54 - 000001996 _____ C:\Users\Default\Desktop\Google Docs.lnk
2024-04-25 19:59 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2024-04-25 19:51 - 2019-01-02 14:34 - 000000000 ____D C:\Program Files (x86)\NirSoft
2024-04-23 11:08 - 2018-10-21 10:34 - 000000000 ____D C:\Users\Dave\Downloads\FixWindows Media Player
2024-04-22 16:36 - 2018-10-25 16:47 - 000000000 ____D C:\Users\Dave\Documents\Computer
2024-04-22 16:25 - 2018-10-21 10:35 - 000000000 ____D C:\Users\Dave\Downloads\Software analyzer_Updater
2024-04-22 16:25 - 2018-10-21 10:34 - 000000000 ____D C:\Users\Dave\Downloads\Anti-Keyloggers
2024-04-22 15:46 - 2018-10-25 10:23 - 000000000 ____D C:\Users\Dave\AppData\Roaming\vlc
2024-04-22 14:24 - 2018-10-25 16:52 - 000000000 ____D C:\Users\Dave\Documents\Health
2024-04-22 08:05 - 2021-06-20 17:56 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-04-21 18:52 - 2022-11-26 10:45 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-04-21 18:51 - 2019-01-02 15:29 - 000000000 ____D C:\WINDOWS\pss
2024-04-21 18:29 - 2021-01-29 11:03 - 000000000 ____D C:\Program Files\CCleaner
2024-04-21 11:41 - 2021-06-23 08:11 - 000000000 ____D C:\Users\Dave\AppData\Local\D3DSCache
2024-04-21 11:40 - 2022-11-26 10:45 - 000003382 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-04-21 11:39 - 2021-06-20 17:52 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-04-21 11:36 - 2018-10-25 10:28 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2024-04-21 08:40 - 2018-10-25 10:33 - 000000000 ____D C:\ProgramData\TEMP
2024-04-21 08:39 - 2018-10-25 10:33 - 000000000 ____D C:\Program Files (x86)\SpywareBlaster
2024-04-20 15:38 - 2018-10-21 10:36 - 000000000 ____D C:\Users\Dave\Downloads\Word Processers
2024-04-19 16:09 - 2018-10-21 10:35 - 000000000 ____D C:\Users\Dave\Downloads\Screen capture & recording programs
2024-04-19 13:09 - 2018-10-21 10:33 - 000000000 ____D C:\Users\Dave\Downloads\Files -Folders
2024-04-19 10:18 - 2021-05-15 13:38 - 000000000 ___RD C:\Users\Dave\OneDrive
2024-04-19 09:39 - 2018-12-31 13:08 - 000000000 ___RD C:\Users\Dave\Desktop\Computer Analyzers
2024-04-19 09:38 - 2018-10-21 10:33 - 000000000 ____D C:\Users\Dave\Downloads\Computer Analyzers
2024-04-14 12:12 - 2021-06-20 17:52 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-04-12 03:23 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\appcompat
2024-04-11 10:36 - 2023-12-13 13:37 - 000000000 ____D C:\WINDOWS\InboxApps
2024-04-11 10:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-04-11 10:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2024-04-11 10:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-04-11 10:36 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\Provisioning
2024-04-10 17:21 - 2023-03-23 07:13 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-04-10 17:21 - 2018-10-23 16:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-04-10 10:42 - 2023-10-08 07:47 - 000022693 _____ C:\Users\Dave\Downloads\PH Territory # 61.xlsx
2024-04-10 09:39 - 2018-10-19 17:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-04-10 09:32 - 2018-10-19 17:12 - 192651728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-04-10 08:33 - 2021-06-20 17:52 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-04-09 21:07 - 2018-10-25 16:42 - 000000000 ____D C:\Users\Dave\Documents\A Theocratic Items
2024-04-08 12:03 - 2021-06-21 12:39 - 000000000 ____D C:\Program Files\FreeFileSync
2024-04-08 12:02 - 2018-10-21 10:33 - 000000000 ____D C:\Users\Dave\Downloads\Backup and Cloud Software
2024-04-03 19:04 - 2021-06-20 17:52 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-04-03 19:04 - 2021-06-20 17:52 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== Files in the root of some directories ========
2019-07-26 12:46 - 2020-03-21 15:28 - 001178624 _____ (CPUID) C:\Users\Dave\AppData\Roaming\siw_sdk.dll
2022-07-31 07:32 - 2022-07-31 07:32 - 000000423 _____ () C:\Users\Dave\AppData\Roaming\u_data.lgvnx
2022-09-28 09:11 - 2022-09-28 09:11 - 000004096 ____H () C:\Users\Dave\AppData\Local\keyfile3.drm
2021-03-29 18:12 - 2021-03-29 18:12 - 000000017 _____ () C:\Users\Dave\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================