Inactive Am I infected?

Status
Not open for further replies.
S

sean97000

Posts: 7   +0
Received a popup from Windows Defender Firewall asking if I should allow traffic from windows/syswow64/rundll32.exe

Scanned with Avast and found nothing

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-12-2022
Ran by seanc (administrator) on SATIVA (LENOVO 20QWCTO1WW) (21-12-2022 08:33:48)
Running from C:\Users\seanc\Dropbox\Downloads
Loaded Profiles: seanc & xyz
Platform: Microsoft Windows 11 Pro Version 22H2 22621.963 (X64) Language: English (United States)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
(C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe ->) (Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NZXT CAM\NZXT CAM.exe ->) (NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\target\x86_64-pc-windows-msvc\release\cam_helper.exe <3>
(C:\Program Files\WindowsApps\MicrosoftTeams_22308.1003.1743.8209_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\108.0.1462.54\msedgewebview2.exe <6>
(C:\Users\seanc\AppData\Local\Programs\Messenger\Messenger.exe ->) (Facebook, Inc. -> ) C:\Users\seanc\AppData\Local\Programs\Messenger\CrashpadHandlerWindows.exe
(cmd.exe ->) (EXPRSVPN LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.BrowserHelper.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_bd81469b51147524\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_bd81469b51147524\igfxEM.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_8a4ddeba3102f3a4\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~1.INF\DAX3API.exe
(DriverStore\FileRepository\fn.inf_amd64_6df953d54d3099b9\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN32EE~1.INF\driver\shtctky.exe
(DriverStore\FileRepository\fn.inf_amd64_6df953d54d3099b9\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN32EE~1.INF\driver\tposd.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7>
(explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(explorer.exe ->) (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\iPSNotifier.exe
(explorer.exe ->) (EXPRSVPN LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe
(explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\seanc\AppData\Local\FluxSoftware\Flux\flux.exe
(explorer.exe ->) (Facebook, Inc. -> Meta Platforms, Inc.) C:\Users\seanc\AppData\Local\Programs\Messenger\Messenger.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
(explorer.exe ->) (Lansweeper -> Fing Ltd) C:\Program Files\Fing\Fing.exe <3>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(explorer.exe ->) (NZXT, Inc. -> NZXT, Inc.) C:\Program Files\NZXT CAM\NZXT CAM.exe <5>
(EXPRSVPN LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(services.exe ->) (Conexant Systems LLC -> Conexant Systems, Inc.) C:\Windows\CxSvc\CxUtilSvc.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_8a4ddeba3102f3a4\DAX3API.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (EXPRSVPN LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.AppService.exe
(services.exe ->) (EXPRSVPN LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.SystemService.exe
(services.exe ->) (EXPRSVPN LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.VpnService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_bd81469b51147524\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_9196e89091d8bdbb\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_47d3698a1c94c55a\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_c812d3ffe3c5ec75\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_c812d3ffe3c5ec75\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_3c8213e3da176c7f\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_1e59f5ec7049260a\aesm_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\TbtP2pShortcutService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\ThunderboltService.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_183917c66152901d\lib\SocketHeciServer.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Lansweeper -> Fing Limited) C:\Program Files\Fing\resources\extraResources\fingagent.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_6df953d54d3099b9\driver\tphkload.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\SysWOW64\EasyResume.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\ibmpmsvc.exe
(services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\ApsInsSvc.exe
(services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\LITSSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe
(services.exe ->) (Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(services.exe ->) (Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_e32bb28e87695861\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\target\x86_64-pc-windows-msvc\release\service.exe
(services.exe ->) (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(services.exe ->) (Synaptics Incorporated -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Synaptics Incorporated -> Conexant Systems LLC.) C:\Windows\CxSvc\CxAudioSvc.exe
(services.exe ->) (Synaptics Incorporated -> Conexant Systems, Inc.) C:\Windows\System32\CxUIUSvc64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated.) C:\Windows\System32\SynRpcServer.exe
(sihost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(svchost.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(svchost.exe ->) (Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_bd81469b51147524\igfxext.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.22621.898_none_6b467c06908d3d29\TiWorker.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_422.33900.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(Synaptics Hong Kong Limited, Taiwan Branch (H.K.)) C:\Program Files\WindowsApps\22094SynapticsIncorporate.SmartAudio3_1.0.85.0_x64__qt57b6kdvhcfw\AFA\CAudioFilterAgent64.exe
(Synaptics Hong Kong Limited, Taiwan Branch (H.K.)) C:\Program Files\WindowsApps\22094SynapticsIncorporate.SmartAudio3_1.0.85.0_x64__qt57b6kdvhcfw\Flow\Flow1\Flow.exe
(Synaptics Hong Kong Limited, Taiwan Branch (H.K.)) C:\Program Files\WindowsApps\22094SynapticsIncorporate.SmartAudio3_1.0.85.0_x64__qt57b6kdvhcfw\SA3\SmartAudio3.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPHelper.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(WhatsApp LLC -> WhatsApp) C:\Users\seanc\AppData\Local\WhatsApp\app-2.2246.10\WhatsApp.exe <7>
 
sean97000 said:
Received a popup from Windows Defender Firewall asking if I should allow traffic from windows/syswow64/rundll32.exe

Scanned with Avast and found nothing

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-12-2022
Ran by seanc (administrator) on SATIVA (LENOVO 20QWCTO1WW) (21-12-2022 08:33:48)
Running from C:\Users\seanc\Dropbox\Downloads
Loaded Profiles: seanc & xyz
Platform: Microsoft Windows 11 Pro Version 22H2 22621.963 (X64) Language: English (United States)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
(C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe ->) (Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NZXT CAM\NZXT CAM.exe ->) (NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\target\x86_64-pc-windows-msvc\release\cam_helper.exe <3>
(C:\Program Files\WindowsApps\MicrosoftTeams_22308.1003.1743.8209_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\108.0.1462.54\msedgewebview2.exe <6>
(C:\Users\seanc\AppData\Local\Programs\Messenger\Messenger.exe ->) (Facebook, Inc. -> ) C:\Users\seanc\AppData\Local\Programs\Messenger\CrashpadHandlerWindows.exe
(cmd.exe ->) (EXPRSVPN LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.BrowserHelper.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_bd81469b51147524\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_bd81469b51147524\igfxEM.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_8a4ddeba3102f3a4\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~1.INF\DAX3API.exe
(DriverStore\FileRepository\fn.inf_amd64_6df953d54d3099b9\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN32EE~1.INF\driver\shtctky.exe
(DriverStore\FileRepository\fn.inf_amd64_6df953d54d3099b9\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN32EE~1.INF\driver\tposd.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7>
(explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(explorer.exe ->) (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\iPSNotifier.exe
(explorer.exe ->) (EXPRSVPN LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe
(explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\seanc\AppData\Local\FluxSoftware\Flux\flux.exe
(explorer.exe ->) (Facebook, Inc. -> Meta Platforms, Inc.) C:\Users\seanc\AppData\Local\Programs\Messenger\Messenger.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
(explorer.exe ->) (Lansweeper -> Fing Ltd) C:\Program Files\Fing\Fing.exe <3>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(explorer.exe ->) (NZXT, Inc. -> NZXT, Inc.) C:\Program Files\NZXT CAM\NZXT CAM.exe <5>
(EXPRSVPN LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(services.exe ->) (Conexant Systems LLC -> Conexant Systems, Inc.) C:\Windows\CxSvc\CxUtilSvc.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_8a4ddeba3102f3a4\DAX3API.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (EXPRSVPN LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.AppService.exe
(services.exe ->) (EXPRSVPN LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.SystemService.exe
(services.exe ->) (EXPRSVPN LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.VpnService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_bd81469b51147524\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_9196e89091d8bdbb\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_47d3698a1c94c55a\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_c812d3ffe3c5ec75\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_c812d3ffe3c5ec75\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_3c8213e3da176c7f\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_1e59f5ec7049260a\aesm_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\TbtP2pShortcutService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\ThunderboltService.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_183917c66152901d\lib\SocketHeciServer.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Lansweeper -> Fing Limited) C:\Program Files\Fing\resources\extraResources\fingagent.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_6df953d54d3099b9\driver\tphkload.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\SysWOW64\EasyResume.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\ibmpmsvc.exe
(services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\ApsInsSvc.exe
(services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\LITSSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\Sgrm\SgrmBroker.exe
(services.exe ->) (Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(services.exe ->) (Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_e32bb28e87695861\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\target\x86_64-pc-windows-msvc\release\service.exe
(services.exe ->) (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(services.exe ->) (Synaptics Incorporated -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Synaptics Incorporated -> Conexant Systems LLC.) C:\Windows\CxSvc\CxAudioSvc.exe
(services.exe ->) (Synaptics Incorporated -> Conexant Systems, Inc.) C:\Windows\System32\CxUIUSvc64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated.) C:\Windows\System32\SynRpcServer.exe
(sihost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(svchost.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(svchost.exe ->) (Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_bd81469b51147524\igfxext.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22102.229.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.22621.898_none_6b467c06908d3d29\TiWorker.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_422.33900.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(Synaptics Hong Kong Limited, Taiwan Branch (H.K.)) C:\Program Files\WindowsApps\22094SynapticsIncorporate.SmartAudio3_1.0.85.0_x64__qt57b6kdvhcfw\AFA\CAudioFilterAgent64.exe
(Synaptics Hong Kong Limited, Taiwan Branch (H.K.)) C:\Program Files\WindowsApps\22094SynapticsIncorporate.SmartAudio3_1.0.85.0_x64__qt57b6kdvhcfw\Flow\Flow1\Flow.exe
(Synaptics Hong Kong Limited, Taiwan Branch (H.K.)) C:\Program Files\WindowsApps\22094SynapticsIncorporate.SmartAudio3_1.0.85.0_x64__qt57b6kdvhcfw\SA3\SmartAudio3.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPHelper.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(WhatsApp LLC -> WhatsApp) C:\Users\seanc\AppData\Local\WhatsApp\app-2.2246.10\WhatsApp.exe <7>
Click to expand...
==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [366944 2022-12-08] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [213728 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11327200 2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [I17B] => C:\WINDOWS\twain_32\Brimi17b\Common\TwDsUiLaunch.exe [86152 2020-03-25] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [145376 2018-04-26] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-07-25] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [381288 2022-11-24] (EXPRSVPN LLC -> ExpressVPN)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2626448 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2626448 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2626448 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3412696 2021-02-12] (Valve -> Valve Corporation)
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [NZXT.CAM] => C:\Program Files\NZXT CAM\NZXT CAM.exe [146309056 2022-12-05] (NZXT, Inc. -> NZXT, Inc.)
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [f.lux] => C:\Users\seanc\AppData\Local\FluxSoftware\Flux\flux.exe [1515848 2021-06-17] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [E2820BE4A413BD842253CFC823ED5CC71DCB4BEB._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8 [3879848 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [electron.app.Fing] => C:\Program Files\Fing\Fing.exe [136147888 2022-12-13] (Lansweeper -> Fing Ltd)
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\seanc\AppData\Local\WhatsApp\Update.exe [2254048 2022-12-13] (WhatsApp LLC -> )
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [com.messenger] => "C:\Users\seanc\AppData\Local\Programs\Messenger\Messenger.exe" messenger://openAtLogin (No File)
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [MicrosoftEdgeAutoLaunch_C38C926449DDC3B8C7E9E42DAB5EF8D2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3879848 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [AvastBrowserAutoLaunch_950F0406EAF4B35DA393F48747B04A83] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3236624 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [ExpressVPN] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe [853864 2022-11-24] (EXPRSVPN LLC -> ExpressVPN)
HKU\S-1-5-21-2943715955-579751958-2762250142-1002\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2626448 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2943715955-579751958-2762250142-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [116060024 2022-05-17] (Skype Software Sarl -> Skype Technologies S.A.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe [2022-12-15] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\108.0.19667.125\Installer\chrmstp.exe [2022-12-21] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iPSNotifier.lnk [2021-03-25]
ShortcutTarget: iPSNotifier.lnk -> C:\Program Files (x86)\Brother\iPrint&Scan\iPSNotifier.exe (Brother Industries, Ltd.) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0195A135-F1BC-4ABF-8F5B-6A6C053004B3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8509392 2022-12-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc
Task: {0DBF9610-935F-4AEC-A7EA-3AEF48DAECEE} - System32\Tasks\GlanceDiscovery => c:\Program files\Lenovo\AUMLauncher.exe [196608 2019-04-04] () [File not signed]
Task: {0EB872B0-1604-4078-9E4C-B10E4E8F8A34} - System32\Tasks\Lenovo\Lenovo ITS PnP Task => C:\WINDOWS\System32\LITSSvc.exe [1217488 2022-10-10] (Lenovo -> Lenovo.)
Task: {14B2D297-D84E-45B6-BF87-EEAACCA9A61B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {14DD33EF-EECB-4270-A384-4AC50EEDF783} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2943715955-579751958-2762250142-1001 => C:\Users\seanc\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [89096 2022-10-19] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {1C14CA34-02CE-48D5-AD26-87042175DF6E} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3236624 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
Task: {1C4841D7-0597-4EBB-9ACC-53D2CA18C64A} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {229DE90A-743B-4596-8696-4520BA50329E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
Task: {271821E5-E56B-4221-A549-40F913E2261F} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {2A91BDFC-3801-4437-9A2F-B426AC6E90D9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {2F7103DE-0930-4304-ABD0-5DFF31882441} - System32\Tasks\PowerENGAGE => Command(1): msiexec -> /f {400A01BF-E908-4393-BD39-31E386377BDA} /quiet /qn
Task: {2F7103DE-0930-4304-ABD0-5DFF31882441} - System32\Tasks\PowerENGAGE => Command(2): PowerENGAGE.exe -> scheduled-run
Task: {34FF7341-0FA9-4867-9720-B2E9D268298E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144344 2022-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {3995CDB8-5BEA-40C1-8E88-9B525F5F165E} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [149280 2022-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {3B5341A9-C327-4472-A917-FB962AF4292B} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-31] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4FD38B40-6958-48BA-B1B7-08A182D49C4C} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2943715955-579751958-2762250142-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {5205200E-D9C2-4B94-A6D0-66AE2FDCD49E} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4943072 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
Task: {520E016B-4644-4682-B5D2-56FF48CB25CB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-02] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {52C103DC-0870-425F-9116-8ABC0CF8ECBB} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => C:\WINDOWS\system32\SecureBootEncodeUEFI.exe [94208 2022-11-09] (Microsoft Windows -> )
Task: {65CD36CF-B676-4117-B5BF-6DBBFAD38619} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-12] (Google LLC -> Google LLC)
Task: {6AD88667-8808-4E3D-9071-D77CC98AFA41} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-12-21] (Avast Software s.r.o. -> Avast Software)
Task: {6AE0D5C6-4F6E-4D03-B2B5-659D664BA0EA} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-31] (Nvidia Corporation -> NVIDIA Corporation)
Task: {6BF9FF11-5D04-41C4-9D31-785A1F543E68} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-31] (Nvidia Corporation -> NVIDIA Corporation)
Task: {6C15DC1A-3420-44D8-BDFB-08AF65EF3DB7} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {6CD1C80E-2FAC-49DE-A056-6C46F6D3EC30} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-12] (Google LLC -> Google LLC)
Task: {6D6973B8-783B-4951-869B-359782EE969B} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
Task: {6EF91852-E133-43CF-BAAF-D93BD966118E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {7311B233-4BA4-4AB0-9D54-123AC4455207} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {784100E0-4407-40E9-BE1A-49AB8F91E9B3} - System32\Tasks\Lenovo\UDC\Lenovo UDC Idle Monitor => C:\windows\system32\drivers\Lenovo\udc\Service\UDCUserAgent.exe [89408 2022-05-23] (Lenovo -> Lenovo Group Ltd.)
Task: {7A3DA35E-1F1E-4F34-986B-888D6A8FA2B1} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5ffa4ad7-5315-45c4-a7d1-8535e4aadbe8 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {7B96E58A-FF59-4301-B76F-51131E593A84} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308584 2022-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {7BB7B752-B624-4357-9853-A96AC0EE6BEE} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => C:\WINDOWS\system32\MusNotification.exe Display (No File)
Task: {7C34B3A0-533E-4A13-A3C1-27BE1D06AEE4} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [128976 2022-05-17] (Lenovo -> Lenovo)
Task: {7CF1BC8A-6B31-42B3-8B88-229E2D4C25D6} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1652536 2018-11-05] (Intel(R) Software -> Intel Corporation)
Task: {7EDD6566-188B-415C-830C-3BCC5376A781} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {86C83C5D-A8F0-4C37-BCF8-78FAEB2EF07C} - System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-2943715955-579751958-2762250142-1001 => C:\Users\seanc\AppData\Local\Programs\Messenger\MessengerHelper.exe [2149112 2022-12-09] (Facebook, Inc. -> Meta Platforms, Inc.)
Task: {88671774-8336-4FDF-91D3-325308D3ACDD} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3236624 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
Task: {8A3829C4-CDBE-4421-8983-6FAFDFDF750D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d5c22bd8-777a-4b2a-a803-d3cf6710f46a => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {8AB5C4DD-9A18-4BA4-B710-94D465BB3FA2} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [880 2020-09-24] () [File not signed]
Task: {8E3DA3A2-7E91-480C-BB87-80B73B6FA1DC} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-31] (Nvidia Corporation -> NVIDIA Corporation)
Task: {921219DB-6C87-4D6F-91B6-5FDE483623C5} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {ACBF2975-973E-4C63-819C-D45F2E410A7D} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {B1C2DF11-38B1-4C5E-9CE3-F1A2188E9D6C} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {B4EF8147-CCAD-46DF-93EA-7BF754E74A35} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {B5B5A451-7268-4736-A5B6-EB7D317FD760} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {B6CA9519-3877-41B8-AD5E-3E4C858BCBFC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {B8CC9CD2-9015-4D7F-999A-D21D15A2F5BA} - System32\Tasks\Lenovo Power Management Driver PnP Task => C:\WINDOWS\System32\ibmpmsvc.exe [871912 2022-03-27] (Lenovo -> Lenovo)
Task: {BD97CAF3-3E66-43B5-BFF6-1D1FD4AA5E2F} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {BE325F53-8A99-45A5-8817-3B2E4EF72AC7} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {C2A2665C-4905-4E8A-A234-F8F9078B3189} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\WINDOWS\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [184656 2022-05-23] (Lenovo -> Lenovo Group Ltd.)
Task: {C5212E79-728A-42E6-88AB-FBF03AA3D0A4} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [62152 2020-12-20] (Lenovo -> )
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {CE9AE4BA-DE91-4CB9-A12E-897711F4FC73} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2943715955-579751958-2762250142-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {CED24081-5544-4A65-AB3C-9518AD72F8E7} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-31] (Nvidia Corporation -> NVIDIA Corporation)
Task: {CFC84FB5-2E9B-4EA3-8687-E5A44B89C986} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1900320 2022-09-29] (Lenovo -> )
Task: {D378EA12-2DAA-4000-90F4-B522245FDB52} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [146816 2022-12-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {D553045B-C02A-4734-B5F2-FEF154774FA6} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {D56A1DC3-5A57-4B90-AAA7-8F7EFBBF6BB8} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {DBD92B1C-3CB7-434D-9B0C-8E19AE6A3973} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {DC153947-1AAA-48E3-8B87-1A5C4617B3FD} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1900320 2022-09-29] (Lenovo -> )
Task: {DD033FA0-763F-4D7B-81B5-DB7D1A32FE4C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-31] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {E8F20228-5519-4412-805E-21E561AE3758} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.SScan => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {EC2A4889-B731-48E8-8A46-2DD6C7200D7A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8509392 2022-12-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {FDA58F09-1BF8-4BF5-A7CD-E2ED87D4CF4B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308584 2022-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {FF3CC576-9FF6-4460-8123-23D1BBBD47B0} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\01bb99a0-a615-4b39-80fd-51751eb27c8c => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {FF5559B7-355E-4295-B3BE-BC69AC7CD564} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144344 2022-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {FFF1E04B-497B-40FA-9058-4514D90C90AA} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 76.76.2.0
Tcpip\..\Interfaces\{076ea20b-089a-445e-a602-dc55f5647c69}: [DhcpNameServer] 8.8.8.8 76.76.2.0
Tcpip\..\Interfaces\{0f5d6c5e-2d0b-40a6-8c4e-a98891f7b8fc}: [NameServer] 100.64.100.1
Tcpip\..\Interfaces\{55b6cc48-c9f9-4406-9001-b22a1b418125}: [DhcpNameServer] 192.168.132.1
Tcpip\..\Interfaces\{67c9fe34-4624-4f75-8c4b-fd4dea3393fc}: [DhcpNameServer] 10.157.0.1

Edge:
=======
DownloadDir: C:\Users\seanc\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\seanc\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-21]
Edge HomePage: Default -> hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
Edge Extension: (Alaska Airlines Mileage Plan™ Shopping button) - C:\Users\seanc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bpncppnllngfgpcclmpjdlhokgbdkpdh [2022-10-20]
Edge Extension: (Dropbox for Gmail) - C:\Users\seanc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2021-09-01]
Edge Extension: (Bookmarks Menu) - C:\Users\seanc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ffmdedmghpoipeldijkdlcckdpempkdi [2022-05-18]
Edge Extension: (iCloud Bookmarks) - C:\Users\seanc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2022-11-21]
Edge Extension: (HTTPS Everywhere) - C:\Users\seanc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2022-05-25]
Edge Extension: (FantasyPros: Win your Fantasy League) - C:\Users\seanc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gfbepnlhpkbgbkcebjnfhgjckibfdfkc [2022-10-28]
Edge Extension: (FBS II : Fast Bookmark Scanner II) - C:\Users\seanc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gjcmklpilmpfhfjpebhnapnglcppdbic [2020-07-04]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\seanc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-12-13]
Edge Extension: (Capital One Shopping: Add to Edge for Free) - C:\Users\seanc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kiiaghlmeikbpmeabhilfphikfcefljn [2022-12-17]
Edge Extension: (Fatkun Batch Download Image) - C:\Users\seanc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nnjjahlikiabnchcpehcpkdeckfgnohf [2022-12-09]
Edge Extension: (AwardWallet) - C:\Users\seanc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ohkankfogimcbcioalemeonlapdababm [2022-08-05]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: yc150fr2.default
FF ProfilePath: C:\Users\seanc\AppData\Roaming\Mozilla\Firefox\Profiles\yc150fr2.default [2022-03-27]
FF ProfilePath: C:\Users\seanc\AppData\Roaming\Mozilla\Firefox\Profiles\99yc8c4g.default-release [2022-12-20]
FF Notifications: Mozilla\Firefox\Profiles\99yc8c4g.default-release -> hxxps://www.reddit.com
FF Extension: (Malwarebytes Browser Guard) - C:\Users\seanc\AppData\Roaming\Mozilla\Firefox\Profiles\99yc8c4g.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-10-12]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2022-12-21] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2022-12-21] (Avast Software s.r.o. -> AVAST Software)
FF Plugin HKU\S-1-5-21-2943715955-579751958-2762250142-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\seanc\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-08] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)


==
 
sean97000 said:
==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [366944 2022-12-08] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [213728 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11327200 2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [I17B] => C:\WINDOWS\twain_32\Brimi17b\Common\TwDsUiLaunch.exe [86152 2020-03-25] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [145376 2018-04-26] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-07-25] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [381288 2022-11-24] (EXPRSVPN LLC -> ExpressVPN)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2626448 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\System32\OneDriveSetup.exe [50312608 2022-05-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2626448 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2626448 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3412696 2021-02-12] (Valve -> Valve Corporation)
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [NZXT.CAM] => C:\Program Files\NZXT CAM\NZXT CAM.exe [146309056 2022-12-05] (NZXT, Inc. -> NZXT, Inc.)
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [f.lux] => C:\Users\seanc\AppData\Local\FluxSoftware\Flux\flux.exe [1515848 2021-06-17] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [E2820BE4A413BD842253CFC823ED5CC71DCB4BEB._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8 [3879848 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [electron.app.Fing] => C:\Program Files\Fing\Fing.exe [136147888 2022-12-13] (Lansweeper -> Fing Ltd)
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\seanc\AppData\Local\WhatsApp\Update.exe [2254048 2022-12-13] (WhatsApp LLC -> )
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [com.messenger] => "C:\Users\seanc\AppData\Local\Programs\Messenger\Messenger.exe" messenger://openAtLogin (No File)
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [MicrosoftEdgeAutoLaunch_C38C926449DDC3B8C7E9E42DAB5EF8D2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3879848 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [AvastBrowserAutoLaunch_950F0406EAF4B35DA393F48747B04A83] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3236624 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Run: [ExpressVPN] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe [853864 2022-11-24] (EXPRSVPN LLC -> ExpressVPN)
HKU\S-1-5-21-2943715955-579751958-2762250142-1002\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2626448 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2943715955-579751958-2762250142-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [116060024 2022-05-17] (Skype Software Sarl -> Skype Technologies S.A.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe [2022-12-15] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\108.0.19667.125\Installer\chrmstp.exe [2022-12-21] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iPSNotifier.lnk [2021-03-25]
ShortcutTarget: iPSNotifier.lnk -> C:\Program Files (x86)\Brother\iPrint&Scan\iPSNotifier.exe (Brother Industries, Ltd.) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0195A135-F1BC-4ABF-8F5B-6A6C053004B3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8509392 2022-12-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {0600DD45-FAF2-4131-A006-0B17509B9F78} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\sc.exe start InventorySvc
Task: {0DBF9610-935F-4AEC-A7EA-3AEF48DAECEE} - System32\Tasks\GlanceDiscovery => c:\Program files\Lenovo\AUMLauncher.exe [196608 2019-04-04] () [File not signed]
Task: {0EB872B0-1604-4078-9E4C-B10E4E8F8A34} - System32\Tasks\Lenovo\Lenovo ITS PnP Task => C:\WINDOWS\System32\LITSSvc.exe [1217488 2022-10-10] (Lenovo -> Lenovo.)
Task: {14B2D297-D84E-45B6-BF87-EEAACCA9A61B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {14DD33EF-EECB-4270-A384-4AC50EEDF783} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2943715955-579751958-2762250142-1001 => C:\Users\seanc\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [89096 2022-10-19] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {1C14CA34-02CE-48D5-AD26-87042175DF6E} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3236624 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
Task: {1C4841D7-0597-4EBB-9ACC-53D2CA18C64A} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {229DE90A-743B-4596-8696-4520BA50329E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
Task: {271821E5-E56B-4221-A549-40F913E2261F} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {2A91BDFC-3801-4437-9A2F-B426AC6E90D9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {2F7103DE-0930-4304-ABD0-5DFF31882441} - System32\Tasks\PowerENGAGE => Command(1): msiexec -> /f {400A01BF-E908-4393-BD39-31E386377BDA} /quiet /qn
Task: {2F7103DE-0930-4304-ABD0-5DFF31882441} - System32\Tasks\PowerENGAGE => Command(2): PowerENGAGE.exe -> scheduled-run
Task: {34FF7341-0FA9-4867-9720-B2E9D268298E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144344 2022-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {3995CDB8-5BEA-40C1-8E88-9B525F5F165E} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [149280 2022-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {3B5341A9-C327-4472-A917-FB962AF4292B} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-31] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4FD38B40-6958-48BA-B1B7-08A182D49C4C} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2943715955-579751958-2762250142-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {5205200E-D9C2-4B94-A6D0-66AE2FDCD49E} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4943072 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
Task: {520E016B-4644-4682-B5D2-56FF48CB25CB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-02] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {52C103DC-0870-425F-9116-8ABC0CF8ECBB} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => C:\WINDOWS\system32\SecureBootEncodeUEFI.exe [94208 2022-11-09] (Microsoft Windows -> )
Task: {65CD36CF-B676-4117-B5BF-6DBBFAD38619} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-12] (Google LLC -> Google LLC)
Task: {6AD88667-8808-4E3D-9071-D77CC98AFA41} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-12-21] (Avast Software s.r.o. -> Avast Software)
Task: {6AE0D5C6-4F6E-4D03-B2B5-659D664BA0EA} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-31] (Nvidia Corporation -> NVIDIA Corporation)
Task: {6BF9FF11-5D04-41C4-9D31-785A1F543E68} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-31] (Nvidia Corporation -> NVIDIA Corporation)
Task: {6C15DC1A-3420-44D8-BDFB-08AF65EF3DB7} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {6CD1C80E-2FAC-49DE-A056-6C46F6D3EC30} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-12] (Google LLC -> Google LLC)
Task: {6D6973B8-783B-4951-869B-359782EE969B} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
Task: {6EF91852-E133-43CF-BAAF-D93BD966118E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {7311B233-4BA4-4AB0-9D54-123AC4455207} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {784100E0-4407-40E9-BE1A-49AB8F91E9B3} - System32\Tasks\Lenovo\UDC\Lenovo UDC Idle Monitor => C:\windows\system32\drivers\Lenovo\udc\Service\UDCUserAgent.exe [89408 2022-05-23] (Lenovo -> Lenovo Group Ltd.)
Task: {7A3DA35E-1F1E-4F34-986B-888D6A8FA2B1} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5ffa4ad7-5315-45c4-a7d1-8535e4aadbe8 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {7B96E58A-FF59-4301-B76F-51131E593A84} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308584 2022-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {7BB7B752-B624-4357-9853-A96AC0EE6BEE} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => C:\WINDOWS\system32\MusNotification.exe Display (No File)
Task: {7C34B3A0-533E-4A13-A3C1-27BE1D06AEE4} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [128976 2022-05-17] (Lenovo -> Lenovo)
Task: {7CF1BC8A-6B31-42B3-8B88-229E2D4C25D6} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1652536 2018-11-05] (Intel(R) Software -> Intel Corporation)
Task: {7EDD6566-188B-415C-830C-3BCC5376A781} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {86C83C5D-A8F0-4C37-BCF8-78FAEB2EF07C} - System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-2943715955-579751958-2762250142-1001 => C:\Users\seanc\AppData\Local\Programs\Messenger\MessengerHelper.exe [2149112 2022-12-09] (Facebook, Inc. -> Meta Platforms, Inc.)
Task: {88671774-8336-4FDF-91D3-325308D3ACDD} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3236624 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
Task: {8A3829C4-CDBE-4421-8983-6FAFDFDF750D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d5c22bd8-777a-4b2a-a803-d3cf6710f46a => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {8AB5C4DD-9A18-4BA4-B710-94D465BB3FA2} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [880 2020-09-24] () [File not signed]
Task: {8E3DA3A2-7E91-480C-BB87-80B73B6FA1DC} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-31] (Nvidia Corporation -> NVIDIA Corporation)
Task: {921219DB-6C87-4D6F-91B6-5FDE483623C5} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {ACBF2975-973E-4C63-819C-D45F2E410A7D} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {B1C2DF11-38B1-4C5E-9CE3-F1A2188E9D6C} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {B4EF8147-CCAD-46DF-93EA-7BF754E74A35} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {B5B5A451-7268-4736-A5B6-EB7D317FD760} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {B6CA9519-3877-41B8-AD5E-3E4C858BCBFC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {B8CC9CD2-9015-4D7F-999A-D21D15A2F5BA} - System32\Tasks\Lenovo Power Management Driver PnP Task => C:\WINDOWS\System32\ibmpmsvc.exe [871912 2022-03-27] (Lenovo -> Lenovo)
Task: {BD97CAF3-3E66-43B5-BFF6-1D1FD4AA5E2F} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {BE325F53-8A99-45A5-8817-3B2E4EF72AC7} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {C2A2665C-4905-4E8A-A234-F8F9078B3189} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\WINDOWS\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [184656 2022-05-23] (Lenovo -> Lenovo Group Ltd.)
Task: {C5212E79-728A-42E6-88AB-FBF03AA3D0A4} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [62152 2020-12-20] (Lenovo -> )
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {CE9AE4BA-DE91-4CB9-A12E-897711F4FC73} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2943715955-579751958-2762250142-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {CED24081-5544-4A65-AB3C-9518AD72F8E7} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-31] (Nvidia Corporation -> NVIDIA Corporation)
Task: {CFC84FB5-2E9B-4EA3-8687-E5A44B89C986} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1900320 2022-09-29] (Lenovo -> )
Task: {D378EA12-2DAA-4000-90F4-B522245FDB52} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [146816 2022-12-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {D553045B-C02A-4734-B5F2-FEF154774FA6} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {D56A1DC3-5A57-4B90-AAA7-8F7EFBBF6BB8} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {DBD92B1C-3CB7-434D-9B0C-8E19AE6A3973} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {DC153947-1AAA-48E3-8B87-1A5C4617B3FD} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1900320 2022-09-29] (Lenovo -> )
Task: {DD033FA0-763F-4D7B-81B5-DB7D1A32FE4C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-31] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {E8F20228-5519-4412-805E-21E561AE3758} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.SScan => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {EC2A4889-B731-48E8-8A46-2DD6C7200D7A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8509392 2022-12-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {FDA58F09-1BF8-4BF5-A7CD-E2ED87D4CF4B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308584 2022-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {FF3CC576-9FF6-4460-8123-23D1BBBD47B0} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\01bb99a0-a615-4b39-80fd-51751eb27c8c => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {FF5559B7-355E-4295-B3BE-BC69AC7CD564} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144344 2022-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {FFF1E04B-497B-40FA-9058-4514D90C90AA} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 76.76.2.0
Tcpip\..\Interfaces\{076ea20b-089a-445e-a602-dc55f5647c69}: [DhcpNameServer] 8.8.8.8 76.76.2.0
Tcpip\..\Interfaces\{0f5d6c5e-2d0b-40a6-8c4e-a98891f7b8fc}: [NameServer] 100.64.100.1
Tcpip\..\Interfaces\{55b6cc48-c9f9-4406-9001-b22a1b418125}: [DhcpNameServer] 192.168.132.1
Tcpip\..\Interfaces\{67c9fe34-4624-4f75-8c4b-fd4dea3393fc}: [DhcpNameServer] 10.157.0.1

Edge:
=======
DownloadDir: C:\Users\seanc\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\seanc\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-21]
Edge HomePage: Default -> hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
Edge Extension: (Alaska Airlines Mileage Plan™ Shopping button) - C:\Users\seanc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bpncppnllngfgpcclmpjdlhokgbdkpdh [2022-10-20]
Edge Extension: (Dropbox for Gmail) - C:\Users\seanc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2021-09-01]
Edge Extension: (Bookmarks Menu) - C:\Users\seanc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ffmdedmghpoipeldijkdlcckdpempkdi [2022-05-18]
Edge Extension: (iCloud Bookmarks) - C:\Users\seanc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2022-11-21]
Edge Extension: (HTTPS Everywhere) - C:\Users\seanc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2022-05-25]
Edge Extension: (FantasyPros: Win your Fantasy League) - C:\Users\seanc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gfbepnlhpkbgbkcebjnfhgjckibfdfkc [2022-10-28]
Edge Extension: (FBS II : Fast Bookmark Scanner II) - C:\Users\seanc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gjcmklpilmpfhfjpebhnapnglcppdbic [2020-07-04]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\seanc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-12-13]
Edge Extension: (Capital One Shopping: Add to Edge for Free) - C:\Users\seanc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kiiaghlmeikbpmeabhilfphikfcefljn [2022-12-17]
Edge Extension: (Fatkun Batch Download Image) - C:\Users\seanc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nnjjahlikiabnchcpehcpkdeckfgnohf [2022-12-09]
Edge Extension: (AwardWallet) - C:\Users\seanc\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ohkankfogimcbcioalemeonlapdababm [2022-08-05]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: yc150fr2.default
FF ProfilePath: C:\Users\seanc\AppData\Roaming\Mozilla\Firefox\Profiles\yc150fr2.default [2022-03-27]
FF ProfilePath: C:\Users\seanc\AppData\Roaming\Mozilla\Firefox\Profiles\99yc8c4g.default-release [2022-12-20]
FF Notifications: Mozilla\Firefox\Profiles\99yc8c4g.default-release -> hxxps://www.reddit.com
FF Extension: (Malwarebytes Browser Guard) - C:\Users\seanc\AppData\Roaming\Mozilla\Firefox\Profiles\99yc8c4g.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-10-12]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2022-12-21] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2022-12-21] (Avast Software s.r.o. -> AVAST Software)
FF Plugin HKU\S-1-5-21-2943715955-579751958-2762250142-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\seanc\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-08] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)


==
Click to expand...
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default [2022-12-21]
CHR HomePage: Default -> hxxp://my.yahoo.com/
CHR Extension: (United Airlines MileagePlus® Shopping button) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apcjkhjbhapedgbekhlhdkidpohpkfne [2022-10-07]
CHR Extension: (iCloud) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjhodfififgcgedifpkenofdhlaafokk [2020-05-15]
CHR Extension: (Dropbox for Gmail) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2021-08-30]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-12-14]
CHR Extension: (Bookmarks Menu) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffmdedmghpoipeldijkdlcckdpempkdi [2022-05-06]
CHR Extension: (ExpressVPN: VPN proxy for a better internet) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgddmllnllkalaagkghckoinaemmogpe [2022-11-21]
CHR Extension: (iCloud Bookmarks) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2022-11-18]
CHR Extension: (HTTPS Everywhere) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2022-05-25]
CHR Extension: (FantasyPros: Win your Fantasy League) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfbepnlhpkbgbkcebjnfhgjckibfdfkc [2022-10-27]
CHR Extension: (CardPointers X: Credit Card Rewards Made Easy) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlambnnbnnjkabpgemeompijpdliimkm [2022-12-10]
CHR Extension: (Bookmark Manager) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\idakfiahffeejfhghndaboolmmhbnepn [2022-04-24]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2022-12-21]
CHR Extension: (Image downloader) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdbfjpagopjjaiofmgodphiklmjhcnok [2022-07-08]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-23]
CHR Extension: (AwardWallet) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lppkddfmnlpjbojooindbmcokchjgbib [2021-11-20]
CHR Extension: (Fakespot Fake Amazon Reviews and eBay Sellers) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nakplnnackehceedgkgkokbgbmfghain [2022-12-10]
CHR Extension: (No Name) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2021-02-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-05-07]
CHR Profile: C:\Users\seanc\AppData\Local\Google\Chrome\User Data\System Profile [2022-05-07]
CHR HKU\S-1-5-21-2943715955-579751958-2762250142-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103280 2022-09-01] (Apple Inc. -> Apple Inc.)
R2 ApsInsSvc; C:\WINDOWS\System32\ApsInsSvc.exe [150720 2019-06-10] (Lenovo -> Lenovo.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8523800 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [589536 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [589536 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\108.0.19667.125\elevation_service.exe [1794040 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-07-25] (Brother Industries, Ltd.) [File not signed]
R2 CAMService; C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\target\x86_64-pc-windows-msvc\release\service.exe [640448 2022-12-05] (NZXT, Inc. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12540928 2022-12-16] (Microsoft Corporation -> Microsoft Corporation)
R2 CxAudioSvc; C:\WINDOWS\CxSvc\CxAudioSvc.exe [93448 2020-08-11] (Synaptics Incorporated -> Conexant Systems LLC.)
R2 CxAudMsg; C:\WINDOWS\System32\CxAudMsg64.exe [243464 2020-08-11] (Synaptics Incorporated -> Conexant Systems Inc.)
R2 CxUIUSvc; C:\WINDOWS\System32\CxUIUSvc64.exe [122096 2020-08-11] (Synaptics Incorporated -> Conexant Systems, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_8a4ddeba3102f3a4\DAX3API.exe [1932960 2020-03-02] (Dolby Laboratories, Inc. -> Dolby Laboratories)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-10-28] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ExpressVPN App Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.AppService.exe [437096 2022-11-24] (EXPRSVPN LLC -> ExpressVPN)
R2 ExpressVPN System Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.SystemService.exe [437096 2022-11-24] (EXPRSVPN LLC -> ExpressVPN)
R2 ExpressVPN VPN Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.VpnService.exe [437096 2022-11-24] (EXPRSVPN LLC -> ExpressVPN)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncHelper.exe [3478928 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [229360 2022-12-02] (HP Inc. -> HP Inc.)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2022-10-12] (Microsoft Windows -> Microsoft Corporation)
R2 Lenovo Instant On; C:\WINDOWS\SysWOW64\EasyResume.exe [2351304 2020-12-20] (Lenovo -> Lenovo Group Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\3.13.43.0\LenovoVantageService.exe [32464 ] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\WINDOWS\System32\LITSSvc.exe [1217488 2022-10-10] (Lenovo -> Lenovo.)
S2 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [906216 2022-03-27] (Lenovo -> Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8872736 2022-11-26] (Malwarebytes Inc. -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.238.1114.0002\OneDriveUpdaterService.exe [3845008 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [249376 2022-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SynHsaService; C:\WINDOWS\System32\SynRpcServer.exe [187328 2022-08-09] (Synaptics Incorporated -> Synaptics Incorporated.)
R2 TbtP2pShortcutService; C:\WINDOWS\TbtP2pShortcutService.exe [256696 2022-02-05] (Intel Corporation -> Intel Corporation)
R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2022-10-12] (Microsoft Windows -> Microsoft Corporation)
R2 TPHKLOAD; C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_6df953d54d3099b9\driver\TPHKLOAD.exe [465192 2021-03-30] (Lenovo -> Lenovo Group Limited)
R2 UDCService; C:\WINDOWS\System32\drivers\Lenovo\udc\Service\UDClientService.exe [71504 2022-05-23] (Lenovo -> Lenovo Group Ltd.)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2021-03-01] (Microsoft) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2021-03-01] (Microsoft) [File not signed]
R3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [137552 2022-12-13] (Microsoft Windows -> Microsoft Corporation)
R2 Fing.Agent; "C:\Program Files\Fing\resources\extraResources\fingagent.exe" --servicemode Fing.Agent --agentroot "C:\Users\seanc\AppData\Roaming"
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_e32bb28e87695861\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_e32bb28e87695861\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AKCCID; C:\WINDOWS\System32\drivers\AKCCID.sys [124960 2020-05-03] (Alcorlink Corp. -> Generic)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [41760 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [237632 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [389064 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [257992 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [104904 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-12-21] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [47936 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [274976 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [553880 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [113920 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88984 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [861936 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [671216 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221464 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327408 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91480 2022-10-12] (Microsoft Windows -> Microsoft Corporation)
R3 cpuz154; C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [40976 2022-12-21] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
S4 EUBAKUP; C:\WINDOWS\system32\drivers\eubakup.sys [73448 2020-02-24] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
S4 EUBKMON; C:\WINDOWS\system32\drivers\EUBKMON.sys [53504 2020-02-24] (Microsoft Windows Hardware Compatibility Publisher -> )
S4 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [22784 2020-02-24] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
S4 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [341760 2020-02-24] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\driver\expressvpnsplittunnel.sys [45640 2022-11-24] (ExprsVPN LLC -> ExpressVPN)
R3 expressvpntun; C:\WINDOWS\System32\drivers\expressvpn-tun.sys [46896 2022-04-29] (Express VPN International Ltd. -> ExpressVPN)
S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-06] (Microsoft Windows -> Microsoft Corporation)
S3 LenovoBoost; C:\WINDOWS\system32\DRIVERS\vanboost.sys [47888 2022-07-11] (Lenovo -> Lenovo Group Ltd.)
S3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2018-05-07] (Logitech -> Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-04-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2019-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [74616 2020-09-25] (Insecure.Com LLC -> Insecure.Com LLC.)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [36600 2016-11-09] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R1 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [38888 2022-03-27] (Lenovo -> Lenovo)
S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-06] (Microsoft Windows -> VMware, Inc.)
S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-06] (Microsoft Windows -> )
S3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [61496 2022-04-29] (ExprsVPN LLC -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WiMan; C:\WINDOWS\System32\DriverStore\FileRepository\wiman.inf_amd64_c34c898c5c4d0406\WiMan\WiMan.sys [168008 2021-12-08] (Intel Corporation -> Intel Corporation)
R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2022-12-13] (Microsoft Windows -> Microsoft Corporation)
S3 LGVirHid; \SystemRoot\system32\drivers\LGVirHid.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
sean97000 said:
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default [2022-12-21]
CHR HomePage: Default -> hxxp://my.yahoo.com/
CHR Extension: (United Airlines MileagePlus® Shopping button) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apcjkhjbhapedgbekhlhdkidpohpkfne [2022-10-07]
CHR Extension: (iCloud) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjhodfififgcgedifpkenofdhlaafokk [2020-05-15]
CHR Extension: (Dropbox for Gmail) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2021-08-30]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-12-14]
CHR Extension: (Bookmarks Menu) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffmdedmghpoipeldijkdlcckdpempkdi [2022-05-06]
CHR Extension: (ExpressVPN: VPN proxy for a better internet) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgddmllnllkalaagkghckoinaemmogpe [2022-11-21]
CHR Extension: (iCloud Bookmarks) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2022-11-18]
CHR Extension: (HTTPS Everywhere) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2022-05-25]
CHR Extension: (FantasyPros: Win your Fantasy League) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfbepnlhpkbgbkcebjnfhgjckibfdfkc [2022-10-27]
CHR Extension: (CardPointers X: Credit Card Rewards Made Easy) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlambnnbnnjkabpgemeompijpdliimkm [2022-12-10]
CHR Extension: (Bookmark Manager) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\idakfiahffeejfhghndaboolmmhbnepn [2022-04-24]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2022-12-21]
CHR Extension: (Image downloader) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdbfjpagopjjaiofmgodphiklmjhcnok [2022-07-08]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-23]
CHR Extension: (AwardWallet) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lppkddfmnlpjbojooindbmcokchjgbib [2021-11-20]
CHR Extension: (Fakespot Fake Amazon Reviews and eBay Sellers) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nakplnnackehceedgkgkokbgbmfghain [2022-12-10]
CHR Extension: (No Name) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2021-02-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\seanc\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-05-07]
CHR Profile: C:\Users\seanc\AppData\Local\Google\Chrome\User Data\System Profile [2022-05-07]
CHR HKU\S-1-5-21-2943715955-579751958-2762250142-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103280 2022-09-01] (Apple Inc. -> Apple Inc.)
R2 ApsInsSvc; C:\WINDOWS\System32\ApsInsSvc.exe [150720 2019-06-10] (Lenovo -> Lenovo.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8523800 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [589536 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [589536 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\108.0.19667.125\elevation_service.exe [1794040 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-07-25] (Brother Industries, Ltd.) [File not signed]
R2 CAMService; C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\target\x86_64-pc-windows-msvc\release\service.exe [640448 2022-12-05] (NZXT, Inc. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12540928 2022-12-16] (Microsoft Corporation -> Microsoft Corporation)
R2 CxAudioSvc; C:\WINDOWS\CxSvc\CxAudioSvc.exe [93448 2020-08-11] (Synaptics Incorporated -> Conexant Systems LLC.)
R2 CxAudMsg; C:\WINDOWS\System32\CxAudMsg64.exe [243464 2020-08-11] (Synaptics Incorporated -> Conexant Systems Inc.)
R2 CxUIUSvc; C:\WINDOWS\System32\CxUIUSvc64.exe [122096 2020-08-11] (Synaptics Incorporated -> Conexant Systems, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_8a4ddeba3102f3a4\DAX3API.exe [1932960 2020-03-02] (Dolby Laboratories, Inc. -> Dolby Laboratories)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-10-28] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ExpressVPN App Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.AppService.exe [437096 2022-11-24] (EXPRSVPN LLC -> ExpressVPN)
R2 ExpressVPN System Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.SystemService.exe [437096 2022-11-24] (EXPRSVPN LLC -> ExpressVPN)
R2 ExpressVPN VPN Service; C:\Program Files (x86)\ExpressVPN\services\ExpressVPN.VpnService.exe [437096 2022-11-24] (EXPRSVPN LLC -> ExpressVPN)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncHelper.exe [3478928 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [229360 2022-12-02] (HP Inc. -> HP Inc.)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R3 InventorySvc; C:\WINDOWS\system32\inventorysvc.dll [304480 2022-10-12] (Microsoft Windows -> Microsoft Corporation)
R2 Lenovo Instant On; C:\WINDOWS\SysWOW64\EasyResume.exe [2351304 2020-12-20] (Lenovo -> Lenovo Group Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\3.13.43.0\LenovoVantageService.exe [32464 ] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\WINDOWS\System32\LITSSvc.exe [1217488 2022-10-10] (Lenovo -> Lenovo.)
S2 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [906216 2022-03-27] (Lenovo -> Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8872736 2022-11-26] (Malwarebytes Inc. -> Malwarebytes)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.238.1114.0002\OneDriveUpdaterService.exe [3845008 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [249376 2022-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\Sgrm\SgrmBroker.exe [414632 2022-05-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SynHsaService; C:\WINDOWS\System32\SynRpcServer.exe [187328 2022-08-09] (Synaptics Incorporated -> Synaptics Incorporated.)
R2 TbtP2pShortcutService; C:\WINDOWS\TbtP2pShortcutService.exe [256696 2022-02-05] (Intel Corporation -> Intel Corporation)
R2 TextInputManagementService; C:\WINDOWS\System32\TabSvc.dll [266240 2022-10-12] (Microsoft Windows -> Microsoft Corporation)
R2 TPHKLOAD; C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_6df953d54d3099b9\driver\TPHKLOAD.exe [465192 2021-03-30] (Lenovo -> Lenovo Group Limited)
R2 UDCService; C:\WINDOWS\System32\drivers\Lenovo\udc\Service\UDClientService.exe [71504 2022-05-23] (Lenovo -> Lenovo Group Ltd.)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2021-03-01] (Microsoft) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2021-03-01] (Microsoft) [File not signed]
R3 wuauserv; C:\WINDOWS\system32\wuauserv.dll [137552 2022-12-13] (Microsoft Windows -> Microsoft Corporation)
R2 Fing.Agent; "C:\Program Files\Fing\resources\extraResources\fingagent.exe" --servicemode Fing.Agent --agentroot "C:\Users\seanc\AppData\Roaming"
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_e32bb28e87695861\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_e32bb28e87695861\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AKCCID; C:\WINDOWS\System32\drivers\AKCCID.sys [124960 2020-05-03] (Alcorlink Corp. -> Generic)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [41760 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [237632 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [389064 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [257992 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [104904 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-12-21] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [47936 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [274976 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [553880 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [113920 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88984 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [861936 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [671216 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [221464 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327408 2022-12-21] (Avast Software s.r.o. -> AVAST Software)
R2 bfs; C:\WINDOWS\system32\drivers\bfs.sys [91480 2022-10-12] (Microsoft Windows -> Microsoft Corporation)
R3 cpuz154; C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [40976 2022-12-21] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
S4 EUBAKUP; C:\WINDOWS\system32\drivers\eubakup.sys [73448 2020-02-24] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
S4 EUBKMON; C:\WINDOWS\system32\drivers\EUBKMON.sys [53504 2020-02-24] (Microsoft Windows Hardware Compatibility Publisher -> )
S4 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [22784 2020-02-24] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
S4 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [341760 2020-02-24] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\driver\expressvpnsplittunnel.sys [45640 2022-11-24] (ExprsVPN LLC -> ExpressVPN)
R3 expressvpntun; C:\WINDOWS\System32\drivers\expressvpn-tun.sys [46896 2022-04-29] (Express VPN International Ltd. -> ExpressVPN)
S0 GenPass; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [62800 2022-05-06] (Microsoft Windows -> Microsoft Corporation)
S3 LenovoBoost; C:\WINDOWS\system32\DRIVERS\vanboost.sys [47888 2022-07-11] (Lenovo -> Lenovo Group Ltd.)
S3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2018-05-07] (Logitech -> Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-04-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2019-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [74616 2020-09-25] (Insecure.Com LLC -> Insecure.Com LLC.)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [36600 2016-11-09] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R1 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [38888 2022-03-27] (Lenovo -> Lenovo)
S0 pvscsi; C:\WINDOWS\System32\drivers\pvscsii.sys [45408 2022-05-06] (Microsoft Windows -> VMware, Inc.)
S3 RoutePolicy; C:\WINDOWS\System32\drivers\RoutePolicy.sys [98304 2022-05-06] (Microsoft Windows -> )
S3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [61496 2022-04-29] (ExprsVPN LLC -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WiMan; C:\WINDOWS\System32\DriverStore\FileRepository\wiman.inf_amd64_c34c898c5c4d0406\WiMan\WiMan.sys [168008 2021-12-08] (Intel Corporation -> Intel Corporation)
R2 wtd; C:\WINDOWS\System32\drivers\wtd.sys [118784 2022-12-13] (Microsoft Windows -> Microsoft Corporation)
S3 LGVirHid; \SystemRoot\system32\drivers\LGVirHid.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Click to expand...
==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-21 08:33 - 2022-12-21 08:34 - 000000000 ____D C:\FRST
2022-12-21 08:31 - 2022-12-21 08:31 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-12-21 08:31 - 2022-12-21 08:31 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2022-12-21 08:29 - 2022-12-21 08:29 - 000000000 ____D C:\WINDOWS\system32\gf2engine
2022-12-21 08:20 - 2022-12-21 08:20 - 000025576 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2022-12-21 08:19 - 2022-12-21 08:19 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-12-21 08:19 - 2022-12-21 08:19 - 000001986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2022-12-21 08:19 - 2022-12-21 08:19 - 000001974 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2022-12-21 08:19 - 2022-12-21 08:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-12-21 08:18 - 2022-12-21 08:21 - 000000000 ____D C:\Users\seanc\AppData\Local\AVAST Software
2022-12-21 08:18 - 2022-12-21 08:18 - 000003856 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2022-12-21 08:18 - 2022-12-21 08:18 - 000003456 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineUA
2022-12-21 08:18 - 2022-12-21 08:18 - 000003332 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineCore
2022-12-21 08:18 - 2022-12-21 08:18 - 000003272 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2022-12-21 08:18 - 2022-12-21 08:18 - 000002577 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2022-12-21 08:18 - 2022-12-21 08:18 - 000002542 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2022-12-21 08:18 - 2022-12-21 08:18 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2022-12-21 08:17 - 2022-12-21 08:17 - 000861936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-12-21 08:17 - 2022-12-21 08:17 - 000671216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-12-21 08:17 - 2022-12-21 08:17 - 000553880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-12-21 08:17 - 2022-12-21 08:17 - 000389064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-12-21 08:17 - 2022-12-21 08:17 - 000327408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-12-21 08:17 - 2022-12-21 08:17 - 000274976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-12-21 08:17 - 2022-12-21 08:17 - 000270560 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-12-21 08:17 - 2022-12-21 08:17 - 000257992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-12-21 08:17 - 2022-12-21 08:17 - 000237632 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-12-21 08:17 - 2022-12-21 08:17 - 000221464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-12-21 08:17 - 2022-12-21 08:17 - 000113920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-12-21 08:17 - 2022-12-21 08:17 - 000104904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-12-21 08:17 - 2022-12-21 08:17 - 000088984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-12-21 08:17 - 2022-12-21 08:17 - 000047936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-12-21 08:17 - 2022-12-21 08:17 - 000041760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-12-21 08:17 - 2022-12-21 08:17 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2022-12-21 08:16 - 2022-12-21 08:16 - 000000000 ____D C:\Program Files\Avast Software
2022-12-18 14:12 - 2022-12-18 14:12 - 000001823 _____ C:\Users\Public\Desktop\iTunes.lnk
2022-12-18 14:12 - 2022-12-18 14:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2022-12-18 14:12 - 2022-12-18 14:12 - 000000000 ____D C:\Program Files\iTunes
2022-12-17 07:20 - 2022-12-21 08:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-12-16 08:00 - 2022-12-16 08:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-12-13 20:00 - 2022-12-13 20:00 - 000062816 _____ C:\WINDOWS\system32\AppInstallerBackgroundUpdate.exe
2022-12-13 20:00 - 2022-12-13 20:00 - 000016533 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-12-13 19:58 - 2022-12-13 19:58 - 000000000 ___HD C:\$WinREAgent
2022-12-13 16:26 - 2022-12-13 16:26 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-12-13 16:26 - 2022-12-13 16:26 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-12-13 16:26 - 2022-12-13 16:26 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-12-13 16:26 - 2022-12-13 16:26 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx.sys
2022-12-13 16:26 - 2022-12-13 16:26 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-12-13 07:26 - 2022-12-21 08:20 - 000000000 ____D C:\Users\seanc\AppData\Local\7460F29E-F110-4349-A2C5-119E7EB9C252.aplzod
2022-12-13 07:22 - 2022-12-21 08:32 - 000000000 ___RD C:\Users\seanc\iCloudDrive
2022-12-13 07:22 - 2022-12-13 07:22 - 000000000 ____D C:\Users\seanc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2022-12-01 14:15 - 2022-12-01 19:15 - 000002337 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ExpressVPN.lnk
2022-12-01 14:15 - 2022-12-01 19:15 - 000002167 _____ C:\Users\Public\Desktop\ExpressVPN.lnk
2022-12-01 14:14 - 2022-12-13 19:53 - 000000000 ____D C:\Program Files\dotnet

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-21 08:35 - 2020-12-15 07:41 - 000000000 ____D C:\Users\seanc\AppData\Local\Messenger
2022-12-21 08:35 - 2020-11-02 15:44 - 000000000 ____D C:\Users\seanc\AppData\Roaming\Fing
2022-12-21 08:34 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-12-21 08:33 - 2019-11-11 08:41 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-21 08:32 - 2022-08-17 16:00 - 000000000 ____D C:\Users\seanc\AppData\Roaming\DropboxElectron
2022-12-21 08:32 - 2020-12-15 07:41 - 000000000 ____D C:\Users\seanc\AppData\Roaming\Messenger
2022-12-21 08:32 - 2020-02-11 18:59 - 000000000 ____D C:\Users\seanc\AppData\Roaming\WhatsApp
2022-12-21 08:32 - 2019-11-11 08:54 - 000000000 ____D C:\Users\seanc\AppData\Local\Dropbox
2022-12-21 08:31 - 2022-09-30 15:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-12-21 08:31 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\ServiceState
2022-12-21 08:31 - 2022-05-06 23:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-12-21 08:31 - 2022-05-06 23:22 - 000000000 ____D C:\WINDOWS\INF
2022-12-21 08:31 - 2021-03-12 09:31 - 000012288 ___SH C:\DumpStack.log.tmp
2022-12-21 08:31 - 2019-11-11 10:28 - 000000000 ___HD C:\Intel
2022-12-21 08:31 - 2019-11-11 10:13 - 000000000 ____D C:\Users\seanc\AppData\Roaming\NZXT CAM
2022-12-21 08:31 - 2019-11-11 08:58 - 000000000 ____D C:\ProgramData\AVAST Software
2022-12-21 08:31 - 2019-11-11 08:38 - 000000000 __SHD C:\Users\seanc\IntelGraphicsProfiles
2022-12-21 08:31 - 2019-10-27 06:07 - 000000000 ____D C:\ProgramData\NVIDIA
2022-12-21 08:30 - 2022-05-06 23:17 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-12-21 08:27 - 2022-05-06 23:24 - 000000000 ___HD C:\Program Files\WindowsApps
2022-12-21 08:27 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-12-21 08:20 - 2019-11-22 15:43 - 000000000 ____D C:\Program Files\SteelSeries
2022-12-21 08:19 - 2019-11-11 09:00 - 000000000 ____D C:\Users\seanc\AppData\Roaming\AVAST Software
2022-12-21 08:17 - 2022-05-06 23:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-12-21 08:08 - 2022-09-30 15:19 - 000854460 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-12-21 08:01 - 2022-09-30 15:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-12-21 08:01 - 2022-03-27 13:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-12-21 08:01 - 2022-01-31 15:46 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-12-21 07:58 - 2022-03-27 13:02 - 000000000 ____D C:\Users\seanc\AppData\LocalLow\Mozilla
2022-12-20 21:58 - 2022-03-27 13:02 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-12-20 21:46 - 2021-03-25 13:10 - 000000000 ____D C:\Program Files (x86)\PowerENGAGE
2022-12-20 16:57 - 2019-11-11 08:57 - 000000000 ___RD C:\Users\seanc\Dropbox
2022-12-19 09:07 - 2022-10-01 06:08 - 000000000 ____D C:\Program Files\Microsoft Office
2022-12-17 08:08 - 2022-09-30 15:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-12-17 08:08 - 2022-03-27 13:02 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-12-16 08:19 - 2020-07-03 23:54 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-16 08:19 - 2020-07-03 23:54 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-12-16 08:00 - 2019-11-11 08:54 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-12-15 17:48 - 2019-11-11 09:07 - 000000000 ____D C:\Users\seanc\Dropbox\Documents\Letters
2022-12-15 17:39 - 2020-05-15 16:29 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-15 07:36 - 2022-09-30 15:14 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2943715955-579751958-2762250142-1002
2022-12-15 07:36 - 2022-09-30 15:14 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2943715955-579751958-2762250142-1001
2022-12-15 07:36 - 2022-09-30 15:14 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-12-15 07:36 - 2022-01-29 09:13 - 000002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-12-14 10:50 - 2020-12-15 07:41 - 000002344 _____ C:\Users\seanc\Desktop\Messenger.lnk
2022-12-14 01:11 - 2022-09-30 15:09 - 000484456 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-12-14 01:10 - 2022-05-07 01:39 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-12-14 01:10 - 2022-05-06 23:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-12-14 01:10 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\UUS
2022-12-14 01:10 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SystemResources
2022-12-14 01:10 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\SystemApps
2022-12-14 01:10 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-12-14 01:10 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-12-14 01:10 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-12-14 01:10 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-12-14 01:10 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\Provisioning
2022-12-14 01:10 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-12-14 01:10 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-12-14 01:10 - 2022-05-06 23:24 - 000000000 ____D C:\Program Files\Common Files\System
2022-12-13 20:05 - 2019-11-11 12:38 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-12-13 20:02 - 2022-05-06 23:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-12-13 20:02 - 2019-11-11 12:38 - 148633544 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-12-13 20:00 - 2022-09-30 15:10 - 003212288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-12-13 19:53 - 2019-11-12 15:59 - 000000000 ____D C:\ProgramData\Package Cache
2022-12-13 19:36 - 2021-10-18 20:38 - 000000000 ____D C:\Users\seanc\AppData\Local\WhatsApp
2022-12-13 16:18 - 2021-09-30 18:39 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-12-13 10:51 - 2022-05-12 15:19 - 000000000 ____D C:\Program Files\Fing
2022-12-13 10:51 - 2019-11-22 15:30 - 000000000 ____D C:\Users\seanc\AppData\Local\CrashDumps
2022-12-13 07:22 - 2022-09-30 14:07 - 000000000 ____D C:\Users\seanc
2022-12-13 07:22 - 2019-11-11 17:40 - 000000000 ____D C:\Users\seanc\AppData\Local\Apple Inc
2022-12-13 07:21 - 2019-11-11 17:36 - 000000000 ____D C:\Users\seanc\AppData\Roaming\Apple Computer
2022-12-12 22:08 - 2019-11-11 10:13 - 000000000 ____D C:\Users\seanc\AppData\Local\D3DSCache
2022-12-12 22:06 - 2019-11-11 10:13 - 000000000 ____D C:\Program Files\NZXT CAM
2022-12-10 10:10 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-12-10 07:01 - 2022-05-06 23:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-12-09 17:40 - 2019-04-18 23:00 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-12-09 17:32 - 2022-10-01 06:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2022-12-02 08:09 - 2021-07-17 11:51 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-12-02 08:08 - 2022-09-30 15:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-12-01 16:11 - 2019-11-26 16:38 - 000000000 ____D C:\WINDOWS\TempInst
2022-12-01 16:11 - 2019-11-11 08:54 - 000000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2022-12-01 16:11 - 2019-11-11 08:54 - 000000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2022-12-01 14:15 - 2022-09-25 19:53 - 000000000 ____D C:\Program Files (x86)\ExpressVPN
2022-12-01 14:15 - 2022-05-05 06:08 - 000000000 ____D C:\Users\seanc\AppData\Local\ExpressVPN
2022-12-01 14:15 - 2022-05-05 06:08 - 000000000 ____D C:\ProgramData\ExpressVPN
2022-11-30 17:13 - 2022-09-30 15:14 - 000003998 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2022-11-30 17:13 - 2022-09-30 15:14 - 000003766 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2022-11-28 13:56 - 2019-11-11 08:38 - 000000000 ____D C:\Users\seanc\AppData\Local\Packages
2022-11-27 12:20 - 2021-11-06 11:28 - 000022152 _____ C:\WINDOWS\storelibdebug.txt
2022-11-23 10:58 - 2021-07-10 12:27 - 000019968 _____ C:\Users\seanc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2022-11-23 06:07 - 2022-09-30 14:06 - 000000000 ____D C:\WINDOWS\system32\icmsg
2022-11-21 11:31 - 2022-01-13 08:54 - 000000000 ____D C:\Users\seanc\Dropbox\Documents\veterinary stuff
2022-11-21 10:52 - 2022-09-11 12:34 - 000000000 ____D C:\Users\seanc\AppData\Roaming\com.adobe.dunamis

==================== Files in the root of some directories ========

2021-07-10 12:27 - 2022-11-23 10:58 - 000019968 _____ () C:\Users\seanc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-11-13 17:44 - 2019-11-24 16:07 - 001065984 _____ () C:\Users\seanc\AppData\Local\file__0.localstorage
2021-06-11 09:36 - 2021-06-12 17:09 - 000007605 _____ () C:\Users\seanc\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ======================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-12-2022
Ran by seanc (21-12-2022 08:35:52)
Running from C:\Users\seanc\Dropbox\Downloads
Microsoft Windows 11 Pro Version 22H2 22621.963 (X64) (2022-09-30 21:15:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2943715955-579751958-2762250142-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2943715955-579751958-2762250142-503 - Limited - Disabled)
Guest (S-1-5-21-2943715955-579751958-2762250142-501 - Limited - Disabled)
seanc (S-1-5-21-2943715955-579751958-2762250142-1001 - Administrator - Enabled) => C:\Users\seanc
WDAGUtilityAccount (S-1-5-21-2943715955-579751958-2762250142-504 - Limited - Disabled)
xyz (S-1-5-21-2943715955-579751958-2762250142-1002 - Limited - Enabled) => C:\Users\xyz

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 22.003.20282 - Adobe)
Adobe AIR (HKLM-x32\...\{10E33ABF-D7FB-4F47-900A-7973854AB45A}) (Version: 32.0.0.125 - Adobe) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.125 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{065D0CC8-C382-48AF-8A88-0DD3366EB26C}) (Version: 16.0.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
AppLogLibSetup (HKLM-x32\...\{52FB0C8F-DF05-4C61-AEB6-18C55F8C385F}) (Version: 1.0.3.0 - Brother Industries Ltd.) Hidden
Asian Language And Spelling Dictionaries Support For Adobe Acrobat Reader (HKLM\...\{AC76BA86-7AD7-0000-0000-BC16014E7500}) (Version: 22.001.20085 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.8.6030 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 108.0.19667.125 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1579.3 - AVAST Software) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BrLauncher (HKLM-x32\...\{88FCD471-DBBF-4A75-8066-ACACE05DE3CF}) (Version: 2.0.14.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{42D72ABA-773E-467A-8A64-4765E990EB75}) (Version: 9.0.0.123 - Brother Industries, Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{85f204b0-595c-4801-8648-a69062f9ce1b}) (Version: 9.0.0.123 - Brother Industries, Ltd.)
Brother PCFax Driver (HKLM-x32\...\{79262B43-9E15-4732-A034-BFD29D9BD077}) (Version: 1.4.1.0 - Brother Industries Ltd.) Hidden
Brother PowerENGAGE (HKLM-x32\...\{3CE8B8E8-B33B-453C-BB7A-821ED6E18A24}) (Version: 1.0.27 - Aviata, Inc.)
Brother Printer Driver (HKLM-x32\...\{C51A701B-AECE-49B1-B130-1D60450EF585}) (Version: 7.1.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{57AA5C19-0725-46C3-AD87-2318A029DCEE}) (Version: 1.0.34.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{C0439A0D-8A66-4BD0-A3E0-85C8E2920762}) (Version: 1.0.26.0 - Brother Industries Ltd.) Hidden
Bulk Rename Utility 3.4.3.0 (64-bit) (HKLM\...\Bulk Rename Utility Installation_is1) (Version: - TGRMN Software)
Bulkr (HKLM-x32\...\{061C9880-A84F-7B58-D7A3-748E24D3DA43}) (Version: 1.8 - Prakash Bajracharya) Hidden
Bulkr (HKLM-x32\...\com.prakaz.project.photogettr.fresh) (Version: 1.8 - Prakash Bajracharya)
ControlCenter4 (HKLM-x32\...\{9CE6D4F3-965F-4FA7-8431-4A4FDC7A01D9}) (Version: 4.6.23.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
DeviceDetect (HKLM-x32\...\{5FE4CE95-1B55-4632-A3F1-851B07936498}) (Version: 1.4.10.0 - Brother Industries Ltd.) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 163.4.5456 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.685.1 - Dropbox, Inc.) Hidden
Easy Duplicate Finder 7 (HKLM\...\{44055866-8E3F-4B5B-B63D-AD4CB4A0ECE3}_is1) (Version: 7.13.0.29 - Webminds, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Excel Password Recovery Lastic 1.3 (HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Excel Password Recovery Lastic_is1) (Version: - )
ExpressVPN (HKLM-x32\...\{8e563438-c5e3-4ece-98b6-53dcb8e954c2}) (Version: 12.38.0.60 - ExpressVPN)
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B8982D786D}) (Version: 12.38.0.60 - ExpressVPN) Hidden
f.lux (HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Flux) (Version: - f.lux Software LLC)
Fast Duplicate File Finder 6.0.0.2 (HKLM-x32\...\{AFECFED6-0A43-488F-8511-1DC6B52F31C3}_is1) (Version: 6.0.0.2 - MindGems, Inc.)
Fing 3.1.1 (HKLM\...\Fing Desktop) (Version: 3.1.1 - Fing Ltd)
Flexible Retirement Planner (remove only) (HKLM-x32\...\Flexible Retirement Planner) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 108.0.5359.125 - Google LLC)
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
HttpToUsbBridge (HKLM-x32\...\{2316FF8E-7DEC-4EB9-A50D-64C304A25469}) (Version: 1.5.30.1 - Brother Industries Ltd.)
HWiNFO64 Version 7.00 (HKLM\...\HWiNFO64_is1) (Version: 7.00 - Martin Malik - REALiX)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
inSSIDer (HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\inSSIDer) (Version: 5.5.0 - MetaGeek, LLC)
Intel(R) Extreme Tuning Utility (HKLM-x32\...\{b5dc28d7-72cb-4bb1-a9a7-3ae096f0980f}) (Version: 6.5.1.360 - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
iTunes (HKLM\...\{44B55B48-DEF1-4384-A4E0-10933F65B44A}) (Version: 12.12.7.1 - Apple Inc.)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.13 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0140 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.43.0 - Lenovo Group Ltd.)
Malwarebytes version 4.5.18.226 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.18.226 - Malwarebytes)
MediaMonkey 5 (HKLM-x32\...\MediaMonkey 5_is1) (Version: 5 - Ventis Media Inc.)
Messenger (HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 172.0.427436225 - Facebook, Inc.)
Microsoft .NET Host - 6.0.12 (x64) (HKLM\...\{E215AA9E-5DF2-44BC-9D6F-E1A1B0C348FB}) (Version: 48.51.51943 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.12 (x64) (HKLM\...\{0712F23C-FBAC-436C-9DDB-125F32D15033}) (Version: 48.51.51943 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.12 (x64) (HKLM\...\{1BF67DC1-8BB5-4AF5-BE20-3B53D9532D01}) (Version: 48.51.51943 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 108.0.1462.54 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 108.0.1462.54 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{6BBE9278-659F-FA16-E4B8-C2D60DE0DCC7}) (Version: 10.1.22621.1863 - Microsoft Corporation)
Microsoft Office Professional Plus 2021 - en-us (HKLM\...\ProPlus2021Retail - en-us) (Version: 16.0.15831.20208 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.238.1114.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.22.27821 (HKLM\...\{6E2C7A8E-B17A-4637-9CE9-F0B1157CF378}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.22.27821 (HKLM\...\{0093C20C-273D-4397-B623-515CB8616CB9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.22.27821 (HKLM-x32\...\{3BDE80F7-7EC9-448E-8160-4ADA0CDA8879}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.22.27821 (HKLM-x32\...\{1E6FC929-567E-4D22-9206-C5B83F0A21B9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.12 (x64) (HKLM\...\{3E726676-B5F4-48DA-B9F9-78A15B7F8A70}) (Version: 48.51.52100 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.12 (x64) (HKLM-x32\...\{24b99d74-a81e-4765-aefe-be853ac47482}) (Version: 6.0.12.31928 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 108.0.1 (x64 en-US)) (Version: 108.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 98.0.2 - Mozilla)
NetSpot (HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\8f902e8bea10afc7) (Version: 2.14.770.0 - Etwok Inc.)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
Npcap OEM (HKLM-x32\...\NpcapInst) (Version: 1.00 - Nmap Project)
NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.1.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.1.27 - NVIDIA Corporation)
NVIDIA Graphics Driver 517.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 517.13 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.39.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.14 - NVIDIA Corporation)
NZXT CAM 4.41.3 (HKLM\...\ac0666ae-ee66-5310-ac01-9d6348133b2d) (Version: 4.41.3 - NZXT, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15831.20184 - Microsoft Corporation) Hidden
PC-FAXReceive (HKLM-x32\...\{65D8385F-F858-4748-A7C2-676D04C2893E}) (Version: 1.8.402.0 - Brother Industries, Ltd.) Hidden
PCFaxTx (HKLM-x32\...\{90338D66-4493-4DC3-A8C7-EB6FD5282B02}) (Version: 3.7.12.1 - Brother Industries Ltd.) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PowerENGAGE (HKLM-x32\...\{400A01BF-E908-4393-BD39-31E386377BDA}) (Version: 3.2.16 - Aviata, Inc.) Hidden
Project Reality: BF2 (HKLM\...\Project Reality: BF2 (pr)_is1) (Version: v1.5 - Project Reality)
Quicken (HKLM-x32\...\{62D93E3E-2F8E-42BD-9343-896F4F0031D3}) (Version: 27.1.45.21 - Quicken)
RemoteSetup (HKLM-x32\...\{EB4D046E-28C1-4884-9129-47F41317E9B0}) (Version: 3.10.3.0 - Brother Industries Ltd.) Hidden
ScannerUtilityInstaller (HKLM-x32\...\{D65C0754-7790-427F-AD73-D7C644260F57}) (Version: 1.19.9.1 - Brother) Hidden
Signifi Agent (HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\SignifiAgent) (Version: 2.2.0 - MetaGeek, LLC)
Skype version 8.83 (HKLM-x32\...\Skype_is1) (Version: 8.83 - Skype Technologies S.A.)
SoftwareUpdateNotification (HKLM-x32\...\{34F12379-C924-41E6-921D-51C71217F58C}) (Version: 1.0.9.0 - Brother Industries, Ltd.) Hidden
SolarWinds Wake On LAN (HKLM-x32\...\SolarWinds Wake On LAN) (Version: SolarWinds Wake-On-LAN - SolarWinds.Net)
StatusMonitor (HKLM-x32\...\{1F4C40FC-9C25-450C-9F77-0AE71CA0DB64}) (Version: 1.22.14.0 - Brother Industries, Ltd.) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TPFanControl v0.61 (HKLM\...\{717F5741-5C2E-4469-BDA0-B5EC2243646F}_is1) (Version: - troubadix)
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WhatsApp (HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\WhatsApp) (Version: 2.2246.10 - WhatsApp)
WinDirStat 1.1.2 (HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\WinDirStat) (Version: - )
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23214 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)

Packages:
=========
Age of Empires III: Definitive Edition -> C:\Program Files\WindowsApps\Microsoft.MSGPBoston_100.13.29985.0_x64__8wekyb3d8bbwe [2022-10-29] (Microsoft Studios)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2022-05-16] (Canon Inc.)
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.13.0_neutral__yxz26nhyzhsrt [2022-12-16] (Microsoft Corp.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.16.244.0_x64__rz1tebttyb220 [2022-12-15] (Dolby Laboratories)
Dolby Atmos Speaker System -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmosSpeakerSystem_3.20602.609.0_x64__rz1tebttyb220 [2020-06-05] (Dolby Laboratories)
Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2022-12-16] (0)
Glance by Mirametrix -> C:\Program Files\WindowsApps\MirametrixInc.GlancebyMirametrix_9.26.3905.0_x64__17mer8kcn3j54 [2022-11-23] (Mirametrix Inc.) [Startup Task]
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_141.2.441.0_x64__v10z8vjag6ke6 [2022-12-02] (HP Inc.)
Intel(R) Management and Security Status -> C:\Program Files\WindowsApps\AppUp.IntelManagementandSecurityStatus_2219.3.0.0_x64__8j3eq9eme6ctt [2022-11-13] (INTEL CORP) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-19] (INTEL CORP)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2209.2.0_x64__k1h2ywk1493x8 [2022-10-30] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-12-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-12-01] (Microsoft Corporation) [MS Ad]
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-12] (Microsoft Corporation)
ms-resource:app_name_ms_todo -> C:\Program Files\WindowsApps\Microsoft.Todos_2.85.53361.0_x64__8wekyb3d8bbwe [2022-12-12] (Microsoft Corporation) [Startup Task]
ms-resource:APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.9.0_x64__8wekyb3d8bbwe [2022-10-04] (Microsoft Corp.)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.32791.0_x64__8wekyb3d8bbwe [2022-11-13] (Microsoft Corporation)
ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2022-10-04] (Microsoft Corporation)
ms-resource:pACKAGE_DISPLAY_NAME -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.36.0_x64__8j3eq9eme6ctt [2022-10-04] (INTEL CORP)
ms-resource:productPkgDisplayName -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2022-12-14] (ms-resource:productPublisherDisplayName)
ms-resource:System_Item_Title_IntelGraphicsControlPanel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt [2022-12-15] (INTEL CORP) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-15] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-30] (NVIDIA Corp.)
PDF to JPEG -> C:\Program Files\WindowsApps\40066DaniyalSyed.PDFtoJPEG_1.2.0.1000_x64__qzfwg6dxbppre [2022-11-03] (Daniyal Syed) [MS Ad]
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-09] (Microsoft Corporation)
PrebootManager -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynapticsUtilities_1.1.14.0_x64__807d65c4rvak2 [2021-06-05] (Synaptics Incorporated)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-05-22] (Adobe Systems Incorporated)
SmartAudio 3 -> C:\Program Files\WindowsApps\22094SynapticsIncorporate.SmartAudio3_1.0.85.0_x64__qt57b6kdvhcfw [2020-08-20] (Synaptics Hong Kong Limited, Taiwan Branch (H.K.))
Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.15.163.0_x64__43tkc6nmykmb6 [2022-11-25] (Ookla)
Synaptics TouchPad Control Panel -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynapticsControlPanel_19005.19089.0.0_x64__807d65c4rvak2 [2021-12-07] (Synaptics Incorporated)
Synaptics Trackpoint Control Panel -> C:\Program Files\WindowsApps\SynapticsIncorporated.241916F58D6E7_19005.19089.0.0_x64__807d65c4rvak2 [2021-12-07] (Synaptics Incorporated)
WiFi Analyzer -> C:\Program Files\WindowsApps\19965MATTHAFNER.WIFIANALYZER_2.6.1.0_x64__gs5k5vmxr2ste [2022-09-26] (Matt Hafner)
 
sean97000 said:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-12-2022
Ran by seanc (21-12-2022 08:35:52)
Running from C:\Users\seanc\Dropbox\Downloads
Microsoft Windows 11 Pro Version 22H2 22621.963 (X64) (2022-09-30 21:15:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2943715955-579751958-2762250142-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2943715955-579751958-2762250142-503 - Limited - Disabled)
Guest (S-1-5-21-2943715955-579751958-2762250142-501 - Limited - Disabled)
seanc (S-1-5-21-2943715955-579751958-2762250142-1001 - Administrator - Enabled) => C:\Users\seanc
WDAGUtilityAccount (S-1-5-21-2943715955-579751958-2762250142-504 - Limited - Disabled)
xyz (S-1-5-21-2943715955-579751958-2762250142-1002 - Limited - Enabled) => C:\Users\xyz

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 22.003.20282 - Adobe)
Adobe AIR (HKLM-x32\...\{10E33ABF-D7FB-4F47-900A-7973854AB45A}) (Version: 32.0.0.125 - Adobe) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.125 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{065D0CC8-C382-48AF-8A88-0DD3366EB26C}) (Version: 16.0.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
AppLogLibSetup (HKLM-x32\...\{52FB0C8F-DF05-4C61-AEB6-18C55F8C385F}) (Version: 1.0.3.0 - Brother Industries Ltd.) Hidden
Asian Language And Spelling Dictionaries Support For Adobe Acrobat Reader (HKLM\...\{AC76BA86-7AD7-0000-0000-BC16014E7500}) (Version: 22.001.20085 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.8.6030 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 108.0.19667.125 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1579.3 - AVAST Software) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BrLauncher (HKLM-x32\...\{88FCD471-DBBF-4A75-8066-ACACE05DE3CF}) (Version: 2.0.14.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{42D72ABA-773E-467A-8A64-4765E990EB75}) (Version: 9.0.0.123 - Brother Industries, Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{85f204b0-595c-4801-8648-a69062f9ce1b}) (Version: 9.0.0.123 - Brother Industries, Ltd.)
Brother PCFax Driver (HKLM-x32\...\{79262B43-9E15-4732-A034-BFD29D9BD077}) (Version: 1.4.1.0 - Brother Industries Ltd.) Hidden
Brother PowerENGAGE (HKLM-x32\...\{3CE8B8E8-B33B-453C-BB7A-821ED6E18A24}) (Version: 1.0.27 - Aviata, Inc.)
Brother Printer Driver (HKLM-x32\...\{C51A701B-AECE-49B1-B130-1D60450EF585}) (Version: 7.1.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{57AA5C19-0725-46C3-AD87-2318A029DCEE}) (Version: 1.0.34.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{C0439A0D-8A66-4BD0-A3E0-85C8E2920762}) (Version: 1.0.26.0 - Brother Industries Ltd.) Hidden
Bulk Rename Utility 3.4.3.0 (64-bit) (HKLM\...\Bulk Rename Utility Installation_is1) (Version: - TGRMN Software)
Bulkr (HKLM-x32\...\{061C9880-A84F-7B58-D7A3-748E24D3DA43}) (Version: 1.8 - Prakash Bajracharya) Hidden
Bulkr (HKLM-x32\...\com.prakaz.project.photogettr.fresh) (Version: 1.8 - Prakash Bajracharya)
ControlCenter4 (HKLM-x32\...\{9CE6D4F3-965F-4FA7-8431-4A4FDC7A01D9}) (Version: 4.6.23.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
DeviceDetect (HKLM-x32\...\{5FE4CE95-1B55-4632-A3F1-851B07936498}) (Version: 1.4.10.0 - Brother Industries Ltd.) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 163.4.5456 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.685.1 - Dropbox, Inc.) Hidden
Easy Duplicate Finder 7 (HKLM\...\{44055866-8E3F-4B5B-B63D-AD4CB4A0ECE3}_is1) (Version: 7.13.0.29 - Webminds, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Excel Password Recovery Lastic 1.3 (HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Excel Password Recovery Lastic_is1) (Version: - )
ExpressVPN (HKLM-x32\...\{8e563438-c5e3-4ece-98b6-53dcb8e954c2}) (Version: 12.38.0.60 - ExpressVPN)
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B8982D786D}) (Version: 12.38.0.60 - ExpressVPN) Hidden
f.lux (HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\Flux) (Version: - f.lux Software LLC)
Fast Duplicate File Finder 6.0.0.2 (HKLM-x32\...\{AFECFED6-0A43-488F-8511-1DC6B52F31C3}_is1) (Version: 6.0.0.2 - MindGems, Inc.)
Fing 3.1.1 (HKLM\...\Fing Desktop) (Version: 3.1.1 - Fing Ltd)
Flexible Retirement Planner (remove only) (HKLM-x32\...\Flexible Retirement Planner) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 108.0.5359.125 - Google LLC)
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
HttpToUsbBridge (HKLM-x32\...\{2316FF8E-7DEC-4EB9-A50D-64C304A25469}) (Version: 1.5.30.1 - Brother Industries Ltd.)
HWiNFO64 Version 7.00 (HKLM\...\HWiNFO64_is1) (Version: 7.00 - Martin Malik - REALiX)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
inSSIDer (HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\inSSIDer) (Version: 5.5.0 - MetaGeek, LLC)
Intel(R) Extreme Tuning Utility (HKLM-x32\...\{b5dc28d7-72cb-4bb1-a9a7-3ae096f0980f}) (Version: 6.5.1.360 - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
iTunes (HKLM\...\{44B55B48-DEF1-4384-A4E0-10933F65B44A}) (Version: 12.12.7.1 - Apple Inc.)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.13 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0140 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.43.0 - Lenovo Group Ltd.)
Malwarebytes version 4.5.18.226 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.18.226 - Malwarebytes)
MediaMonkey 5 (HKLM-x32\...\MediaMonkey 5_is1) (Version: 5 - Ventis Media Inc.)
Messenger (HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 172.0.427436225 - Facebook, Inc.)
Microsoft .NET Host - 6.0.12 (x64) (HKLM\...\{E215AA9E-5DF2-44BC-9D6F-E1A1B0C348FB}) (Version: 48.51.51943 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.12 (x64) (HKLM\...\{0712F23C-FBAC-436C-9DDB-125F32D15033}) (Version: 48.51.51943 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.12 (x64) (HKLM\...\{1BF67DC1-8BB5-4AF5-BE20-3B53D9532D01}) (Version: 48.51.51943 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 108.0.1462.54 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 108.0.1462.54 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{6BBE9278-659F-FA16-E4B8-C2D60DE0DCC7}) (Version: 10.1.22621.1863 - Microsoft Corporation)
Microsoft Office Professional Plus 2021 - en-us (HKLM\...\ProPlus2021Retail - en-us) (Version: 16.0.15831.20208 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.238.1114.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.22.27821 (HKLM\...\{6E2C7A8E-B17A-4637-9CE9-F0B1157CF378}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.22.27821 (HKLM\...\{0093C20C-273D-4397-B623-515CB8616CB9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.22.27821 (HKLM-x32\...\{3BDE80F7-7EC9-448E-8160-4ADA0CDA8879}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.22.27821 (HKLM-x32\...\{1E6FC929-567E-4D22-9206-C5B83F0A21B9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.12 (x64) (HKLM\...\{3E726676-B5F4-48DA-B9F9-78A15B7F8A70}) (Version: 48.51.52100 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.12 (x64) (HKLM-x32\...\{24b99d74-a81e-4765-aefe-be853ac47482}) (Version: 6.0.12.31928 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 108.0.1 (x64 en-US)) (Version: 108.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 98.0.2 - Mozilla)
NetSpot (HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\8f902e8bea10afc7) (Version: 2.14.770.0 - Etwok Inc.)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
Npcap OEM (HKLM-x32\...\NpcapInst) (Version: 1.00 - Nmap Project)
NVIDIA FrameView SDK 1.2.7521.31103277 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7521.31103277 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.1.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.1.27 - NVIDIA Corporation)
NVIDIA Graphics Driver 517.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 517.13 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.39.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.14 - NVIDIA Corporation)
NZXT CAM 4.41.3 (HKLM\...\ac0666ae-ee66-5310-ac01-9d6348133b2d) (Version: 4.41.3 - NZXT, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15831.20184 - Microsoft Corporation) Hidden
PC-FAXReceive (HKLM-x32\...\{65D8385F-F858-4748-A7C2-676D04C2893E}) (Version: 1.8.402.0 - Brother Industries, Ltd.) Hidden
PCFaxTx (HKLM-x32\...\{90338D66-4493-4DC3-A8C7-EB6FD5282B02}) (Version: 3.7.12.1 - Brother Industries Ltd.) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PowerENGAGE (HKLM-x32\...\{400A01BF-E908-4393-BD39-31E386377BDA}) (Version: 3.2.16 - Aviata, Inc.) Hidden
Project Reality: BF2 (HKLM\...\Project Reality: BF2 (pr)_is1) (Version: v1.5 - Project Reality)
Quicken (HKLM-x32\...\{62D93E3E-2F8E-42BD-9343-896F4F0031D3}) (Version: 27.1.45.21 - Quicken)
RemoteSetup (HKLM-x32\...\{EB4D046E-28C1-4884-9129-47F41317E9B0}) (Version: 3.10.3.0 - Brother Industries Ltd.) Hidden
ScannerUtilityInstaller (HKLM-x32\...\{D65C0754-7790-427F-AD73-D7C644260F57}) (Version: 1.19.9.1 - Brother) Hidden
Signifi Agent (HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\SignifiAgent) (Version: 2.2.0 - MetaGeek, LLC)
Skype version 8.83 (HKLM-x32\...\Skype_is1) (Version: 8.83 - Skype Technologies S.A.)
SoftwareUpdateNotification (HKLM-x32\...\{34F12379-C924-41E6-921D-51C71217F58C}) (Version: 1.0.9.0 - Brother Industries, Ltd.) Hidden
SolarWinds Wake On LAN (HKLM-x32\...\SolarWinds Wake On LAN) (Version: SolarWinds Wake-On-LAN - SolarWinds.Net)
StatusMonitor (HKLM-x32\...\{1F4C40FC-9C25-450C-9F77-0AE71CA0DB64}) (Version: 1.22.14.0 - Brother Industries, Ltd.) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TPFanControl v0.61 (HKLM\...\{717F5741-5C2E-4469-BDA0-B5EC2243646F}_is1) (Version: - troubadix)
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WhatsApp (HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\WhatsApp) (Version: 2.2246.10 - WhatsApp)
WinDirStat 1.1.2 (HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\WinDirStat) (Version: - )
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23214 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)

Packages:
=========
Age of Empires III: Definitive Edition -> C:\Program Files\WindowsApps\Microsoft.MSGPBoston_100.13.29985.0_x64__8wekyb3d8bbwe [2022-10-29] (Microsoft Studios)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2022-05-16] (Canon Inc.)
Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.13.0_neutral__yxz26nhyzhsrt [2022-12-16] (Microsoft Corp.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.16.244.0_x64__rz1tebttyb220 [2022-12-15] (Dolby Laboratories)
Dolby Atmos Speaker System -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmosSpeakerSystem_3.20602.609.0_x64__rz1tebttyb220 [2020-06-05] (Dolby Laboratories)
Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2022-12-16] (0)
Glance by Mirametrix -> C:\Program Files\WindowsApps\MirametrixInc.GlancebyMirametrix_9.26.3905.0_x64__17mer8kcn3j54 [2022-11-23] (Mirametrix Inc.) [Startup Task]
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_141.2.441.0_x64__v10z8vjag6ke6 [2022-12-02] (HP Inc.)
Intel(R) Management and Security Status -> C:\Program Files\WindowsApps\AppUp.IntelManagementandSecurityStatus_2219.3.0.0_x64__8j3eq9eme6ctt [2022-11-13] (INTEL CORP) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-19] (INTEL CORP)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2209.2.0_x64__k1h2ywk1493x8 [2022-10-30] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-12-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-12-01] (Microsoft Corporation) [MS Ad]
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-12] (Microsoft Corporation)
ms-resource:app_name_ms_todo -> C:\Program Files\WindowsApps\Microsoft.Todos_2.85.53361.0_x64__8wekyb3d8bbwe [2022-12-12] (Microsoft Corporation) [Startup Task]
ms-resource:APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.9.0_x64__8wekyb3d8bbwe [2022-10-04] (Microsoft Corp.)
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.32791.0_x64__8wekyb3d8bbwe [2022-11-13] (Microsoft Corporation)
ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2022-10-04] (Microsoft Corporation)
ms-resource:pACKAGE_DISPLAY_NAME -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.36.0_x64__8j3eq9eme6ctt [2022-10-04] (INTEL CORP)
ms-resource:productPkgDisplayName -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2022-12-14] (ms-resource:productPublisherDisplayName)
ms-resource:System_Item_Title_IntelGraphicsControlPanel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt [2022-12-15] (INTEL CORP) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-15] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-30] (NVIDIA Corp.)
PDF to JPEG -> C:\Program Files\WindowsApps\40066DaniyalSyed.PDFtoJPEG_1.2.0.1000_x64__qzfwg6dxbppre [2022-11-03] (Daniyal Syed) [MS Ad]
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-09] (Microsoft Corporation)
PrebootManager -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynapticsUtilities_1.1.14.0_x64__807d65c4rvak2 [2021-06-05] (Synaptics Incorporated)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2020-05-22] (Adobe Systems Incorporated)
SmartAudio 3 -> C:\Program Files\WindowsApps\22094SynapticsIncorporate.SmartAudio3_1.0.85.0_x64__qt57b6kdvhcfw [2020-08-20] (Synaptics Hong Kong Limited, Taiwan Branch (H.K.))
Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.15.163.0_x64__43tkc6nmykmb6 [2022-11-25] (Ookla)
Synaptics TouchPad Control Panel -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynapticsControlPanel_19005.19089.0.0_x64__807d65c4rvak2 [2021-12-07] (Synaptics Incorporated)
Synaptics Trackpoint Control Panel -> C:\Program Files\WindowsApps\SynapticsIncorporated.241916F58D6E7_19005.19089.0.0_x64__807d65c4rvak2 [2021-12-07] (Synaptics Incorporated)
WiFi Analyzer -> C:\Program Files\WindowsApps\19965MATTHAFNER.WIFIANALYZER_2.6.1.0_x64__gs5k5vmxr2ste [2022-09-26] (Matt Hafner)
Click to expand...
==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2943715955-579751958-2762250142-1001_Classes\CLSID\{020263ef-f9d9-4573-abf0-74dc61cb3db2}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2943715955-579751958-2762250142-1001_Classes\CLSID\{4A93A12D-FD47-45E0-9513-BABEDDC6C494}\InprocServer32 -> C:\Program Files\Easy Duplicate Finder 7\EasyDuplicateFinder.exe (Webminds, Inc. -> Webminds, Inc.)
CustomCLSID: HKU\S-1-5-21-2943715955-579751958-2762250142-1001_Classes\CLSID\{99c69f0a-8873-4392-9c46-736141d8b893}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2943715955-579751958-2762250142-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\seanc\Dropbox [2019-11-11 08:57]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-21] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2021-02-03] (TGRMN Software -> Bulk Rename Utility)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers2: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2021-02-03] (TGRMN Software -> Bulk Rename Utility)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-18] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2021-02-03] (TGRMN Software -> Bulk Rename Utility)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_e32bb28e87695861\nvshext.dll [2022-10-21] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-18] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\seanc\Dropbox\PC\Desktop\Google Maps.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mnhkaebcjjhencmpkapnbdaogjamfbcj
ShortcutWithArgument: C:\Users\seanc\Dropbox\PC\Desktop\Twitter.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jgeocpdicgmkeemopbanhokmhcgcflmi
ShortcutWithArgument: C:\Users\seanc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Maps.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mnhkaebcjjhencmpkapnbdaogjamfbcj
ShortcutWithArgument: C:\Users\seanc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Twitter.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jgeocpdicgmkeemopbanhokmhcgcflmi
 
sean97000 said:
==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2943715955-579751958-2762250142-1001_Classes\CLSID\{020263ef-f9d9-4573-abf0-74dc61cb3db2}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2943715955-579751958-2762250142-1001_Classes\CLSID\{4A93A12D-FD47-45E0-9513-BABEDDC6C494}\InprocServer32 -> C:\Program Files\Easy Duplicate Finder 7\EasyDuplicateFinder.exe (Webminds, Inc. -> Webminds, Inc.)
CustomCLSID: HKU\S-1-5-21-2943715955-579751958-2762250142-1001_Classes\CLSID\{99c69f0a-8873-4392-9c46-736141d8b893}\InprocServer32 -> C:\WINDOWS\system32\dfshim.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2943715955-579751958-2762250142-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\seanc\Dropbox [2019-11-11 08:57]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-21] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2021-02-03] (TGRMN Software -> Bulk Rename Utility)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers2: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2021-02-03] (TGRMN Software -> Bulk Rename Utility)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-18] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} => C:\Program Files\Bulk Rename Utility\BRUhere64.dll [2021-02-03] (TGRMN Software -> Bulk Rename Utility)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.238.1114.0002\FileSyncShell64.dll [2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.57.0.dll [2022-12-13] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_e32bb28e87695861\nvshext.dll [2022-10-21] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-12-21] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-18] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\seanc\Dropbox\PC\Desktop\Google Maps.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mnhkaebcjjhencmpkapnbdaogjamfbcj
ShortcutWithArgument: C:\Users\seanc\Dropbox\PC\Desktop\Twitter.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jgeocpdicgmkeemopbanhokmhcgcflmi
ShortcutWithArgument: C:\Users\seanc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Maps.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mnhkaebcjjhencmpkapnbdaogjamfbcj
ShortcutWithArgument: C:\Users\seanc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Twitter.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jgeocpdicgmkeemopbanhokmhcgcflmi
Click to expand...
==================== Loaded Modules (Whitelisted) =============

2022-12-12 22:06 - 2022-12-05 11:38 - 001569280 _____ () [File not signed] \\?\C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\CTITSDKDeviceTool.dll
2022-12-21 08:31 - 2022-12-21 08:31 - 000637440 _____ () [File not signed] \\?\C:\Users\seanc\AppData\Local\Temp\b4a9860a-fed4-4b6e-a06f-aa6603c73c0d.tmp.node
2016-11-25 10:18 - 2016-11-25 10:18 - 000139264 _____ () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2018-07-25 16:06 - 2018-07-25 16:06 - 000519168 _____ () [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2018-04-26 17:11 - 2018-04-26 17:11 - 000137728 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2017-08-18 11:23 - 2017-08-18 11:23 - 000087552 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2017-08-18 11:23 - 2017-08-18 11:23 - 017974784 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2018-04-27 09:16 - 2018-04-27 09:16 - 000087040 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLUsa.dll
2018-04-26 17:12 - 2018-04-26 17:12 - 000440832 _____ () [File not signed] C:\Program Files (x86)\ControlCenter4\Track.dll
2022-12-12 22:06 - 2022-12-05 11:38 - 002725376 _____ () [File not signed] C:\Program Files\NZXT CAM\ffmpeg.dll
2022-12-12 22:06 - 2022-12-05 11:38 - 000447488 _____ () [File not signed] C:\Program Files\NZXT CAM\libegl.dll
2022-12-12 22:06 - 2022-12-05 11:38 - 006985216 _____ () [File not signed] C:\Program Files\NZXT CAM\libglesv2.dll
2021-03-25 13:07 - 2018-11-12 11:25 - 000091648 _____ () [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2021-03-25 13:07 - 2018-03-15 17:54 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2016-04-12 10:07 - 2016-04-12 10:07 - 000067584 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\AppLogLib\BrBFLogI.dll
2022-12-12 22:06 - 2022-12-05 11:38 - 002416128 _____ (CPUID) [File not signed] \\?\C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\common\cpuid\cpuidsdk64.dll
2022-12-15 15:30 - 2022-12-15 15:30 - 041845248 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4232.0_x64__8j3eq9eme6ctt\IGCC.dll
2019-10-27 06:15 - 2019-10-27 06:15 - 001460224 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\WindowsApps\22094SynapticsIncorporate.SmartAudio3_1.0.85.0_x64__qt57b6kdvhcfw\Flow\Flow1\x64\SQLite.Interop.dll
2022-12-12 22:06 - 2022-12-05 11:38 - 000083456 _____ (Silicon Laboratories, Inc.) [File not signed] \\?\C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\nzxt-device\SiUSBXp64.dll
2020-10-13 14:22 - 2022-01-02 20:27 - 000820736 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Quicken\chrome_elf.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\.rdata:X [128]
AlternateDataStreams: C:\Users\seanc\Desktop:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Desktop\churntable.xlsx:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Desktop\desktop (New).ini:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Desktop\Dropbox.lnk:com.dropbox.attrs [52]
AlternateDataStreams: C:\Users\seanc\Desktop\Duplicates:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Desktop\Excel Password Recovery Lastic.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Desktop\Fallout 4.url:com.dropbox.attrs [52]
AlternateDataStreams: C:\Users\seanc\Desktop\Fast Duplicate File Finder.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Desktop\Google Maps.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Desktop\HWiNFO64 - Shortcut.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Desktop\inSSIDer.lnk:com.dropbox.attrs [52]
AlternateDataStreams: C:\Users\seanc\Desktop\Messenger.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Desktop\NetSpot.appref-ms:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Desktop\Project Reality BF2.lnk:com.dropbox.attrs [52]
AlternateDataStreams: C:\Users\seanc\Desktop\Sid Meier's Civilization V.url:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Desktop\Signifi Agent.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Desktop\ThrottleStop - Shortcut.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Desktop\Twitter.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Desktop\WhatsApp.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Dropbox\Documents\!Miami trip report.docx:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Dropbox\Documents\530 Grafton:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Dropbox\Documents\Archives:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Dropbox\Documents\Custom Office Templates:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Dropbox\Documents\Default.rdp:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Dropbox\Documents\Downloads - Shortcut.lnk:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Dropbox\Documents\FACEBOOK POSTSAAAAA.docx:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Dropbox\Documents\Financial:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Dropbox\Documents\I just get tired of hearing from some people who spend.docx:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Dropbox\Documents\Kat's Backup:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Dropbox\Documents\Kat's Website:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Dropbox\Documents\Letters:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Dropbox\Documents\Manuals:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Dropbox\Documents\Medical records:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Dropbox\Documents\Miscellaneous:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Dropbox\Documents\MS MONEY BACKUP:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Dropbox\Documents\My Data Sources:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Dropbox\Documents\My Games:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Dropbox\Documents\OUTLOOK BACKUP:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Dropbox\Documents\Outlook Files:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Dropbox\Documents\PRMumbleCertificateBackup.p12:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Dropbox\Documents\Quicken:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Dropbox\Documents\Resume:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Dropbox\Documents\Scanned Documents:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Dropbox\Documents\Vacation:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\seanc\Dropbox\Documents\veterinary stuff:com.dropbox.attrs [52]
AlternateDataStreams: C:\Users\seanc\Dropbox\Documents\Welcome to the Western Santiago Vecinos WhatsApp group.docx:com.dropbox.attrs [52]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2943715955-579751958-2762250142-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
HKU\S-1-5-21-2943715955-579751958-2762250142-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-2943715955-579751958-2762250142-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-2943715955-579751958-2762250142-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-2943715955-579751958-2762250142-1001 -> {7C813745-57C8-4B9B-B7C6-C766FCCD401A} URL =
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-09] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-18 22:49 - 2019-03-18 22:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2019-11-28 10:58 - 2019-11-28 11:03 - 000000436 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2943715955-579751958-2762250142-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-2943715955-579751958-2762250142-1002\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 8.8.8.8 - 76.76.2.0
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Ethernet 2: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Local Area Connection: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Wi-Fi: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "SteelSeries Engine 3.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Launch LCore"
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk"
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2943715955-579751958-2762250142-1001\...\StartupApproved\Run: => "E2820BE4A413BD842253CFC823ED5CC71DCB4BEB._service_run"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F42249F4-C3DD-47D3-A285-16C96EDF0411}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22183.300.1431.9295_x64__8wekyb3d8bbwe\msteams.exe => No File
FirewallRules: [{640E92C5-6018-49E8-B4EE-035A5870BB07}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22183.300.1431.9295_x64__8wekyb3d8bbwe\msteams.exe => No File
FirewallRules: [{D44896CB-B774-468D-A1B7-9FAB6136788E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DDA70212-0D7A-48D5-9828-32E9475E1884}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D64923FE-D443-489A-B738-BFE0FB246D8A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{96B305D7-3396-42E1-A88D-0AE9C3E0D9D3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DEE7C32D-98F2-4473-9A6A-DA0DC3BBDBFB}] => (Allow) C:\Program Files (x86)\MediaMonkey 5\MediaMonkeyEngine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{9B020082-2767-45D0-A193-6FAC9C7672E9}] => (Allow) C:\Program Files (x86)\MediaMonkey 5\MediaMonkeyEngine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{C0F61869-F9DE-4D8A-96D8-AEBC83CD96B6}] => (Allow) C:\Program Files (x86)\MediaMonkey 5\MediaMonkeyEngine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{CF48150B-C5AB-4778-B1A2-89423CAFE51A}] => (Allow) C:\Program Files (x86)\MediaMonkey 5\MediaMonkeyEngine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{5E10B756-F18D-4A75-A161-D4E055E21BAF}] => (Allow) C:\Program Files (x86)\MediaMonkey 5\MediaMonkeyEngine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [{E51F51BF-C04B-4481-BFA3-FCBF26A8DE51}] => (Allow) C:\Program Files (x86)\MediaMonkey 5\MediaMonkeyEngine.exe (Ventis Media, Inc. -> Ventis Media Inc.)
FirewallRules: [UDP Query User{86DC220B-8D8C-4CDE-A712-7CD418770F25}C:\program files (x86)\quicken\qwsubprocess.exe] => (Allow) C:\program files (x86)\quicken\qwsubprocess.exe (Quicken Inc. -> Quicken Inc.)
FirewallRules: [TCP Query User{BDCE4F31-5D06-4177-85D2-60C5E780134D}C:\program files (x86)\quicken\qwsubprocess.exe] => (Allow) C:\program files (x86)\quicken\qwsubprocess.exe (Quicken Inc. -> Quicken Inc.)
FirewallRules: [UDP Query User{EE99213B-AAAA-4879-9096-CA0F1C5A9A86}C:\program files\epic games\rs2v\binaries\win64\vngame.exe] => (Allow) C:\program files\epic games\rs2v\binaries\win64\vngame.exe => No File
FirewallRules: [TCP Query User{64D19474-A92F-4A1D-B577-20E824DCD11F}C:\program files\epic games\rs2v\binaries\win64\vngame.exe] => (Allow) C:\program files\epic games\rs2v\binaries\win64\vngame.exe => No File
FirewallRules: [{7668D991-A97D-44D4-9880-0E41AB66E4D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{FF87592C-CD44-48DC-9CBB-FC590FF890E6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe () [File not signed]
FirewallRules: [{39A982DD-515E-44A0-9496-4239752C28A7}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{925B9A28-2E1A-468F-8F6F-D9D01DC531E5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9A2A5572-28C8-487C-988D-D41CCE5B042F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3130AB70-B930-4CF6-AF52-D3EC3F2F84BD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{8B58F3C8-A156-42B3-87A8-D3F7026E9B86}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{16C960EB-9642-41DC-8F9A-EDC1F4692BD2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6191B207-EB42-4A38-AF25-AE202D4DD484}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1A8ED83A-D471-4643-A28F-66F78FA80220}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6F8CE661-0927-4B99-A168-50DC46057DF5}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [{79A5F002-3D0F-4388-A7B3-46E810306390}] => (Allow) C:\Users\seanc\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C9B44B81-B3E8-48A4-9A33-D88EE3B6009C}] => (Allow) C:\Users\seanc\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{AF631DE1-4828-43DE-AD41-21E32CC3FDE2}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe => No File
FirewallRules: [{D9E8388F-47CC-4934-9EEE-B9CE2ACF20C7}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe => No File
FirewallRules: [UDP Query User{7531FDE2-40E8-4F41-9F25-670E2CC1088B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe => No File
FirewallRules: [TCP Query User{319112AF-02AB-43F2-9726-D0ED35825346}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe => No File
FirewallRules: [{C490F04A-21D1-48B4-ADFD-31047B9B1BAF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E659FEE9-823E-48A3-B403-504B8D0DDE51}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{3BB5FEDA-A313-4EC0-97B1-B62DF910DBCD}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C1059BBC-A160-4A5C-8582-E35059EB83E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{B99D4A47-34AB-416A-A417-BBE7187EC431}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{A1C03DCF-EC1A-4586-B3FC-9FA5B91ACD4D}] => (Allow) C:\Program Files (x86)\Project Reality\Project Reality BF2\mods\pr\bin\PRMumble\PRMumble.exe (Wouter Jansen -> Project Reality)
FirewallRules: [{578AD181-6791-4E91-A15E-0AC23B45A31D}] => (Allow) C:\Program Files (x86)\Project Reality\Project Reality BF2\mods\pr\bin\PRUpdater.exe (Wouter Jansen -> Project Reality)
FirewallRules: [{FF349A7D-A82E-4D77-ACBE-688C61773C29}] => (Allow) C:\Program Files (x86)\Project Reality\Project Reality BF2\mods\pr\bin\PRLauncher.exe (Wouter Jansen -> Project Reality)
FirewallRules: [{C1392CCD-D3B7-4919-9EE0-DC041167D41D}] => (Allow) C:\Program Files (x86)\Project Reality\Project Reality BF2\prbf2.exe (Wouter Jansen -> )
FirewallRules: [UDP Query User{536593E5-A181-4EAC-99F0-A78FEDC68600}C:\users\seanc\appdata\local\temp\nsu9323.tmp\app\prbf2-download-assistant.exe] => (Allow) C:\users\seanc\appdata\local\temp\nsu9323.tmp\app\prbf2-download-assistant.exe => No File
FirewallRules: [TCP Query User{EA203DE2-3ECB-4A4D-AED1-9D6C34C43748}C:\users\seanc\appdata\local\temp\nsu9323.tmp\app\prbf2-download-assistant.exe] => (Allow) C:\users\seanc\appdata\local\temp\nsu9323.tmp\app\prbf2-download-assistant.exe => No File
FirewallRules: [{882C7E6E-E3F7-4023-A0CD-0E5F26EABB6C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{C32C51BE-AB74-4AAB-A239-E4FAD5ADDB91}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{0E0C41F8-1AB4-4EC1-B068-7FFEDC3691B3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{DFCCFF97-2619-4508-8086-DEBC3EE815AC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0D839633-5744-4214-994C-C6B23B654A46}] => (Allow) C:\Users\seanc\Downloads\Install\wlan_wiz\.\wlan_assistant\waw.exe => No File
FirewallRules: [{D7739795-682E-4974-9475-6199DD6232DC}] => (Allow) LPort=54925
FirewallRules: [{931DC2EC-DB0B-4583-A3F5-FBD0DA8ACFC6}] => (Allow) LPort=54950
FirewallRules: [{7F609F27-569A-4FE0-8265-EA8CE3CAAC02}] => (Allow) LPort=54955
FirewallRules: [{F2D842E1-52A7-4EA0-BCD6-0E5A3274C560}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe (Brother Industries, Ltd.) [File not signed]
FirewallRules: [{71D4F52A-5502-44FA-8E46-0C3278B5B0A3}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe (Brother Industries, Ltd.) [File not signed]
FirewallRules: [TCP Query User{536BCAC4-15D6-45AE-B2B2-6E225BF4CD0E}C:\windows\syswow64\rundll32.exe] => (Allow) C:\windows\syswow64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{F6422BB1-A8F9-46EB-B127-CBE7B37A0FC8}C:\windows\syswow64\rundll32.exe] => (Allow) C:\windows\syswow64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{61E6748C-BF3D-4D74-AA26-CF3FB0FCB245}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E77E6B24-DBD4-4407-BC51-EC6C0EAE61E2}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{1AC3ADC5-5F1E-41F5-94E2-51068D701911}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [TCP Query User{3E881546-8563-4804-BED5-6FE4A1A56CA7}C:\users\seanc\appdata\local\inssider\app-5.5.0\inssider.exe] => (Allow) C:\users\seanc\appdata\local\inssider\app-5.5.0\inssider.exe (MetaGeek, LLC -> MetaGeek)
FirewallRules: [UDP Query User{84ACA872-446A-4B3F-A265-E3A72046FADE}C:\users\seanc\appdata\local\inssider\app-5.5.0\inssider.exe] => (Allow) C:\users\seanc\appdata\local\inssider\app-5.5.0\inssider.exe (MetaGeek, LLC -> MetaGeek)
FirewallRules: [TCP Query User{E33D90E0-35FE-44C2-ACDF-225CF63C21D5}C:\users\seanc\appdata\local\inssider\app-5.5.0\inssider.exe] => (Allow) C:\users\seanc\appdata\local\inssider\app-5.5.0\inssider.exe (MetaGeek, LLC -> MetaGeek)
FirewallRules: [UDP Query User{561FEB66-86F1-42F1-B8CE-09801186F53D}C:\users\seanc\appdata\local\inssider\app-5.5.0\inssider.exe] => (Allow) C:\users\seanc\appdata\local\inssider\app-5.5.0\inssider.exe (MetaGeek, LLC -> MetaGeek)
FirewallRules: [{357C1C0B-2420-4124-B8C6-A9664B7FD23F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{8DDB47F8-4494-4B5F-AE60-A9A653E45521}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{871BFAED-BFB9-4473-87E3-4234AF77FB64}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{E71F1E88-BDC9-4F20-AD38-9728E7C63C6C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{14944A8B-FD83-43A1-9C3A-18E1500CA55C}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22308.1003.1743.8209_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C063DDDD-8222-4A5D-984E-4D6BEF818321}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22308.1003.1743.8209_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A8B4A7F1-B874-404D-944D-C79645788797}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AEAA7B31-310D-457C-97B8-C8AB0241C5C5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{97C4B2D4-45E5-4D9B-91A7-71296C8376D5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{10792B65-F105-46A8-8C3F-44E88E883259}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3D7B2B8D-34D2-4673-B1E6-9840CFC755D8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{813354C9-BA53-4E7D-A74A-BE478B8B3383}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{359FC256-7941-473E-BA85-EA013C728BDA}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\108.0.1462.54\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E55C6C53-F64D-41D1-9085-603E255BC77D}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{1106D941-50A6-4332-AF52-274F7E8706B2}C:\windows\syswow64\rundll32.exe] => (Block) C:\windows\syswow64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{EABD67BF-046E-472D-BFEC-B1C9A28E28D4}C:\windows\syswow64\rundll32.exe] => (Block) C:\windows\syswow64\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{6A51BB83-A886-4A55-9CDA-FA2992A45A6B}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0EA56788-6C6A-4290-A8F2-C702EFE88069}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{969A63FA-673F-4A3A-9B07-E7D74AB5C543}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

13-12-2022 19:53:39 Windows Modules Installer

==================== Faulty Device Manager Devices ============

Name: ExpressVPN TAP Adapter
Description: ExpressVPN TAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ExpressVPN
Service: tapexpressvpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/21/2022 08:32:59 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

Error: (12/21/2022 08:32:58 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

Error: (12/21/2022 08:32:58 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

Error: (12/21/2022 08:32:58 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

Error: (12/21/2022 08:32:50 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

Error: (12/21/2022 08:31:18 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...

Error: (12/21/2022 08:31:18 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.

Error: (12/21/2022 08:31:18 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...


System errors:
=============
Error: (12/21/2022 08:31:24 AM) (Source: Tcpip) (EventID: 4207) (User: )
Description: The IPv4 TCP/IP interface with index 18 failed to bind to its provider.

Error: (12/21/2022 08:31:13 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The HvHost service terminated with the following error:
The system cannot find the file specified.

Error: (12/21/2022 08:30:30 AM) (Source: DCOM) (EventID: 10010) (User: SATIVA)
Description: The server {DD000CBD-67A6-423F-9132-1A2D0F76EAD5} did not register with DCOM within the required timeout.

Error: (12/21/2022 08:01:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Universal Device Client Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (12/21/2022 08:01:17 AM) (Source: Tcpip) (EventID: 4207) (User: )
Description: The IPv4 TCP/IP interface with index 18 failed to bind to its provider.

Error: (12/21/2022 07:52:13 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Fing.Agent service terminated unexpectedly. It has done this 38 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (12/20/2022 09:40:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Fing.Agent service terminated unexpectedly. It has done this 37 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (12/20/2022 05:04:32 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.


Windows Defender:
================
Date: 2022-12-19 18:27:45
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-12-18 19:04:31
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-12-18 14:30:46
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-12-16 18:32:34
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-12-15 17:59:50
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]

Date: 2022-11-11 14:11:20
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.379.184.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19800.4
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

CodeIntegrity:
===============
Date: 2022-12-21 08:33:54
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2022-12-21 08:32:28
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2022-12-21 08:31:57
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Temp\asw0c5118799645cd59.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: LENOVO N2OET53W (1.40 ) 08/17/2021
Motherboard: LENOVO 20QWCTO1WW
Processor: Intel(R) Core(TM) i5-9400H CPU @ 2.50GHz
Percentage of memory in use: 63%
Total physical RAM: 16086.71 MB
Available physical RAM: 5883.02 MB
Total Virtual: 19030.71 MB
Available Virtual: 6894.04 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:475.6 GB) (Free:112.71 GB) (Model: SAMSUNG MZVLB512HBJQ-000L7) NTFS

\\?\Volume{9cb47276-ae1a-44bb-8632-e5aaea7882b5}\ () (Fixed) (Total:1.07 GB) (Free:0.08 GB) NTFS
\\?\Volume{adee8034-a0dc-68f0-c1b1-bc0e2e3e1fe4}\ () (Fixed) (Total:54.72 GB) (Free:0 GB) NTFS
\\?\Volume{9afdc3aa-3cd1-4ca1-8b65-59b3e83e092b}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: B1BFF8D5)

Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 1.

==================== End of Addition.txt =======================
 
redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2
  • Close all the running programs
  • Double click on downloaded setup.exe file to install the program.
  • Click on Start Scan button.
  • Click on another Start Scan button.
  • Wait until the Status box shows Scan Finished
  • Click on Remove Selected.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
redtarget.gif
Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.
redtarget.gif
Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8/10 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.
 
Status
Not open for further replies.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
797
uber_beetle
uber_beetle
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni

Latest posts

Back