Jump to content


Photo

Blue Screen Twice a Week??


  • This topic is locked This topic is locked
5 replies to this topic

#1 mvtrucking

mvtrucking

    Advanced Member

  • Full Member
  • PipPipPip
  • 107 posts

Posted 26 May 2020 - 08:05 PM

Long time member here who is still tech challenged. Not sure why I am getting this blue screen, there are a ton of numbers with it, but I haven't figured out how to copy a screenshot of it? Any help would be greatly appreciated, thank you in advance:

 

MBAM

 

Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 5/26/20
Scan Time: 4:45 PM
Log File: 281b4272-9f9a-11ea-a94d-00fff91ec930.json
 
-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.629
Update Package Version: 1.0.16312
License: Free
 
-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: DonVanHorne-HP\Don Van Horne
 
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 433363
Threats Detected: 42
Threats Quarantined: 42
Time Elapsed: 52 min, 2 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Detect
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 0
(No malicious items detected)
 
Registry Value: 1
PUP.Optional.Movix, HKU\S-1-5-21-2844776404-49628929-1600567784-1001\SOFTWARE\GOOGLE\CHROME\PREFERENCEMACS\Default\extensions.settings|agimnfedoejnbcaboobehgdeppecefap, Delete-on-Reboot, [2036], [182709],1.0.16312
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 7
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\imgs\offers, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\_metadata, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\icons, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\imgs, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\js, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\USERS\DON VAN HORNE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\AGIMNFEDOEJNBCABOOBEHGDEPPECEFAP, Delete-on-Reboot, [2036], [182709],1.0.16312
 
File: 34
PUP.Optional.MP3Rocket, C:\USERS\PUBLIC\DESKTOP\MP3 Rocket 7.4.1 PRO.lnk, Delete-on-Reboot, [4496], [240933],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\icons\icons_facebook.png, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\icons\icons_g.png, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\icons\icons_gmail.png, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\icons\icons_inst.png, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\icons\icons_link.png, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\icons\icons_pin.png, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\icons\icons_wiki.png, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\icons\icons_wowmovix.png, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\icons\icons_yahoo.png, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\icons\icons_youtube.png, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\imgs\offers\action.png, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\imgs\offers\animation.png, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\imgs\offers\comedy.png, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\imgs\offers\drama.png, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\imgs\offers\family.png, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\imgs\offers\romance.png, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\imgs\icon128.png, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\imgs\icon16.png, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\js\auto_complete.js, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\js\background.js, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\js\bootstrap.min.js, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\js\content.js, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\js\jquery-1.9.1.js, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\js\jquery.min.js, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\js\jqueryui.min.js, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\_metadata\verified_contents.json, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\index.html, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\manifest.fingerprint, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\agimnfedoejnbcaboobehgdeppecefap\3.0.0_0\manifest.json, Delete-on-Reboot, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\USERS\DON VAN HORNE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [2036], [182709],1.0.16312
PUP.Optional.Movix, C:\USERS\DON VAN HORNE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Preferences, Replaced, [2036], [182709],1.0.16312
PUP.Optional.YTDVideoDownloader, C:\USERS\DON VAN HORNE\DOWNLOADS\YTDSETUP.EXE, Delete-on-Reboot, [13416], [591608],1.0.16312
PUP.Optional.Spigot.PN, C:\USERS\DON VAN HORNE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, [215], [786316],1.0.16312
 
Physical Sector: 0
(No malicious items detected)
 
WMI: 0
(No malicious items detected)
 
 
(end)
 
FRST:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2020 01
Ran by Don Van Horne (26-05-2020 18:32:29)
Running from C:\Users\Don Van Horne\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2012-02-10 02:40:03)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2844776404-49628929-1600567784-500 - Administrator - Disabled)
Don Van Horne (S-1-5-21-2844776404-49628929-1600567784-1001 - Administrator - Enabled) => C:\Users\Don Van Horne
Guest (S-1-5-21-2844776404-49628929-1600567784-501 - Limited - Enabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-2844776404-49628929-1600567784-1002 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Security Suite (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D}
AS: Norton Security Suite (Enabled - Up to date) {AA43507E-C04B-3762-B41C-BC76F4531830}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security Suite (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
µTorrent (HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\uTorrent) (Version: 3.5.0.43804 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703\...\uTorrent) (Version: 3.5.0.43804 - BitTorrent Inc.)
3DYD Youtube Source (remove only) (HKLM-x32\...\3DYD Youtube Source) (Version:  - )
4K Video Downloader 4.4 (HKLM-x32\...\{6C16453A-F664-4CBD-99A7-78F73552470C}) (Version: 4.4.3.2265 - Open Media LLC)
7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov)
8K Player version 4.5.0 (HKLM-x32\...\842F0D80-2EC4-4903-9798-714D9927DCA1_is1) (Version: 4.5.0 - DimoSoft, Inc.)
AceThinker Video Master V4.8.2 (HKLM-x32\...\{CDD36B59-DF4F-4401-92FF-0FF8417CDF4C}_is1) (Version: 4.8.2 - AceThinker)
ActiveCheck component for HP Active Support Library (HKLM-x32\...\{254C37AA-6B72-4300-84F6-98A82419187E}) (Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.009.20065 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.371 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.371 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.371 - Adobe)
Aiseesoft MP4 Video Converter 7.1.36 (HKLM-x32\...\{75CE1C3D-5B84-4e3b-BC17-246607907E6B}_is1) (Version: 7.1.36 - Aiseesoft Studio)
Allavsoft 3.12.8.6141 (HKLM-x32\...\{6EBED4D8-13D9-4270-8D44-B57DDB7A787C}_is1) (Version:  - Allavsoft Corporation)
Amberlight (HKLM\...\Amberlight_is1) (Version: 1.2.1 - Escape Motions, s.r.o)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Aneesoft YouTube Converter 3.0.0.0 (HKLM-x32\...\{DA34EFA8-1CF2-4FC0-A75B-242E870366FC}}_is1) (Version:  - Aneesoft Corporation)
Animiz Animation Maker 2.3.6 (HKLM-x32\...\animizvideoen_is1) (Version: 2.3.6 - Animiz Video Solution)
AnyMedia Player 3.4.8 (HKLM-x32\...\{1959CCD2-1227-4de4-97E7-04F29D526762}_is1) (Version: 3.4.8 - cyan soft ltd)
AnyMP4 Blu-ray Player 6.2.12 (HKLM-x32\...\{DF8BE739-832A-482a-8C75-FB9628A6BE6E}_is1) (Version: 6.2.12 - AnyMP4 Studio)
AnyMP4 Video Converter Platinum 6.1.38 (HKLM-x32\...\{3E48324E-4843-4818-834D-C5219B51248E}_is1) (Version: 6.1.38 - AnyMP4 Studio)
AnyMP4 Video Editor 1.0.8 (HKLM-x32\...\{D2650AAA-B8FF-43F5-A3E9-26141B69045E}_is1) (Version: 1.0.8 - AnyMP4 Studio)
AnyMusic 4.0.0 (only current user) (HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\4e5f07cb-57d0-511b-8d72-f92e9ac978dd) (Version: 4.0.0 - AmoyShare Technology Company)
AnyMusic 4.0.0 (only current user) (HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703\...\4e5f07cb-57d0-511b-8d72-f92e9ac978dd) (Version: 4.0.0 - AmoyShare Technology Company)
Ashampoo Movie Studio 2013 v.1.0.4 (HKLM-x32\...\{91B33C97-EB09-F0A4-36AC-3895F9F93DD1}_is1) (Version: 1.0.4 - Ashampoo GmbH & Co. KG)
Ashampoo Music Studio 2013 v.4.0.7 (HKLM-x32\...\{91B33C97-0D61-2DA9-07F6-0EF54C520FE3}_is1) (Version: 4.0.7 - Ashampoo GmbH & Co. KG)
Ashampoo Slideshow Studio 2015 v.1.0.0 (HKLM-x32\...\{91B33C97-4A6F-D11F-A387-040BB4E1094E}_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 2017 (HKLM-x32\...\{0A11EA01-F22C-84C3-9723-53CA58DB6F9C}_is1) (Version: 1.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo Uninstaller 2017 (HKLM-x32\...\{4209F371-E035-1302-F540-12532A0A4FC7}_is1) (Version: 6.00.14 - Ashampoo GmbH & Co. KG)
Ashampoo UnInstaller 5 v.5.0.6 (HKLM-x32\...\{4209F371-ABC8-B772-DB8E-93F4772F58FA}_is1) (Version: 5.06.00 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (HKLM\...\{3001791D-2CA6-6FE3-BE0F-8EA7522B32D4}) (Version: 3.0.795.0 - ATI Technologies, Inc.)
ATI Stream SDK v2 Developer (HKLM\...\{80C27FE9-C6C4-F5C8-EAD3-09E7E0102E78}) (Version: 2.2.0.0 - ATI Technologies Inc.)
Atomic Alarm Clock 6.11 (HKLM\...\Atomic Alarm Clock_is1) (Version:  - Drive Software Company)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Audio Control (HKLM-x32\...\{D3373741-9581-4335-8AA8-E0770ECB77D4}) (Version: 4 - MBBSoftware)
Audio Editor Deluxe v9.0.1 (HKLM-x32\...\Audio Editor Deluxe_is1) (Version:  - AudioEditorDeluxe Co., Ltd.)
Audio Record Wizard (HKLM-x32\...\Audio Record Wizard) (Version: 6.92 - NowSmart)
Aurora Blu-ray Media Player (HKLM-x32\...\Aurora Blu-ray Media Player) (Version: 2.12.8.1277 - Aurora Software Inc.)
Auto Screenshot Maker 3.0 (HKLM-x32\...\{6C9A0BF3-CE9C-4830-A26F-46AE774352C6}_is1) (Version:  - AutoScreenshotMaker)
AV Audio & Sound Recorder (HKLM-x32\...\AV Audio & Sound Recorder) (Version: 2.0.5 - AVSoft Corp. (VN))
AV Audio Converter (HKLM-x32\...\AV Audio Converter) (Version: 2.0.5 - AVSoft Corp. (VN))
AV Audio Editor (HKLM-x32\...\AV Audio Editor) (Version: 2.0.5 - AVSoft Corp. (VN))
AV Audio Morpher (HKLM-x32\...\AV Audio Morpher) (Version: 6.0.5 - AVSoft Corp. (VN))
AV CD Grabber (HKLM-x32\...\AV CD Grabber) (Version: 2.0.5 - AVSoft Corp. (VN))
AV Media Player Morpher (HKLM-x32\...\AV Media Player Morpher) (Version: 6.2.1 - AVSoft Corp. (VN))
AV Media Uploader (HKLM-x32\...\AV Media Uploader) (Version: 1.0.18 - AVSoft Corp. (VN))
AV Tube (HKLM-x32\...\AV Tube) (Version: 1.0.24 - AVSoft Corp. (VN))
AV Video Converter (HKLM-x32\...\AV Video Converter) (Version: 1.0.3 - AVSoft Corp. (VN))
AVG 2013 (HKLM\...\{88E071C6-A76A-4723-94AC-A9B1206750F8}) (Version: 13.0.3684 - AVG Technologies) Hidden
AVG 2013 (HKLM\...\{AB3AFCA5-A2BB-4F31-8FEC-0295DB7BF928}) (Version: 13.0.3462 - AVG Technologies) Hidden
AVG 2014 (HKLM\...\{34883B9C-CDFE-46F0-9C5B-935484C218C3}) (Version: 14.0.4259 - AVG Technologies) Hidden
AVG 2014 (HKLM\...\{F95BF201-C9AE-4215-883A-EC12A0D88C58}) (Version: 14.0.3697 - AVG Technologies) Hidden
AVS Audio Converter 8.0 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 8.0.2.541 - Online Media Technologies Ltd.)
AVS Audio Editor 7.2 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 7.2.2.488 - Online Media Technologies Ltd.)
AVS Audio Recorder 4.0 (HKLM-x32\...\AVS Audio Recorder_is1) (Version: 4.0.2.22 - Online Media Technologies Ltd.)
AVS Document Converter 2.3.1 (HKLM-x32\...\AVS Document Converter_is1) (Version: 2.3.1.232 - Online Media Technologies Ltd.)
AVS Image Converter 4.0.2 (HKLM-x32\...\AVS Image Converter_is1) (Version: 4.0.2.281 - Online Media Technologies Ltd.)
AVS Media Player 4.5.1 (HKLM-x32\...\AVS Media Player_is1) (Version: 4.5.1.120 - Online Media Technologies Ltd.)
AVS Photo Editor 2.3.3.147 (HKLM-x32\...\AVS Photo Editor_is1) (Version: 2.3.3.147 - Online Media Technologies Ltd.)
AVS Ringtone Maker version 1.6 (HKLM-x32\...\AVS Ringtone Maker 1.6_is1) (Version: 1.6.1.140 - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: 1.0.5.158 - Online Media Technologies Ltd.)
AVS Video Converter 10.0.1 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 10.0.1.610 - Online Media Technologies Ltd.)
AVS Video Editor 7.0 (HKLM-x32\...\AVS Video Editor_is1) (Version: 7.0.1.258 - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.5 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: 1.5.1.27 - Online Media Technologies Ltd.)
Bass Audio Decoder (remove only) (HKLM-x32\...\Bass Audio Decoder) (Version:  - )
Bing Rewards Client Installer (HKLM-x32\...\{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}) (Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blio (HKLM-x32\...\{9368DDD5-CE7F-4BD7-A83A-F00FABE338EC}) (Version: 2.2.6699 - K-NFB Reading Technology, Inc.)
BlueStacks 3 (HKLM-x32\...\BlueStacks) (Version: 3.7.21.2305 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bonjour SDK (HKLM\...\{C0F5A19A-055A-4902-9D41-864127BFAF11}) (Version: 3.0.0.10 - Apple Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 79.1.2.41 - Brave Software Inc)
CamStudio 2.7.4 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.4 - CamStudio Open Source)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.10.7.32 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.2.8 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
ccc-core-static (HKLM-x32\...\{2A41AD80-C9C8-3CD0-2BEA-05731A9483DF}) (Version: 2010.1123.1002.17926 - ATI) Hidden
CDRWIN 9 (HKLM-x32\...\{23D4A973-14FF-474E-0001-6529DDC11226}) (Version: 9.0.11.1109 - Engelmann Media GmbH)
CintaNotes 3.1.4 (HKLM-x32\...\CintaNotes_is1) (Version:  - Cinta Software)
CrazyTalk v7.32 Standard (HKLM-x32\...\{27C4EA98-84A3-4CDF-A436-F984A0283357}) (Version: 7.32.3114.1 - Reallusion Inc.)
Cute Reminder Standard Edition 2.6 (HKLM-x32\...\Cute Reminder Standard Edition_is1) (Version: 2.6.317 - CuteReminder Labs)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.2615 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Date Time Counter 6.0 (HKLM-x32\...\Date Time Counter_is1) (Version:  - TriSun Software Limited)
DCoder Image Source (remove only) (HKLM-x32\...\DCoder Image Source) (Version:  - )
Digital Voice Editor 3 (HKLM-x32\...\{6CCC133E-9A2F-4CAA-8866-75D029CD3AB3}) (Version: 3.3.01.11240 - Sony Corporation)
Dimo 4K Converter version 4.6.0 (HKLM-x32\...\312E3E20-1A05-4D84-B24E-399A86594601_is1) (Version: 4.6.0 - DimoSoft, Inc.)
Dimo BDmate version 4.0.0 (HKLM-x32\...\114348FE-BAD2-42E2-A430-D76E35E26FB5_is1) (Version: 4.0.0 - DimoSoft, Inc.)
Dimo HD Video Converter version 4.6.0 (HKLM-x32\...\4E8BB9F6-ECEA-414D-AF40-569C59E5D793_is1) (Version: 4.6.0 - DimoSoft, Inc.)
Direct Game UNI Installer (HKLM-x32\...\{4A08175D-2FA1-4200-A42A-9A3AC370D372}) (Version: 1.0.15 - GamesLOL)
DirectVobSub (remove only) (HKLM-x32\...\DirectVobSub) (Version:  - )
Discord (HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Discord (HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703\...\Discord) (Version: 0.0.305 - Discord Inc.)
Dr. Folder version 2.5.0.0 (HKLM\...\{1E989158-7B7C-4A69-9038-B010AF3F775A}_is1) (Version: 2.5.0.0 - YL Computing)
DRmare M4V Converter 4.0.1.18 (HKLM-x32\...\DRmare M4V Converter_is1) (Version:  - DRmare, Inc.)
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version:  - )
DVDFab 9.1.1.9 (18/12/2013) (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
DVDFab Passkey 8.1.0.2 (12/07/2013) (HKLM-x32\...\DVDFab Passkey 8_is1) (Version:  - Fengtao Software Inc.)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version:  - EaseUS)
EssentialPIM Pro (HKLM-x32\...\EssentialPIM Pro) (Version: 7.66 - Astonsoft Ltd)
Facebook Video Calling 1.2.0.287 (HKLM-x32\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fast VD 3.1.0.1 (HKLM-x32\...\9ED08AFF-E977-47db-8923-2499D74C97C5_Fast VD_is1) (Version: 3.1.0.1 - FastPcTools)
FFMPEG Addon (HKLM-x32\...\{111124AF-1ED4-44EF-B674-111111985342}_is1) (Version: 1.00 - FFMPEG)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Folder Scout 1.3.2 (HKLM-x32\...\Folder Scout 1.3.2_is1) (Version:  - Folder Scout Labs)
FolderIco 4.0 (HKLM\...\{22C37D82-6137-40BF-8625-7A846ED65F3A}_is1) (Version:  - teorex)
Free Hide IP (HKLM-x32\...\FreeHideIP) (Version: 4.0.6.6 - )
Free RAR Extract Frog (HKLM-x32\...\Free RAR Extract Frog) (Version: 6.50 - Philipp Winterberg)
Free Screen Video Recorder (HKLM-x32\...\Free Screen Video Recorder_is1) (Version: 3.0.46.1030 - Digital Wave Ltd)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.8.2 - Ellora Assets Corporation)
Freemake YouTube To MP3 Boom (HKLM-x32\...\Freemake YouTube To MP3 Boom_is1) (Version: 1.0.4 - Ellora Assets Corporation)
Gameloop (HKLM-x32\...\MobileGamePC) (Version: 1.0.0.1 - Tencent Technology Company)
Glary Utilities 5.80 (HKLM-x32\...\Glary Utilities 5) (Version: 5.80.0.101 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.61 - Google LLC)
Google Earth Pro (HKLM-x32\...\{7A3374DE-3D99-4BD9-9FE8-A76498632D98}) (Version: 7.3.3.7699 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
HD Video Converter Factory Pro version 7.0 (HKLM-x32\...\{486E9FE6-1D8E-4EEF-87C6-92D20ACA18E8}_is1) (Version: 7.0 - WonderFox Soft, Inc)
Helium Music Manager 9.5.1 (HKLM-x32\...\{C60EE1FA-B137-11E1-8346-A7E16088709B}}_is1) (Version: 9.5.1.11880 - Imploded Software)
Hide My IP 6 (HKLM-x32\...\HIDEMYIP_is1) (Version:  - My Privacy Tools, Inc)
HitFilm 2 Express (HKLM\...\{A6E81EFB-2A19-4B5B-8C48-D4E5DB3AD547}) (Version: 2.0.2522.46168 - FXhome)
HP DeskJet 2600 series Basic Device Software (HKLM\...\{8DA7A239-79C2-49FC-826B-DD26A559FF60}) (Version: 43.2.2474.17192 - HP Inc.)
HP DeskJet 2600 series Help (HKLM-x32\...\{9A36A9D9-787C-4E75-914B-CF133FA88FC9}) (Version: 44.0.0 - HP)
HP Dropbox Plugin (HKLM-x32\...\{C68BD3B6-3CC4-4871-94D1-3412A571001F}) (Version: 36.0.100.66344 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{763E42DC-F6DB-49E5-AAFD-CC3273F858CB}) (Version: 43.0.0.0 - HP)
HP FTP Plugin (HKLM-x32\...\{1E02EFE9-1EDB-4EE4-B02F-1B23C9AF3CD5}) (Version: 43.0.0.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP Google Drive Plugin (HKLM-x32\...\{ADA6C223-3EEA-4CAF-822A-5380A7A40342}) (Version: 36.0.100.66344 - HP)
HP LinkUp (HKLM-x32\...\{C1AD9241-3ADD-483F-914D-071F3E50855A}) (Version: 2.01.026 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{BB760C1D-98F4-4E38-8CC4-3B67329AA981}) (Version: 1.0.6.0 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP OneDrive Plugin (HKLM-x32\...\{16DB1A9B-1180-43E7-BE29-7201EE339206}) (Version: 36.0.0.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP SharePoint Plugin (HKLM-x32\...\{1F73FB9B-71BC-47F8-8AA6-DA9076E4E52B}) (Version: 43.0.0.0 - HP)
HP Support Assistant (HKLM-x32\...\{E92D47A1-D27D-430A-8368-0BAFD956507D}) (Version: 5.2.9.2 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard)
HPAsset component for HP Active Support Library (HKLM-x32\...\{669D4A35-146B-4314-89F1-1AC3D7B88367}) (Version: 3.0.2.2 - Hewlett-Packard) Hidden
Hulu Desktop (HKU\S-1-5-21-2844776404-49628929-1600567784-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164617845\...\HuluDesktop) (Version: 0.9.13 - Hulu LLC)
HydraVision (HKLM-x32\...\{751D221F-7C37-C83F-1973-A1F92A0F4DF6}) (Version: 4.2.180.0 - ATI Technologies Inc.) Hidden
Icecream Image Resizer version 2.08 (HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\{2F8F5694-F482-481A-B05F-4A6D8A275B84}_is1) (Version: 2.08 - Icecream Apps)
Icecream Image Resizer version 2.08 (HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703\...\{2F8F5694-F482-481A-B05F-4A6D8A275B84}_is1) (Version: 2.08 - Icecream Apps)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6325.0 - IDT)
Impaq Speed (HKLM-x32\...\{7D19BF4D-DA07-45F2-9133-66C9998CD6E5}) (Version: 1.0.2.1 - Melasys LLC)
Impaq Speed (HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\{ed68190f-e45c-490b-b345-ef595d483b15}) (Version: 0.0.0.0 - Melasys LLC) Hidden
Impaq Speed (HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703\...\{ed68190f-e45c-490b-b345-ef595d483b15}) (Version: 0.0.0.0 - Melasys LLC) Hidden
IncrediMail (HKLM-x32\...\{18DB3375-0649-4EA3-959A-44F1ACD278BA}) (Version: 6.2.9.5163 - IncrediMail) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
iPixSoft Video Slideshow Maker (3.4.1.0) (HKLM-x32\...\iPixSoft Video Slideshow Maker_is1) (Version: 3.4.1.0 - iPixSoft)
iStonsoft Android File Manager (HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\iStonsoft Android File Manager) (Version: 3.9.125 - iStonsoft)
iStonsoft Android File Manager (HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703\...\iStonsoft Android File Manager) (Version: 3.9.125 - iStonsoft)
iTunes (HKLM\...\{E109B4A3-9883-4E6E-9A19-4D7E1A88AFE8}) (Version: 12.4.2.4 - Apple Inc.)
Ivacy (HKLM-x32\...\Ivacy_is1) (Version: 3.6.4.0 - Ivacy)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KC Softwares AVIToolbox (HKLM-x32\...\KC Softwares AVIToolbox_is1) (Version: 2.5.2.54 - KC Softwares)
Kodi (HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\Kodi) (Version:  - XBMC-Foundation)
Kodi (HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703\...\Kodi) (Version:  - XBMC-Foundation)
KooRaRoo Media (HKLM\...\{C46CC07F-400F-4AEE-918A-52BA1C69244C}_is1) (Version: 2.3.0.0 - Programming Sunrise)
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3609 - CyberLink Corp.) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3609 - CyberLink Corp.)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
LAV Filters 0.72 (HKLM-x32\...\lavfilters_is1) (Version: 0.72 - Hendrik Leppkes)
Leawo Blu-ray Copy version  7.1.0.7 (HKLM-x32\...\{9B97E64D-B46A-4453-8AC5-664F7D2729AA}_is1) (Version: 7.1.0.7 - Leawo Software)
Leawo DVD Creator version  5.2.0.0 (HKLM-x32\...\{29312768-5795-483C-805A-7D01B8FC7C0E}_is1) (Version: 5.2.0.0 - Leawo Software Co., Ltd.)
Leonflix 0.3.2 (only current user) (HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\6bbac5fa-04bd-5b9b-b752-acf42e3ab443) (Version: 0.3.2 - Leonflix)
Leonflix 0.3.2 (only current user) (HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703\...\6bbac5fa-04bd-5b9b-b752-acf42e3ab443) (Version: 0.3.2 - Leonflix)
LG CyberLink PowerDVD 7.0 (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.3409.a - CyberLink Corp.)
LG CyberLink YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.2609 - CyberLink Corp.) Hidden
LG CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.2609 - CyberLink Corp.)
LG Power Tools (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2806 - CyberLink Corp.) Hidden
LG Power Tools (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2806 - CyberLink Corp.)
LightScribe System Software (HKLM-x32\...\{2FA75B40-17C9-4D22-88CA-80A5D52FAB13}) (Version: 1.18.24.1 - LightScribe)
LightScribe Template Labeler (HKLM-x32\...\{83721450-E604-4C37-ABEB-CE7F18C587C8}) (Version: 1.18.24.1 - LightScribe)
Loaris Trojan Remover 1.3.6.4 (HKLM\...\{29988DC6-9C4A-49B2-AC86-5C380B29ADB9}_is1) (Version:  - Loaris, Inc.)
MadVR (remove only) (HKLM-x32\...\MadVR) (Version:  - )
MAGIX Photo Manager 12 Deluxe (HKLM\...\{9B97E77A-A186-4269-9DCB-E99EFE3DFDEB}) (Version: 10.0.0.268 - MAGIX AG) Hidden
MAGIX Photo Manager 12 Deluxe (HKLM-x32\...\MAGIX_{9B97E77A-A186-4269-9DCB-E99EFE3DFDEB}) (Version: 10.0.0.268 - MAGIX AG)
MAGIX Slideshow Maker 2 (HKLM\...\{ADB6CF23-87C3-493D-A12D-DCE526E0418C}) (Version: 2.0.1.9 - MAGIX AG) Hidden
MAGIX Slideshow Maker 2 (HKLM-x32\...\MAGIX_{ADB6CF23-87C3-493D-A12D-DCE526E0418C}) (Version: 2.0.1.9 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM\...\{2D69FE78-DB46-4242-9362-AF82E61F8AF9}) (Version: 7.0.1.27 - MAGIX AG) Hidden
Malware Hunter 1.40.0.155 (HKLM-x32\...\Malware Hunter) (Version: 1.40.0.155 - Glarysoft Ltd)
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27033 (HKLM-x32\...\{cc3a7c63-31fb-4129-9024-63ebefd86a95}) (Version: 14.16.27033.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27033 (HKLM-x32\...\{624ba875-fdfc-4efa-9c66-b170dfebc3ec}) (Version: 14.16.27033.0 - Microsoft Corporation)
MIPC 5.7.2.1807251110 (HKLM-x32\...\MIPC) (Version: 5.7.2.1807251110 - MIPC)
MobiGame (HKLM\...\{0CD5AE2D-BB58-4E35-8B5C-AFE995A80E1A}) (Version: 2.16.8.0 - MobiGame)
MovieJack free (HKLM-x32\...\{61D31B76-19A3-440C-9A21-BDE64BAED8D2}) (Version: 4.0.6851.9134 - Engelmann Software) Hidden
MovieJack free (HKLM-x32\...\{8c49fdec-a922-491e-a86e-8666eb627afc}) (Version: 4.0.6851.9312 - Engelmann Software)
Mozilla Firefox 54.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 en-US)) (Version: 54.0.1 - Mozilla)
Mozilla Firefox 76.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 76.0.1 (x64 en-US)) (Version: 76.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.4 - Mozilla)
MP3 Rocket (HKLM-x32\...\MP3 Rocket) (Version: 7.4.1 PRO - MP3 Rocket Inc)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyFormatConverter (HKLM-x32\...\{db65f631-6260-4f64-92ed-046d48147747}) (Version: 10.0.6089.24766 - Engelmann Distribution UG)
MyFormatConverter (HKLM-x32\...\{F645FC03-BD60-44FD-BCFD-7E5DA2017AB8}) (Version: 10.0.6089.24588 - Engelmann Distribution UG) Hidden
Netflix in Windows Media Center (HKLM-x32\...\{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}) (Version: 3.3.101.0 - Microsoft Corporation)
NoraGO 2.1.0 (only current user) (HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\0b2dd310-f8a1-5b63-abd1-c46a759e1eb1) (Version: 2.1.0 - Yuri Bely)
NoraGO 2.1.0 (only current user) (HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703\...\0b2dd310-f8a1-5b63-abd1-c46a759e1eb1) (Version: 2.1.0 - Yuri Bely)
Norton Security Suite (HKLM-x32\...\NGC) (Version: 22.20.2.57 - Symantec Corporation)
OpenIV (HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\OpenIV) (Version: 2.8.703 - .black/OpenIV Team)
OpenIV (HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703\...\OpenIV) (Version: 2.8.703 - .black/OpenIV Team)
OpenOffice.org 3.3 (HKLM-x32\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)
OpenVPN 2.3.2-I003  (HKLM\...\OpenVPN) (Version: 2.3.2-I003 - )
OpenVPN 2.3.6-I001  (HKLM-x32\...\OpenVPN) (Version: 2.3.6-I001 - )
PCMedik (HKLM-x32\...\PCMedik_is1) (Version: 8.10.31.2016 - PGWARE LLC)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.2.26 - PDF Complete, Inc)
Pegasun System Utilities (HKLM-x32\...\{BFDC3B26-7DB0-43D3-BC84-7E9649C157EA}_is1) (Version: 4.60 - Pegasun)
Penguins! (HKLM-x32\...\WT087394) (Version: 2.2.0.95 - WildTangent) Hidden
Philips CamSuite (HKLM-x32\...\{E6C773DF-41C4-4A4F-B6C5-7830FF10342F}) (Version: 2.0.15.0 - Philips)
Philips SPC620NC Webcam (HKLM-x32\...\{47BE6EC4-32A5-43BC-B6CD-839101374334}) (Version: 1.00.000 - Philips)
Photo BUZZER (64-Bit) (HKLM\...\EMOTION_PROJECTS_1_2_CDF5610E_is1) (Version: 1.14 - Franzis Verlag GmbH)
Photo Transfer App (HKLM-x32\...\com.erclab.air.phototransferapp) (Version: 2.8.2 - UNKNOWN)
Photomatix Essentials version 4.0.2 (HKLM\...\PhotomatixEssentials4x64_is1) (Version: 4.0.2 - HDRsoft Ltd)
PlayLater (HKLM-x32\...\{0BAFC0C2-0C49-484B-A224-E10B77AD4370}) (Version: 1.4.11 - MediaMall Technologies, Inc.)
PlayMemories Home (HKLM-x32\...\{0657DE52-8F5C-4073-B70C-ED4F3F7FA076}) (Version: 7.0.03.04240 - Sony Corporation)
PlayOn (HKLM-x32\...\{31ca2858-7b1d-4e52-9fce-888d149dbb27}) (Version: 4.5.41.25974 - MediaMall Technologies, Inc.)
PlayOn (HKLM-x32\...\{372654F1-1DA5-4181-8A30-535854520FEB}) (Version: 3.8.11 - MediaMall Technologies, Inc.)
PlayOn (HKLM-x32\...\{B5FA70BE-33F4-4013-8683-96FDC68ABC31}) (Version: 4.5.41 - MediaMall Technologies, Inc.) Hidden
PlayOn Dependencies (HKLM-x32\...\{9FCAA915-CEEF-4D9E-AAF2-6A252C888669}) (Version: 4.0.0.0 - MediaMall Technologies, Inc.) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (HKLM-x32\...\WT087395) (Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WT087397) (Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4817 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4817 - CyberLink Corp.)
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.10.1217.0 -  NewspaperDirect Inc.)
Product Improvement Study for HP DeskJet 2600 series (HKLM\...\{DF44980B-A87A-4945-937A-4812C29F4F32}) (Version: 43.2.2474.17192 - HP Inc.)
Quick Notes Plus 5.0 (HKLM-x32\...\Quick Notes Plus_is1) (Version:  - Conceptworld Corporation)
QuickTime Alternative 1.81 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 1.81 - )
Quietzone (HKLM-x32\...\{1F96CBF7-CA97-4265-864A-2646718D8D6F}) (Version: 4.0.17217 - Returnil and its licensors) Hidden
Quietzone (HKLM-x32\...\RQZ) (Version: 4.0.17217 - Returnil and its licensors)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
RAR File Source (HKLM-x32\...\RARFileSource) (Version: 0.9.3 - OctaneSnail)
RarZilla Free Unrar (HKLM-x32\...\RarZilla Free Unrar) (Version: 6.50 - Philipp Winterberg)
RealDownloader (HKLM-x32\...\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}) (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.3621 - CyberLink Corp.) Hidden
Remove Logo Now! 1.5 (HKLM-x32\...\Remove Logo Now!_is1) (Version: 1.5 - SoftOrbits)
Revo Uninstaller Pro 3.0.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.2 - VS Revo Group, Ltd.)
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)
Sansa Updater (HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\Sansa Updater) (Version:  - SanDisk Corporation)
Sansa Updater (HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703\...\Sansa Updater) (Version:  - SanDisk Corporation)
save2pc Professional 5.45 (HKLM-x32\...\save2pc Professional_is1) (Version:  - FDRLab, Inc.)
ScreenCamera registered to GiveAwayOfTheDay version 3.1.1.41 (HKLM-x32\...\{D47A18EF-38BC-4951-A344-9800D3BF4D53}_is1) (Version: 3.1.1.41 - PCWinSoft Software)
SES Driver (HKLM\...\{D8CC254C-C671-4664-9A38-FA368D1E2C97}) (Version: 1.0.0 - Western Digital)
Shadow Defender (HKLM\...\{93A07A0D-454E-43d1-86A9-5DE9C5F4411A}) (Version: 1.4.0.589 - ShadowDefender.com)
SharewareOnSale Notifier (HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\SharewareOnSale Notifier) (Version: 20 - SharewareOnSale)
SharewareOnSale Notifier (HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703\...\SharewareOnSale Notifier) (Version: 20 - SharewareOnSale)
Simply Good Pictures 2 (HKLM-x32\...\{DD2FEA6F-5AC2-46B2-0001-C2A0C077FD2C}) (Version: 2.0.13.115 - Engelmann Media GmbH)
Sketch Drawer 5.1 (HKLM-x32\...\Sketch Drawer_is1) (Version: 5.1 - SoftOrbits)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo Supreme (HKLM-x32\...\WT089457) (Version: 2.2.0.95 - WildTangent) Hidden
SmartSHOW 2.0 (HKLM-x32\...\{400EBE76-B6D2-4977-B4C9-18BB60112654}_is1) (Version:  - AMS Software)
SopCast 4.2.0 (HKLM-x32\...\SopCast) (Version: 4.2.0 - www.sopcast.com)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.3 - Sophos Limited)
SopPlus Player 0.3.4 (only current user) (HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\e90d9b84-bf51-5867-9693-754bdbeb1b4e) (Version: 0.3.4 - SopPlus Team)
SopPlus Player 0.3.4 (only current user) (HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703\...\e90d9b84-bf51-5867-9693-754bdbeb1b4e) (Version: 0.3.4 - SopPlus Team)
Sothink Blu-ray Copy Giveaway Version 1.0.0.2 (06/07/2016) (HKLM-x32\...\Sothink Blu-ray Copy Giveaway Version_is1) (Version:  - Zhang Qingming)
Spotify (HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
Spotify (HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
StarReminder, SharewareOnSale.com Special Edition (HKLM-x32\...\StarReminder_is1) (Version: 4.22.06 (Build:14 May 2017) - StarMessage Software)
Start Menu 10 version 5.55 (HKLM\...\{19E4D194-A672-4564-94EC-65C5A725026D}_is1) (Version: 5.55 - OrdinarySoft)
Steganos Privacy Suite 17 (HKLM-x32\...\{7381E9AB-68A4-418F-8130-88666557C6F4}) (Version: 17.1.3 - Steganos Software GmbH)
Sticky Password 6.0.12.455 (HKLM-x32\...\Sticky Password_is1) (Version: 6.0 - Lamantine Software)
Streaming Video Recorder V6.0.0 (HKLM-x32\...\{01c39b1f-d465-48ca-9d71-7d5afa53b4eb}_is1) (Version: 6.0.0 - APOWERSOFT LIMITED)
StreamTorrent 1.0 (HKLM-x32\...\StreamTorrent 1.0) (Version:  - )
StreamTorrent NE 1.0 (HKLM-x32\...\StreamTorrent NE_is1) (Version:  - )
SuperEZ Wave Editor Pro v12.2.1 (HKLM-x32\...\SuperEZ Wave Editor Pro_is1) (Version:  - SuperEZMedia Development Inc.)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
TeaTV version 1.5.0 (HKLM-x32\...\{A8C3DF97-73C2-479D-9B75-3DFA3FC6DEB1}_is1) (Version: 1.5.0 - TeaTV)
ThunderSoft Slideshow Factory (3.4.1.0) (HKLM-x32\...\ThunderSoft Slideshow Factory_is1) (Version: 3.4.1.0 - ThunderSoft)
ThunderSoft Video to GIF Converter (2.4.0.0) (HKLM-x32\...\ThunderSoft Video to GIF Converter_is1) (Version: 2.4.0.0 - ThunderSoft)
TimesUpKidz (HKLM-x32\...\{837DA79C-B12B-4709-9B9B-16D1468E418A}) (Version: 1.0.0 - Rain City Digital LLC)
Tipard Blu-ray Player 6.1.20 (HKLM-x32\...\{3827AA3A-CC6F-4260-AF59-46AAD9A2F6A8}_is1) (Version: 6.1.20 - Tipard Studio)
TotalReminder 6.3.0.0 (HKLM\...\TotalReminder_is1) (Version:  - Béla Bokor)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 4.0.3 - Tweaking.com)
UnHackMe GE 10.10 release (HKLM-x32\...\UnHackMe Giveaway Edition_is1) (Version:  - Greatis Software, LLC.)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
uRex Video Converter Platinum (HKLM-x32\...\uRexVideoConverter) (Version:  - uRexsoft, Inc. All Rights Reserved.)
Vintager 2 (HKLM\...\{54A3CED3-7F8B-4E44-A8D4-D43487266406}}_is1) (Version:  - Exeone)
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WT089307) (Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VOB2MPG v3 (HKLM-x32\...\{908B5359-244E-4E09-AA9F-DBF240679B46}) (Version: 3.2.2000 - BadgerIT)
Voicemod (HKLM\...\{8435A407-F778-4647-9CDB-46E5EC50BAD0}_is1) (Version: 1.2.6.2 - Voicemod S.L.)
Vole Internet Expedition (HKLM-x32\...\{BC42501A-643B-4E92-9DA0-AB43E7D76A48}) (Version: 3.12.40308 - Sanwhole)
Vov Sticky Notes (HKLM-x32\...\Vov Sticky Notes_is1) (Version: 4.7.0.0 - VOVSOFT)
VPNUK Connection Assistant 10.0 (HKLM-x32\...\VPNUK Connection Assistant) (Version: 10.0 - VPN UK, Inc.)
VSDC Free Video Editor version 5.5.0.601 (HKLM-x32\...\VSDC Free Video Editor_is1) (Version: 5.5.0.601 - Flash-Integro LLC)
WD Drive Utilities (HKLM-x32\...\{22662b08-91e0-4540-bb98-c96f32e09417}) (Version: 1.3.0.18 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{DD0C1657-A79B-4FED-B70C-26C1FE50BFB5}) (Version: 1.3.0.18 - Western Digital Technologies, Inc.) Hidden
WD Security (HKLM-x32\...\{249644e6-451a-4a5c-bd5c-21eeb9eec79d}) (Version: 1.3.1.2 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{7CC2EDF2-83EC-4707-BDD3-72469236A6CC}) (Version: 1.3.1.2 - Western Digital Technologies, Inc.) Hidden
WebM Project Directshow Filters (HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\webmdshow) (Version:  - )
WebM Project Directshow Filters (HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703\...\webmdshow) (Version:  - )
Wheel of Fortune 2 (HKLM-x32\...\WT087415) (Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.11.2 - WildTangent) Hidden
Windows Driver Package - Philips (SPC620) Image  (09/28/2007 1.61.1.5790) (HKLM\...\E282DC1D6894F97E03EDDD547CB2781C096540CD) (Version: 09/28/2007 1.61.1.5790 - Philips)
Windows Driver Package - Philips USB  (09/28/2007 1.61.1.5790) (HKLM\...\5FEE3C222325A264A4ADFAFE92FBE33C1BC7586F) (Version: 09/28/2007 1.61.1.5790 - Philips)
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM  (01/19/2011 1.0.0009.0) (HKLM\...\4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20) (Version: 01/19/2011 1.0.0009.0 - Western Digital Technologies)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Video Downloader   (HKLM-x32\...\Windows Video Downloader ) (Version:  - Tenorshare, Inc.)
Windows Video Downloader  (HKLM-x32\...\Windows Video Downloader) (Version:  - Tenorshare, Inc.)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinSysClean X7 PRO (HKLM\...\{1A4E6757-4428-4422-80A3-9B5D28B1AD43}) (Version: 17.20 - Ultimate Systems, Inc.) Hidden
WinToHDD version 2.8 (HKLM\...\WinToHDD_is1) (Version: 2.8 - Hasleo Software.)
WinUtilities Professional Edition 11.1 (HKLM-x32\...\{FC274982-5AAD-4C20-848D-4424A5043009}_is1) (Version: 11.1 - YL Computing, Inc)
WinX DVD Copy Pro 3.4.7 (HKLM\...\WinX DVD Copy Pro_is1) (Version:  - Digiarty Software,Inc.)
WinX DVD Ripper Platinum 7.5.17 (HKLM-x32\...\WinX DVD Ripper Platinum_is1) (Version:  - Digiarty Software, Inc.)
WinX HD Video Converter Deluxe 5.15.3 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version:  - Digiarty Software, Inc.)
WinX YouTube Downloader (HKLM-x32\...\WinX YouTube Downloader) (Version: 5.4 - Digiarty, Inc.)
WinZip 15.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C0}) (Version: 15.0.9334 - WinZip Computing, S.L. )
Wise Care 365 3.72 (HKLM-x32\...\Wise Care 365_is1) (Version: 3.72 - WiseCleaner.com, Inc.)
WonderFox DVD Video Converter 9.0 (HKLM-x32\...\WonderFox DVD Video Converter) (Version: 9.0 - WonderFox Soft, Inc.)
Wondershare Recoverit(Build 8.5.3.10) (HKLM-x32\...\{829555DC-31E5-4FEA-B350-8FCF24CECD95}_is1) (Version: 8.5.3.10 - Wondershare Software Co.,Ltd.)
Wondershare TidyMyMusic(Build 1.0.0.8) (HKLM-x32\...\Wondershare TidyMyMusic_is1) (Version: 1.0.0.8 - Wondershare Software)
Wondershare Video Editor(Build 3.5.0) (HKLM-x32\...\Wondershare Video Editor_is1) (Version:  - Wondershare Software)
World of Warships (HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814na}_is1) (Version:  - Wargaming.net)
World of Warships (HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814na}_is1) (Version:  - Wargaming.net)
WPS Office (11.2.0.9363) (HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\Kingsoft Office) (Version: 11.2.0.9363 - Kingsoft Corp.)
WPS Office (11.2.0.9363) (HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703\...\Kingsoft Office) (Version: 11.2.0.9363 - Kingsoft Corp.)
Xilisoft Download YouTube Video (HKLM-x32\...\Xilisoft Download YouTube Video) (Version: 5.6.8.20191230 - Xilisoft)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
X-Mirage version 1.01.5 (HKLM-x32\...\{EE034220-E0F5-4AA3-82B5-DD1CC216A6F5}_is1) (Version: 1.01.5 - X-Mirage, Inc.)
XTS-Spririt Box 0.6.01.11215 (HKLM-x32\...\{F960179C-72F7-4516-A71A-CXTB5D18DD84}_is1) (Version: 0.6.01.11215 - eXtremeSenses Software)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Youtube Music Downloader V7.1.5 (HKLM-x32\...\Youtube Music Downloader_is1) (Version:  - Youtube Music Downloader)
YoWindow (HKLM-x32\...\yowindow) (Version: 3 - RepkaSoft)
YTD Video Downloader 5.9.9 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 5.9.9 - GreenTree Applications SRL) <==== ATTENTION
Zinio Reader 4 (HKLM-x32\...\{761E061F-FB8E-BBB4-69A4-B1DEF3640DB7}) (Version: 4.2.3972 - Zinio LLC) Hidden
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_EN_is1) (Version:  - ZONER software)
Zoolz2 (HKLM-x32\...\Zoolz2) (Version: 2.1 - Genie9)
Zoom (HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)
Zoom (HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)
Zoom Player (remove only) (HKLM-x32\...\ZoomPlayer) (Version: 14 - Inmatrix LTD)
Zuma Deluxe (HKLM-x32\...\WT089455) (Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Don Van Horne\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-07] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Don Van Horne\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-07] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Don Van Horne\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-07] (Mega Limited -> )
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Don Van Horne\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-07] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Don Van Horne\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-07] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Don Van Horne\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-07] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security Suite\Engine\22.20.2.57\buShell.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [DefenderContextMenuExt] -> {5EE8E9E6-2853-4D28-B2DE-6529EDA0A294} => C:\Program Files\Shadow Defender\ShellExt.dll [2015-08-26] (Yang Ping -> SHADOWDEFENDER.COM)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2016-06-22] (Glarysoft LTD -> Glarysoft Ltd)
ContextMenuHandlers1: [Glarysoft MalwareHunter] -> {EA847F47-97F1-4D78-AB99-C63CA1C327F0} => C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MHContextHandlerx64.dll [2017-06-29] (Glarysoft LTD -> Glarysoft Ltd)
Contex

#2 Android 8888

Android 8888

    SWI Malware Tracker

  • Trusted Advisor*
  • PipPipPipPipPip
  • 1,199 posts

Posted 27 May 2020 - 03:09 AM

Hello mvtrucking.
Welcome back to SpywareInfo Forum.
 
I'm Android8888 and I will be glad to help you with your computer issues. Please feel free to ask questions if anything is unclear to you.

 

 

Not sure why I am getting this blue screen, there are a ton of numbers with it, but I haven't figured out how to copy a screenshot of it?

You can leave the screenshot for now.

 

FRST produced two logs (FRST.txt and Addition.txt). You just posted the content of Addition.txt. I will also need to see the entire content of FRST.txt file. It is located within the same folder as FRST which in your case is at C:\Users\Don Van Horne\Downloads folder.

 

Please copy and paste its entire content in your next reply for my review and wait for further instructions.

Thank you.

Android8888


Android 8888
 
Website: http://android8888.comlu.com
 
Tavira - Here's where I live!
 
Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"
 
Our help is free, but if you wish to help keep these forums running please consider a donation; Please see This Topic for details.

#3 mvtrucking

mvtrucking

    Advanced Member

  • Full Member
  • PipPipPip
  • 107 posts

Posted 28 May 2020 - 08:51 AM

Thank you Android8888

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2020 01
Ran by Don Van Horne (administrator) on DONVANHORNE-HP (Hewlett-Packard Rfrb h8-1070t) (26-05-2020 18:30:00)
Running from C:\Users\Don Van Horne\Downloads
Loaded Profiles: Don Van Horne
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\Program Files (x86)\Atomic Alarm Clock\timeserv.exe
() [File not signed] C:\Program Files\MobiGame\aeg_launcher.exe
() [File not signed] C:\Program Files\MobiGame\MobiGameUpdater.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Genie9 LTD -> Genie9) C:\Program Files\Genie9\Zoolz2\ZoolzService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <36>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(INTERNET PROJECT LLC -> Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Tencent Technology(Shenzhen) Company Limited -> Tencent) C:\Program Files\txgameassistant\appmarket\QMEmulatorService.exe
(Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\Don Van Horne\AppData\Local\Kingsoft\WPS Office\11.2.0.9363\office6\wpscenter.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44024 2017-07-16] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\Run: [Voicemod] => C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe [2420168 2019-08-28] (Voicemod Sociedad Limitada -> Voicemod)
HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\MountPoints2: {0c7b13d5-52e3-11e7-a092-e06995fa1427} - J:\LaunchU3.exe -a
HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\MountPoints2: {d1ff534f-e17d-11e5-9127-e06995fa1427} - J:\LaunchU3.exe -a
HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\MountPoints2: {fd8c2287-f628-11e2-81e0-e06995fa1427} - J:\iStudio.exe
HKU\S-1-5-21-2844776404-49628929-1600567784-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44024 2017-07-16] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703\...\Run: [Voicemod] => C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe [2420168 2019-08-28] (Voicemod Sociedad Limitada -> Voicemod)
HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703\...\MountPoints2: {0c7b13d5-52e3-11e7-a092-e06995fa1427} - J:\LaunchU3.exe -a
HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703\...\MountPoints2: {d1ff534f-e17d-11e5-9127-e06995fa1427} - J:\LaunchU3.exe -a
HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703\...\MountPoints2: {fd8c2287-f628-11e2-81e0-e06995fa1427} - J:\iStudio.exe
HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-21-2844776404-49628929-1600567784-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164617845\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2011-06-20] (Hewlett-Packard Company) [File not signed]
HKU\S-1-5-21-2844776404-49628929-1600567784-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164617845\...\RunOnce: [Application Restart #0] => C:\Program Files\Microsoft Security Client\msseces.exe -Recover
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.61\Installer\chrmstp.exe [2020-05-26] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\79.1.2.41\Installer\chrmstp.exe [2020-01-06] (Brave Software, Inc.) [File not signed]
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{10880D85-AAD9-4558-ABDC-2AB1552D831F}] -> C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe [2011-06-20] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-10-25]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass -> )
Startup: C:\Users\Don Van Horne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Disabled [2013-05-24] ()
Startup: C:\Users\Don Van Horne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ivacy.lnk [2020-05-26]
ShortcutTarget: Ivacy.lnk -> C:\Program Files (x86)\Ivacy\Ivacy.exe (Ivacy Ltd -> )
BootExecute: autocheck autochk *  Partizan
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {061BA8C7-C9BE-42CB-AA80-B996A179B3E2} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {18DC4D9E-7891-47D2-BC53-9F103B1D6F9D} - System32\Tasks\HPCustParticipation HP DeskJet 2600 series => C:\Program Files\HP\HP DeskJet 2600 series\Bin\HPCustPartic.exe [6653064 2017-07-11] (Hewlett Packard -> HP Inc.)
Task: {18EF42A1-5D75-498F-A33B-871E8657636E} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_pepper.exe [1454136 2020-05-12] (Adobe Inc. -> Adobe)
Task: {2093C28C-2B40-4A7A-AF7B-AC5108FDFD4E} - System32\Tasks\WinSysCleanUAC => C:\Program Files\WinSysClean X7 PRO\WinSysClean.exe [18398360 2015-11-11] (Ultimate Systems -> Ultimate Systems, SRL)
Task: {218A1C90-88FF-4869-8E1F-60DD9D46634D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {2D64BBD1-1A6B-4520-91CE-96A72323F852} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2844776404-49628929-1600567784-1001UA => C:\Users\Don Van Horne\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-08-15] (Facebook, Inc. -> Facebook Inc.)
Task: {2E22CB27-B694-47D0-9C69-8DE04906C331} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files (x86)\UnHackMe\hackmon.exe [1091992 2018-12-17] (Greatis Software LLC -> Greatis Software)
Task: {37E5ED1B-5225-4692-8814-C560AB0D239E} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security Suite\Upgrade.exe [2162704 2020-03-20] (Symantec Corporation -> Symantec Corporation)
Task: {478213F3-A362-43B1-8CE0-C180DC84D38B} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2019-10-12] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {4B32FC0E-BC06-4C58-B4B7-19BC69F184CC} - System32\Tasks\WpsUpdateTask_Don Van Horne => C:\Users\Don Van Horne\AppData\Local\Kingsoft\WPS Office\11.2.0.9363\office6\wpsupdate.exe [157952 2020-05-21] (Zhuhai Kingsoft Office Software Co., Ltd. -> )
Task: {5A2D6350-2BA0-486D-AFE2-1FD705F29BA2} - System32\Tasks\Norton 360\Norton Security Suite Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\22.16.2.22\SymErr.exe
Task: {5B1C76C6-C563-46C9-8EB6-A73C8A1A6814} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\22.20.2.57\WSCStub.exe [645008 2020-03-20] (Symantec Corporation -> Symantec Corporation)
Task: {63EA5DE7-470C-466B-9E74-D8B983DA82E8} - System32\Tasks\Norton Security Suite\Norton Security Suite Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\22.20.2.57\SymErr.exe [117056 2020-03-20] (Symantec Corporation -> Symantec Corporation)
Task: {6D4EAD97-F101-44BF-965E-C994F06AB1D3} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2844776404-49628929-1600567784-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [187984 2013-08-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {6FCBA012-3DFD-4990-B430-A4FC9CAEDB72} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {70468692-AEE2-4F3C-BF78-445CB6B17BB6} - System32\Tasks\Hewlett-Packard\HP Assistant\HPSA Upgrade => C:\ProgramData\Hewlett-Packard\HPSAUpgrade3\HpSAUpgrade.exe [1251640 2013-01-09] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {75A76D2D-5E09-4F6A-8052-58EC56AE92AE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1301560 2011-02-23] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {78BF24DD-DC18-4163-8179-756D885E714C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [127176 2020-05-20] (Mozilla Corporation -> Mozilla Foundation)
Task: {7BD45CDC-009B-497D-898B-B77FEE72E359} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2844776404-49628929-1600567784-1001Core => C:\Users\Don Van Horne\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-08-15] (Facebook, Inc. -> Facebook Inc.)
Task: {80A0C8E0-8BE7-4D1C-B4F2-0A4EEA50FFED} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [897528 2017-07-16] (Glarysoft LTD -> Glarysoft Ltd)
Task: {89CCA673-A2F4-4699-BC5D-D660CDCDDE10} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_Plugin.exe [1458232 2020-05-12] (Adobe Inc. -> Adobe)
Task: {8A0E898E-1F5F-4BA6-9D79-ACC6DD20AB18} - System32\Tasks\Open URL by RoboForm => C:\Windows\system32\rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/uninstall.html?aaa=KICMJMGMPMNJIMOMNJIMCNJMLMGMKJCNLMNMLMIMCNNJOJMMPMCNNMMJPMKJOMMJKJLJHMPMHMNJJNJICMIMCNGMCNNMFMGMCNOMPMCNGMNMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMPMFMFMNMMMJNHICMIJAJLILJOMJNBJCMLLAJBJPNJKOJBJPNHLAJNIBJKJJNKJCMJNNICMJNDJCMKJBJ"
Task: {8A82F504-FCC0-4DD3-9658-56C0548F266C} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [134640 2017-07-16] (Glarysoft LTD -> Glarysoft Ltd)
Task: {8D481235-AD15-4985-ADAA-D55EDEB3DDC5} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2844776404-49628929-1600567784-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [233048 2013-08-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {8DACD8AA-C966-4963-AD63-0FAA3AF315CF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [12344 2013-07-09] (Hewlett-Packard Company -> Microsoft)
Task: {970A7A77-058A-4209-A68E-31F2C0A32906} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2844776404-49628929-1600567784-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [187984 2013-08-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {976A52EA-A8AE-437C-BDA3-D671F899EC92} - System32\Tasks\GMHSkipUAC => C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe [2358768 2017-07-16] (Glarysoft LTD -> Glarysoft Ltd)
Task: {A0A29FC1-BAE7-4F39-AE09-16A65BC2F5C0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1301560 2011-02-23] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {A4358AB7-10BC-4602-A98B-07BDDB4EE95C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {A6FD9788-3A54-4D2A-9EF7-6531C2569182} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2019-10-12] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {B20E4EDA-1D5D-4534-B579-38C837EB58E0} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2844776404-49628929-1600567784-1001 => C:\Users\Don Van Horne\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-02-07] (Mega Limited -> Mega Limited)
Task: {B68864E0-F2AA-42DB-A641-2D9C95274075} - System32\Tasks\Norton 360\Norton Security Suite Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\22.16.2.22\SymErr.exe
Task: {B75618BA-6B03-4881-8B2B-345A4E77EFD7} - System32\Tasks\HPCustPartic.exe_{3B501A62-F23B-4CB0-9BE8-FF553EBAF15B} => C:\Program Files\HP\HP DeskJet 2600 series\Bin\HPCustPartic.exe [6653064 2017-07-11] (Hewlett Packard -> HP Inc.)
Task: {BC46BBF7-AADD-4196-8687-33F22142963F} - System32\Tasks\GoogleUpdateTaskMachineUA1cff2fdd758a3e3 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {BCD995F5-6038-4186-AA84-D095C2C7DEDF} - System32\Tasks\HPCeeScheduleForDONVANHORNE-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [91704 2010-09-14] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {C02563E4-3133-4C2B-A008-EEA92F5E855B} - System32\Tasks\Trojan Remover => C:\Program Files\Loaris\Trojan Remover\ltr.exe [13416448 2015-02-02] () [File not signed]
Task: {C06E72E0-ED29-41FF-BBDD-1C0D86326BD5} - System32\Tasks\Norton Security Suite\Norton Security Suite Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\22.20.2.57\SymErr.exe [117056 2020-03-20] (Symantec Corporation -> Symantec Corporation)
Task: {C5D7207A-D386-4842-854D-8013657152AB} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2844776404-49628929-1600567784-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [187984 2013-08-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {DF6B8BC2-D398-42EC-A5F0-0D6236D9403F} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [742920 2019-02-05] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {E86A16B9-DEF6-44A4-88DC-5746A57DAF68} - System32\Tasks\Zoolz Start Backup => C:\Program Files\Genie9\Zoolz2\ZoolzLauncher.exe [395592 2019-06-20] (Genie9 LTD -> Genie9)
Task: {EF7F4BB1-1342-4A35-9405-6641CA682B28} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-05-12] (Adobe Inc. -> Adobe)
Task: {F754A0D0-361A-4638-A828-045A4B204B4E} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2844776404-49628929-1600567784-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [187984 2013-08-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {FC1F642C-122D-4BEB-8212-0107C8987458} - System32\Tasks\WpsExternal_Don Van Horne_20200521033502 => C:\Users\Don Van Horne\AppData\Local\Kingsoft\WPS Office\11.2.0.9363\office6\wps.exe [1065216 2020-05-21] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2844776404-49628929-1600567784-1001Core.job => C:\Users\Don Van Horne\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2844776404-49628929-1600567784-1001UA.job => C:\Users\Don Van Horne\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForDONVANHORNE-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 10 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{4E9E706F-1D22-4200-946F-FDF88D459214}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{4E9E706F-1D22-4200-946F-FDF88D459214}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{6C98BE56-189D-4D2C-88D2-A4C7E642731F}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{6C98BE56-189D-4D2C-88D2-A4C7E642731F}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{CA66EA55-F081-4FE4-88E4-23D5ABB24D40}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,10.0.0.3,1]
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2844776404-49628929-1600567784-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164617845\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPDSK/1
HKU\S-1-5-21-2844776404-49628929-1600567784-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164617845\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK/1
SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM -> {EDECF09A-4FFA-4871-B01A-9F71AE7066E9} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\.DEFAULT -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
SearchScopes: HKU\S-1-5-19 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164611320 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164611936 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2844776404-49628929-1600567784-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U453DF&PC=U453&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2844776404-49628929-1600567784-1001 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = 
SearchScopes: HKU\S-1-5-21-2844776404-49628929-1600567784-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U453DF&PC=U453&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2844776404-49628929-1600567784-1001 -> {180780f0-b348-4b44-8210-94a8f3ee15b2} URL = hxxp://search.comcast.net/search/?cat=Web&con=toolbar&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2844776404-49628929-1600567784-1001 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = &gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-2844776404-49628929-1600567784-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
SearchScopes: HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U453DF&PC=U453&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = 
SearchScopes: HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U453DF&PC=U453&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703 -> {180780f0-b348-4b44-8210-94a8f3ee15b2} URL = hxxp://search.comcast.net/search/?cat=Web&con=toolbar&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = &gct=kwd&qsrc=2869
SearchScopes: HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\22.20.2.57\coIEPlg.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-10-25] (LastPass -> LastPass)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc -> Google Inc.)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine32\22.20.2.57\coIEPlg.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-10-25] (LastPass -> LastPass)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-25] (Google Inc -> Google Inc.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-10-25] (LastPass -> LastPass)
Toolbar: HKLM - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 17\SPMIEToolbar64.dll [2016-07-28] (Steganos Software GmbH -> Steganos Software GmbH)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc -> Google Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\22.20.2.57\coIEPlg.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} -  No File
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-10-25] (LastPass -> LastPass)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine32\22.20.2.57\coIEPlg.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 17\SPMIEToolbar.dll [2016-07-28] (Steganos Software GmbH -> Steganos Software GmbH)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-25] (Google Inc -> Google Inc.)
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-2844776404-49628929-1600567784-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-2844776404-49628929-1600567784-1001 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\22.20.2.57\coIEPlg.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
Toolbar: HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-25] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\22.20.2.57\coIEPlg.dll [2020-03-20] (Symantec Corporation -> Symantec Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Software Sarl -> Skype Technologies)
 
FireFox:
========
FF DefaultProfile: 5tmeq4yc.default-1468950079443-1529608410322
FF ProfilePath: C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\5tmeq4yc.default-1468950079443-1529608410322 [2020-05-25]
FF user.js: detected! => C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\5tmeq4yc.default-1468950079443-1529608410322\user.js [2019-10-06]
FF Homepage: Mozilla\Firefox\Profiles\5tmeq4yc.default-1468950079443-1529608410322 -> hxxps://www.malwarebytes.org/restorebrowser/cpkqmx79bdfhjsw6uw6g_18_26_20&param1=1&param2=f%3D1%26b%3DFirefox%26cc%3Dus%26pa%3Dwingy%26cd%3D2XzuyEtN2Y1L1Qzu0EtDyCzyzyyD0F0AtCyEtByBtAyCtC0BtN0D0Tzu0StBtAyBtAtN1L2XzuyEtFtByCtFtDtFzytAtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyC0EyBtCtDyByByCtGtAtCtC0FtGyB0ByE0EtGtBzytC0FtGzzzzyCtDyD0A0FyB0A0D0EyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBzyyE1QzzyC1P1OtGyCtAyD1PtGyE1OtD1OtGzztAyB1PtGzzyE1Szz1RtC1R1S1StBzy1S2QtN0A0LzutDtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtAtDyEyBtCtBtAtB%26cr%3D1969344138%26a%3Dbgy_cpkqmx79bdfhjsw6uw6g_18_26_20%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
FF NetworkProxy: Mozilla\Firefox\Profiles\5tmeq4yc.default-1468950079443-1529608410322 -> type", 4
FF Notifications: Mozilla\Firefox\Profiles\5tmeq4yc.default-1468950079443-1529608410322 -> hxxps://www.youtube.com; hxxps://www.disclose.tv; hxxps://www.facebook.com
FF Extension: (clean-facebook) - C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\5tmeq4yc.default-1468950079443-1529608410322\Extensions\jid1-dwtGBwQjx3SUQc@jetpack.xpi [2019-02-22]
FF Extension: (LastPass: Free Password Manager) - C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\5tmeq4yc.default-1468950079443-1529608410322\Extensions\support@lastpass.com.xpi [2020-05-20]
FF Extension: (Google Translator for Firefox) - C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\5tmeq4yc.default-1468950079443-1529608410322\Extensions\translator@zoli.bod.xpi [2018-12-10]
FF Extension: (Image Zoom) - C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\5tmeq4yc.default-1468950079443-1529608410322\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi [2018-06-23] [Legacy]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\5tmeq4yc.default-1468950079443-1529608410322\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2020-05-20]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Don Van Horne\AppData\Roaming\Mozilla\Firefox\Profiles\5tmeq4yc.default-1468950079443-1529608410322\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-04-20]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: (RealDownloader) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-11-03] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [bonjour4firefox@apple.com] - C:\Program Files (x86)\Bonjour SDK\Bin\FirefoxExtension
FF Extension: (Bonjour Extension for Firefox) - C:\Program Files (x86)\Bonjour SDK\Bin\FirefoxExtension [2018-02-15] [Legacy] [not signed]
FF HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\Firefox\Extensions: [{A2E18BA9-E68C-4c96-AC77-E5F24DF98306}] - C:\Program Files (x86)\Allavsoft\Video Downloader Converter\extensions\3.12.8.6141\BVDFirefoxExt
FF Extension: (Allavsoft Firefox Extension) - C:\Program Files (x86)\Allavsoft\Video Downloader Converter\extensions\3.12.8.6141\BVDFirefoxExt [2016-11-10] [Legacy] [not signed]
FF HKU\S-1-5-21-2844776404-49628929-1600567784-1001\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Don Van Horne\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi
FF Extension: (Ace Script) - C:\Users\Don Van Horne\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi [2018-11-26]
FF HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703\...\Firefox\Extensions: [{A2E18BA9-E68C-4c96-AC77-E5F24DF98306}] - C:\Program Files (x86)\Allavsoft\Video Downloader Converter\extensions\3.12.8.6141\BVDFirefoxExt
FF HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Don Van Horne\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_371.dll [2020-05-12] (Adobe Inc. -> )
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-10-25] (LastPass -> LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_371.dll [2020-05-12] (Adobe Inc. -> )
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] (Apple Inc. -> )
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-10-25] (LastPass -> LastPass)
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll [2011-08-11] (McAfee, Inc. -> McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2013-11-03] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.) [File not signed]
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.) [File not signed]
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.) [File not signed]
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2013-11-03] (RealNetworks, Inc. -> RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealNetworks, Inc. -> RealDownloader)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-10-12] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-10-12] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2013-08-05] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2844776404-49628929-1600567784-1001: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll [2010-04-09] (Hulu -> Hulu LLC)
FF Plugin HKU\S-1-5-21-2844776404-49628929-1600567784-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Don Van Horne\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Software Sarl -> Skype Limited)
FF Plugin HKU\S-1-5-21-2844776404-49628929-1600567784-1001: @stickypassword.com/Sticky Password -> C:\Program Files (x86)\Sticky Password\npspAutofill.dll [2013-08-01] (Lamantine Software a.s. -> Lamantine Software a.s.)
FF Plugin HKU\S-1-5-21-2844776404-49628929-1600567784-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Don Van Horne\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-06] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll [2010-04-09] (Hulu -> Hulu LLC)
FF Plugin HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Don Van Horne\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Software Sarl -> Skype Limited)
FF Plugin HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703: @stickypassword.com/Sticky Password -> C:\Program Files (x86)\Sticky Password\npspAutofill.dll [2013-08-01] (Lamantine Software a.s. -> Lamantine Software a.s.)
FF Plugin HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703: @zoom.us/ZoomVideoPlugin -> C:\Users\Don Van Horne\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-06] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-2844776404-49628929-1600567784-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164617845: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll [2010-04-09] (Hulu -> Hulu LLC)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default [2020-05-26]
CHR Notifications: Default -> hxxps://americanmilitarynews.os.tc; hxxps://saraacarter.com; hxxps://twitter.com; hxxps://wg1wga.com; hxxps://www.infowars.com; hxxps://www.wondershare.net; hxxps://www.youtube.com; hxxps://youtube.notification-0.com
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://search.yahoo.com/?type=994519&fr=yo-yhp-ch","hxxps://www.google.com/?trackid=sp-006"
CHR DefaultSearchURL: Default -> hxxps://www.searchsecurepro.co/search.php?type=search&id=MTI4NzU&q={searchTerms}
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://auto.searchsecurepro.co/autocomplete.js?omni=true&appId=MTI4NzU&q={searchTerms}
CHR Extension: (Google Translate) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-04-20]
CHR Extension: (Slides) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Norton Password Manager) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\admmjipmmciaobhojoghlmleefbicajg [2020-05-11]
CHR Extension: (Web) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\amhckedkghbciendefbknenmokkgcnfa [2020-04-22]
CHR Extension: (Docs) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Google Drive) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-01]
CHR Extension: (YouTube) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-24]
CHR Extension: (Honey) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2020-04-20]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-20]
CHR Extension: (Plugins) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\chemohaemmfhjpmlgkmkanfpfbkaihop [2017-07-03]
CHR Extension: (Google Search) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-24]
CHR Extension: (Yahoo Partner) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\facbafpefjlcpifgggajlhdafafocnef [2019-05-30]
CHR Extension: (Sheets) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Norton Safe Web) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2020-05-11]
CHR Extension: (Google Docs Offline) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-26]
CHR Extension: (Hola Free VPN, unblock any site!) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2020-05-19]
CHR Extension: (Norton Safe) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbmobhkkblcgdifigjglcjneplefbkmh [2017-04-29]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-05-14]
CHR Extension: (Xfinity) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\hemjgdpngmhbimofcicjfhibkdbigdmb [2014-11-05]
CHR Extension: (Norton Identity Safe) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-02-15]
CHR Extension: (Grammarly for Chrome) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2020-05-26]
CHR Extension: (PeerName) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdihlopcnkjinfjhbeopjfmnfpcoaop [2019-09-12]
CHR Extension: (MeddleMonkey) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\moihledlmchhofenpacbhphnbnpakgmo [2020-03-31]
CHR Extension: (Norton Safe) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpnlkmlkncncpgnnkmkgoobfpnjmblnk [2020-05-09]
CHR Extension: (Wikibuy from Capital One) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2020-05-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-02]
CHR Extension: (Gmail) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-22]
CHR Extension: (Chrome Media Router) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-26]
CHR Extension: (Social Translator (discontinued)) - C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Default\Extensions\plofenifjagmdikfcobngnfmmnfmphin [2016-10-14]
CHR Profile: C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-02-14]
CHR Profile: C:\Users\Don Van Horne\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-02]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.20.2.57\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKU\S-1-5-21-2844776404-49628929-1600567784-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
CHR HKU\S-1-5-21-2844776404-49628929-1600567784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05262020164612703\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security Suite\Engine\22.20.2.57\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [dhancbnhabhandieicagelcddkdfgoif] - C:\Program Files (x86)\Allavsoft\Video Downloader Converter\extensions\3.12.8.6141\BVDChromeExt.crx [2016-11-10]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd]
CHR HKLM-x32\...\Chrome\Extension: [hemjgdpngmhbimofcicjfhibkdbigdmb] - C:\ProgramData\comcastModemRelease\shortcuts\chrome\xfinity.crx [2013-02-08]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AegLauncher; C:\Program Files\MobiGame\aeg_launcher.exe [7183872 2020-02-09] () [File not signed]
S3 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-02] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
S3 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [237056 2012-04-26] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AtomicAlarmClock; C:\Program Files (x86)\Atomic Alarm Clock\timeserv.exe [2007040 2013-04-24] () [File not signed]
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2019-10-12] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2019-10-12] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 CLKMSVC10_38F51D56; c:\Program Files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-01-25] (CyberLink -> CyberLink)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo Uninstaller 2017\DfSdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
S3 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-10-30] (Digital Wave Ltd -> Digital Wave Ltd.)
S3 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database_b83fa2\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database_b83fa2\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81392 2019-08-01] (INTERNET PROJECT LLC -> Freemake)
S3 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2018-03-02] (Ellora Assets Corp.) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [255040 2014-09-28] (WildTangent Inc -> WildTangent)
S3 GSService; C:\Windows\SysWOW64\GSService.exe [505056 2013-09-09] (cyan soft ltd -> )
S3 HideMyIpSRV; C:\Program Files (x86)\Hide My IP 6\HideMyIpSRV.exe [4375792 2015-10-07] (My Privacy Tools, Inc. -> Hide My IP)
S3 Leawo_service; C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe [1232880 2014-05-04] (Shenzhen Moyea Software -> )
S3 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-06-20] (Hewlett-Packard Company) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [502032 2011-10-18] (McAfee, Inc. -> McAfee, Inc.)
S3 MediaMall Server; C:\Program Files (x86)\MediaMall\MediaMallServer.exe [7604320 2019-09-13] (MediaMall Technologies, Inc. -> MediaMall Technologies, Inc.)
R2 MobiGameUpdater; C:\Program Files\MobiGame\MobiGameUpdater.exe [202240 2020-02-09] () [File not signed]
S2 NortonSecurity; C:\Program Files (x86)\Norton Security Suite\Engine\22.20.2.57\NortonSecurity.exe [344760 2020-03-20] (Symantec Corporation -> Symantec Corporation)
S3 OpenVPNService; C:\Program Files (x86)\Ivacy\bin\openvpnserv.exe [26416 2016-05-24] (Ivacy Ltd -> The OpenVPN Project)
S3 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1793088 2017-11-08] (PDF Complete Inc. -> PDF Complete Inc)
S3 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-04-24] (Sony Corporation -> Sony Corporation)
R2 QMEmulatorService; C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe [166384 2019-12-11] (Tencent Technology(Shenzhen) Company Limited -> Tencent)
S3 rccsvc; C:\Program Files (x86)\Quietzone\RQZ\rccsvc.exe [2043392 2014-04-10] (CJSC Returnil Software -> Returnil and its licensors)
S3 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] (RealNetworks, Inc. -> )
S3 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [272024 2007-05-13] (CyberLink -> )
S3 RoxioNow Service; C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [399344 2010-11-26] (Sonic Solutions -> Roxio)
S3 rsssvc; C:\Program Files (x86)\Quietzone\RQZ\rsssvc.exe [1061808 2014-04-10] (CJSC Returnil Software -> Returnil and its licensors)
S3 SophosVirusRemovalTool; C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe [152872 2014-08-11] (Sophos Limited -> Sophos Limited)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [318464 2012-04-24] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer -> TeamViewer GmbH)
S3 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [308088 2015-12-07] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
S3 wpscloudsvr; C:\Users\Don Van Horne\AppData\Local\Kingsoft\WPS Office\wpscloudsvr.exe [791296 2020-05-21] (Zhuhai Kingsoft Office Software Co., Ltd. -> Zhuhai Kingsoft Office Software Co.,Ltd)
R2 Zoolz 2 Service; C:\Program Files\Genie9\Zoolz2\ZoolzService.exe [478536 2019-06-20] (Genie9 LTD -> Genie9)
S3 {0CBD4F48-3751-475D-BE88-4F271385B672}; C:\Program Files\Shadow Defender\Service.exe [74936 2015-08-26] (Yang Ping -> SHADOWDEFENDER.COM)
S2 ACPService; "C:\Program Files (x86)\Philips\CamSuite\2.0.15.0\ACPService.exe" [X]
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [11172864 2012-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [339456 2012-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (APOWERSOFT LIMITED -> Wondershare)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [94720 2014-06-21] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-20] (AVG Technologies -> AVG Technologies)
S1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\BASHDefs\20200526.001\BHDrvx64.sys [1952136 2020-02-10] (Symantec Corporation -> Symantec Corporation)
R1 ccSet_NGC; C:\Windows\System32\drivers\NGCx64\1614020.039\ccSetx64.sys [192376 2020-03-20] (Symantec Corporation -> Symantec Corporation)
S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [24376 2010-03-01] (Hewlett-Packard Company -> )
S3 cqcpu; C:\Windows\System32\drivers\cqcpu.sys [24376 2010-03-01] (Hewlett-Packard Company -> )
S3 DigiartyVirtualCDBus; C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [276256 2014-01-17] (Digiarty, Inc. -> Digiarty Software, Inc.)
R0 diskpt; C:\Windows\System32\drivers\diskpt.sys [422584 2015-08-26] (Yang Ping -> SHADOWDEFENDER.COM)
R3 dvdfab; C:\Windows\System32\drivers\dvdfab.sys [79232 2011-08-15] (Fengtao Software Inc. -> Fengtao Software Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [516784 2019-10-09] (Symantec Corporation -> Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [154288 2019-10-12] (Symantec Corporation -> Symantec Corporation)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2017-07-31] (Glarysoft Ltd -> Glarysoft Ltd)
S3 GUMHFilters; C:\Program Files (x86)\Glarysoft\Malware Hunter\Native\winxp_x64\GUMHFilter.sys [41272 2017-06-29] (Glarysoft LTD -> GlarySoft Ltd)
R1 GUSBootStartup; C:\Windows\System32\drivers\GUSBootStartup.sys [20160 2017-07-31] (Glarysoft Ltd -> Glarysoft Ltd)
R3 HCW723x; C:\Windows\System32\DRIVERS\HCW723x.sys [1847680 2012-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Hauppauge Computer Works, Inc.)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\Definitions\IPSDefs\20200526.061\IDSvia64.sys [1451016 2020-04-06] (Symantec Corporation -> Symantec Corporation)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2020-05-26] (Malwarebytes Corporation -> Malwarebytes)
R1 MobiVBoxDrv; C:\Program Files\MobiGame\vbox\MobiVBoxDrv.sys [314688 2020-02-04] (Iron Entertainment Inc. -> Oracle Corporation)
R3 msvad_simple; C:\Windows\System32\drivers\povrtdev.sys [28528 2013-03-05] (MediaMall Technologies, Inc. -> MediaMall Technologies, Inc.)
R3 netr28x; C:\Windows\System32\DRIVERS\netr28x.sys [2473616 2014-12-10] (MEDIATEK INC. -> MediaTek Inc.)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2018-12-19] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [40304 2018-12-21] (Greatis Software LLC -> Greatis Software)
R3 PCWinSoft; C:\Windows\System32\DRIVERS\scrcamhrdrv_x64.sys [241800 2012-10-11] (PCWinSoft Systems Informatica Ltda -> Windows ® Server 2003 DDK provider)
S3 phaudlwr; C:\Windows\System32\DRIVERS\phaudlwr.sys [114608 2009-10-20] (PHAUD -> Philips Applied Technologies)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Research In Motion Limited)
R0 rmseffmv; C:\Windows\System32\drivers\rmseffmv.sys [31432 2014-04-10] (CJSC Returnil Software -> CJSC Returnil Software)
R0 rmseng; C:\Windows\System32\drivers\rmseng.sys [333728 2014-04-10] (CJSC Returnil Software -> CJSC Returnil Software)
R1 SLEE_19_DRIVER; C:\Windows\Sleen1964.sys [117848 2016-07-28] (Softwareentwicklung Patric Remus - ArchiCrypt - (Patric W.Remus) -> Softwareentwicklung Remus - ArchiCrypt - )
S3 SPC620; C:\Windows\System32\drivers\SPC620.sys [581120 2007-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Philips )
S3 SPC620m; C:\Windows\System32\drivers\SPC620m.sys [8192 2007-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Philips )
R1 SRTSP; C:\Windows\System32\drivers\NGCx64\1614020.039\SRTSP64.SYS [889520 2020-03-20] (Symantec Corporation -> Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\drivers\NGCx64\1614020.039\SRTSPX64.SYS [50864 2020-03-20] (Symantec Corporation -> Symantec Corporation)
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [536576 2012-04-24] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 swg3kser00; C:\Windows\System32\DRIVERS\swg3kser00.sys [258432 2011-05-13] (Microsoft Windows Hardware Compatibility Publisher -> Sierra Wireless Incorporated)
S3 swiwdmbx; C:\Windows\System32\DRIVERS\swiwdmbx64.sys [109312 2011-05-16] (Microsoft Windows Hardware Compatibility Publisher -> Sierra Wireless Inc.)
S3 SWNC8UA3; C:\Windows\System32\DRIVERS\swnc8ua3.sys [297472 2011-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Sierra Wireless Inc.)
R0 SymEFASI; C:\Windows\System32\drivers\NGCx64\1614020.039\SYMEFASI64.SYS [1964552 2020-03-20] (Symantec Corporation -> Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100064 2019-03-19] (Symantec Corporation -> Symantec Corporation)
S3 SymEvnt; C:\Program Files (x86)\Norton Security Suite\NortonData\22.5.2.15\SymPlatform\SymEvnt.sys [712368 2020-01-09] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\Windows\System32\drivers\NGCx64\1614020.039\Ironx64.SYS [316656 2020-03-20] (Symantec Corporation -> Symantec Corporation)
R1 SymNetS; C:\Windows\System32\drivers\NGCx64\1614020.039\symnets.sys [575280 2020-03-20] (Symantec Corporation -> Symantec Corporation)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [39728 2016-05-24] (Ivacy Ltd -> The OpenVPN Project)
S3 tesrsdt; C:\Windows\system32\drivers\tesrsdt.sys [432840 2019-12-14] (Tencent Technology(Shenzhen) Company Limited -> TENCENT)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [545568 2019-12-14] (Tencent Technology(Shenzhen)

#4 Android 8888

Android 8888

    SWI Malware Tracker

  • Trusted Advisor*
  • PipPipPipPipPip
  • 1,199 posts

Posted 28 May 2020 - 09:07 AM

mvtrucking,

 

The log you posted was cut off. I need to see its entire content.

Please open the FRST.txt file, then select the whole content and copy/paste it in another reply.

 

Thank you.

 

Android8888


Android 8888
 
Website: http://android8888.comlu.com
 
Tavira - Here's where I live!
 
Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"
 
Our help is free, but if you wish to help keep these forums running please consider a donation; Please see This Topic for details.

#5 Android 8888

Android 8888

    SWI Malware Tracker

  • Trusted Advisor*
  • PipPipPipPipPip
  • 1,199 posts

Posted 04 June 2020 - 02:49 PM

Hello mvtrucking,

 

It has been past one week since my last post. Do you still need assistance with your computer issue?

 

Android 8888


Android 8888
 
Website: http://android8888.comlu.com
 
Tavira - Here's where I live!
 
Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"
 
Our help is free, but if you wish to help keep these forums running please consider a donation; Please see This Topic for details.

#6 Android 8888

Android 8888

    SWI Malware Tracker

  • Trusted Advisor*
  • PipPipPipPipPip
  • 1,199 posts

Posted 27 July 2020 - 04:05 AM

Due to the lack of feedback, this topic is closed.

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter.

Everyone else, please begin a New Topic.


Android 8888
 
Website: http://android8888.comlu.com
 
Tavira - Here's where I live!
 
Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"
 
Our help is free, but if you wish to help keep these forums running please consider a donation; Please see This Topic for details.




Member of UNITE
Support SpywareInfo Forum - click the button