In Progress Laptop suddenly running sloooow

[asuss06]

ive got a laptop barely 2 yrs old and its suddenly running so slow. even typing this is on a 5 second delay. Photoshop actions are on a long delay and opening up windows will take a good minute or more. ive ran a virus scan on ESET NOD32 and theres nothing. i assume there is a scan of your own someone could help me with to troubleshoot this? any help would be appreciated. (i would have just clicked on another thread with the same issues. but it looks like i would need one-on-one assisance most likely)
thank you in advance.
Laptop info:
OS Version: Microsoft Windows 10 Home, 64 bit, Build 19041, Installed 20200927141629.000000-420
Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz, Intel64 Family 6 Model 142 Stepping 9, CPU Count: 4
Total Physical RAM: 8 GB
Graphics Card: Intel(R) HD Graphics 620, 1024 MB
Hard Drives: C: 914 GB (724 GB Free); D: 16 GB (1 GB Free);
Motherboard: HP 84CA, ver KBC Version 74.33, s/n PHTGF00WBBB5L3
System: Insyde, ver HPQOEM - 0, s/n 5CG8378ZQQ
Antivirus: Windows Defender, Disabled (running ESET NOD32 instead)

 

[iMacg3]

Hi asuss06, welcome to the TechSupportGuy malware removal forum.

I am iMacg3 and will be helping you with your computer problems.

Please keep the following information in mind before we begin:

• Back up any important data before we continue.
  • Back up any important data on your computer to external media. I will not knowingly suggest any steps that will damage your computer; however, malware infections are often unpredictable and it may be necessary to reformat and reinstall your operating system depending on the infection.
• Do not install any new software or run any fixes/tools on your system unless I request that you do so.
  • Running additional tools on your system can interfere with the clean-up process, or cause issues such as false positives.
• Please read all instructions carefully, and complete them in the order listed.
  • Items that are especially important will be highlighted in bold or red.
• If your computer seems to start working normally, please don't abandon the topic.
  • Even if your system is behaving normally, there may still be some malware remnants left over. Additionally, malware can re-infect the computer if some remnants are left. Therefore, please complete all requested steps to make sure any malware is successfully eradicated from your PC.
• If you have pirated or illegal software on your computer, uninstall it now before proceeding.
  • Using pirated/cracked software is an easy way to infect your computer - almost as easy as intentionally downloading malware. Therefore, please remove any, if present, before we begin the clean-up.
• If you don't respond to your topic in 5 days, I will have to leave the topic due to lack of response.
  • If this happens and you still need assistance, respond back to the thread.
• If you have questions at any time during the cleanup, feel free to ask.

---------------------------------------------------

Please download and run the following tool

---------------------------------------------------
Farbar Recovery Scan Tool (FRST)

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, and that will be the right version.

• Right-click FRST.exe/FRST64.exe then click "Run as administrator"
• When the tool opens, click Yes to the disclaimer.
• Press the Scan button.
• When finished, it will produce logs called FRST.txt and Addition.txt in the same directory the tool was run from.
• Please attach the logs in your next reply.

---------------------------------------------------

In your next reply, please include the following logs:

• FRST.txt
• Addition.txt

 

[asuss06]

I ran the program and tried to submit it in a new post, but i get an error that the message is too long and that i need to shorten it. They are HUGE files! am i supposed to just select a certain portion of it?
It did let me paste the "Additional txt" and there were some interesting notes about possible malware, etc. its all below. im sure you need the FRST. txt but its too big to paste and send. let me know if theres a particular part you want me to send.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-10-2020
Ran by Andrew Sussmann (18-10-2020 19:00:12)
Running from C:\Users\Andrew Sussmann\Documents
Windows 10 Home Version 2004 19041.572 (X64) (2020-09-27 21:16:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2616658645-1084935336-1968381307-500 - Administrator - Disabled)
Andrew Sussmann (S-1-5-21-2616658645-1084935336-1968381307-1001 - Administrator - Enabled) => C:\Users\Andrew Sussmann
DefaultAccount (S-1-5-21-2616658645-1084935336-1968381307-503 - Limited - Disabled)
Guest (S-1-5-21-2616658645-1084935336-1968381307-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2616658645-1084935336-1968381307-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 1.6 - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Avanquest Message (HKU\S-1-5-21-2616658645-1084935336-1968381307-1001\...\{20573C69-4A68-4BEF-A23D-365CB66924CE}) (Version: 2.08.0 - Avanquest Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 107.4.443 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.335.1 - Dropbox, Inc.) Hidden
Easy Photo Scan (HKLM-x32\...\{9E3F2EC3-7E4F-4F20-A56F-7A24D6E3D39B}) (Version: 1.00.0017 - Seiko Epson Corporation)
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Epson Event Manager (HKLM-x32\...\{D671B128-49E4-45DA-B804-4B7421B823D7}) (Version: 3.11.0025 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{9ABD2971-9B8B-4958-9100-4EAFCC32A86D}) (Version: 3.0.0.0 - Seiko Epson Corporation)
Epson ReadyInk Agent (A) (HKLM-x32\...\{A9B4584F-A29E-4880-97E6-1744B4AF2AF8}) (Version: 1.0.2.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{FD036A57-F81D-4865-AAF0-811558EA76AE}) (Version: 4.5.1 - Seiko Epson Corporation)
EPSON XP-6000 Series Printer Uninstall (HKLM\...\EPSON XP-6000 Series) (Version: - Seiko Epson Corporation)
EPSON XP-7100 Series Printer Uninstall (HKLM\...\EPSON XP-7100 Series) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
ESET Security (HKLM\...\{F1544F11-BFCC-43CC-9D0C-169A7E99369E}) (Version: 13.2.18.0 - ESET, spol. s r.o.)
FastStone Image Viewer 6.7 (HKLM-x32\...\FastStone Image Viewer) (Version: 6.7 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.75 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.17.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 - HP Inc.)
HP PC Hardware Diagnostics Windows (HKLM-x32\...\{556FE7B3-1305-4675-BEC8-B21D4D1A602D}) (Version: 1.6.4.0 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{4AAC4B07-77EF-4BCF-88DC-D24E4DE683E8}) (Version: 8.8.34.31 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{63F82052-C045-4F97-A3CA-C41D2CCA1FFA}) (Version: 12.18.34.21 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{57058272-92B0-4EFA-8FDD-ED3E5D689D37}) (Version: 1.4.32 - HP Inc.)
InPixio Photo Eraser 7 (HKLM-x32\...\{3F929E89-082E-4FC5-B74B-821507FD7C8A}) (Version: 7.2 - InPixio)
InstaCards (HKLM-x32\...\{58259C24-7B5E-4977-93B0-E9EEA1B884CE}) (Version: 1.7.0 - InPixio)
Intel(R) Chipset Device Software (HKLM-x32\...\{9154f79b-8fb8-46ef-b7a6-95f136391303}) (Version: 10.1.17479.8054 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10208.5644 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1068 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6444 - Intel Corporation)
Intel® Software Guard Extensions Platform Software (HKLM\...\{E79CF6E2-E3E4-46FD-874E-C607F427FBA9}) (Version: 1.9.105.42143 - Intel Corporation)
IrfanView 4.53 (64-bit) (HKLM\...\IrfanView64) (Version: 4.53 - Irfan Skiljan)
Mailspring (HKU\S-1-5-21-2616658645-1084935336-1968381307-1001\...\Mailspring) (Version: 1.7.8 - Foundry 376, LLC)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 86.0.622.43 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.49 - )
Microsoft OneDrive (HKU\S-1-5-21-2616658645-1084935336-1968381307-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0006 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.88 - REALTEK Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.113 - REALTEK Semiconductor Corp.)
Restore Windows Photo Viewer for Windows 10 (HKLM\...\Restore Windows Photo Viewer for Windows 10_is1) (Version: - Authorsoft Corporation)
ScreenHunter 7.0 Free (HKLM-x32\...\ScreenHunter 7.0 Free_is1) (Version: 7.0.333 - Wisdom Software Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.1.46 - WildTangent)
WildTangent Helper (HKLM-x32\...\{A39303AB-4898-4F12-BAA0-0B8630F86DB4}) (Version: 1.0.0.428 - WildTangent) Hidden
WildTangent ShortcutProvider (HKLM-x32\...\{80831F60-19D7-43B3-A60C-5CAF8C478DF6}) (Version: 1.0.0.59 - WildTangent) Hidden
WinZip 20.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24105}) (Version: 20.5.12118 - WinZip Computing, S.L. )
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
Wondershare UniConverter(Build 12.0.2.4) (HKLM\...\UniConverter_is1) (Version: 12.0.2.4 - Wondershare Software)
Wondershare Video Converter Ultimate(Build 10.4.1.188) (HKLM-x32\...\Video Converter Ultimate_is1) (Version: 10.4.1.188 - Wondershare Software)

Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2020-02-19] (Amazon.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1871.1.0_x86__kgqvnymyfvs32 [2020-10-14] (king.com)
ELAN Touchpad Setting -> C:\Program Files\WindowsApps\ELANMicroelectronicsCorpo.ELANTouchpadSetting_11.2.63.0_x64__stws0m115j6hg [2019-04-03] (ELAN Microelectronics Corporation)
File Conversion Tools -> C:\Program Files\WindowsApps\30051teq-IT.FileConversionTools_1.1.0.0_x64__z9k3jabemswwg [2018-12-09] (teq-IT) [MS Ad]
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2018-12-09] (Fitbit)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.4.481.0_x86__v10z8vjag6ke6 [2018-09-16] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_120.1.741.0_x64__v10z8vjag6ke6 [2020-10-08] (HP Inc.)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.2765.0_x64__8j3eq9eme6ctt [2020-09-28] (INTEL CORP) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-18] (INTEL CORP)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2018-12-07] (LinkedIn)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.39.0_x64__wafk5atnkzcwy [2020-06-06] (McAfee LLC.)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.13231.20390.0_x86__8wekyb3d8bbwe [2020-10-15] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.13231.20390.0_x86__8wekyb3d8bbwe [2020-10-15] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.13231.20390.0_x86__8wekyb3d8bbwe [2020-10-15] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13231.20390.0_x86__8wekyb3d8bbwe [2020-10-15] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.13231.20390.0_x86__8wekyb3d8bbwe [2020-10-15] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.13231.20390.0_x86__8wekyb3d8bbwe [2020-10-15] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-18] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.13231.20390.0_x86__8wekyb3d8bbwe [2020-10-15] (Microsoft Corporation)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-13] (Netflix, Inc.)
Power Media Player 14 for HP Consumer PCs with DVD -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.PowerMediaPlayer14forHPConsumerPC_14.2.9528.0_x86__06qsbagp91rvg [2019-01-26] (CYBERLINKCOM CORP)
Priceline.com: The Best Deals on Hotels, Flights and Rental Cars -> C:\Program Files\WindowsApps\PricelinePartnerNetwork.Priceline.comTheBestDealso_2.0.4.0_x64__mgae2k3ys4ra0 [2020-09-18] (Priceline Partner Network)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_6.20.87.0_x64__kx24dqmazqk8j [2020-09-09] (Random Salad Games LLC)
WildTangent Games -> C:\Program Files\WindowsApps\WildTangentGames.63435CFB65F55_2.0.82.0_x64__qt5r5pa5dyg8m [2020-01-07] (WildTangent Games)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2616658645-1084935336-1968381307-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Andrew Sussmann\Dropbox [2018-12-07 21:06]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-09-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2016-04-28] (WinZip Computing LLC -> WinZip Computing, S.L.)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-09-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2016-04-28] (WinZip Computing LLC -> WinZip Computing, S.L.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-09-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2016-04-28] (WinZip Computing LLC -> WinZip Computing, S.L.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Andrew Sussmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\µTorrent\µTorrent Homepage.lnk -> hxxp://www.utorrent.com

==================== Loaded Modules (Whitelisted) =============

2010-02-22 05:50 - 2010-02-22 05:50 - 000060416 _____ () [File not signed] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\zlib1.dll
2010-04-07 03:45 - 2010-04-07 03:45 - 000050176 _____ () [File not signed] C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\QuickTimeGlue.dll
2010-03-09 18:30 - 2010-03-09 18:30 - 014431464 _____ (Adobe Systems Incorporated -> Adobe Systems Incorporated) [File not signed] [File is in use] C:\Program Files\Common Files\Adobe\Plug-Ins\CS5\File Formats\Camera Raw.8bi
2010-04-07 03:19 - 2010-04-07 03:19 - 000282568 _____ (Adobe Systems Incorporated -> Adobe Systems Incorporated) [File not signed] C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\ahclient.dll
2010-04-07 04:34 - 2010-04-07 04:34 - 003876864 _____ (Adobe Systems Incorporated) [File not signed] [File is in use] C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Plug-ins\Extensions\ScriptingSupport.8li
2010-04-07 04:42 - 2010-04-07 04:42 - 004685312 _____ (Adobe Systems Incorporated) [File not signed] [File is in use] C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Plug-ins\File Formats\Dicom.8BI
2010-04-07 03:46 - 2010-04-07 03:46 - 000482304 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\aif_core.dll
2010-04-07 03:49 - 2010-04-07 03:49 - 002993664 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\aif_ogl.dll
2010-04-07 03:47 - 2010-04-07 03:47 - 000142336 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\data_flow.dll
2010-04-07 03:53 - 2010-04-07 03:53 - 000901632 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\image_flow.dll
2010-04-07 03:51 - 2010-04-07 03:51 - 000186880 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\image_runtime.dll
2010-04-07 04:28 - 2010-04-07 04:28 - 001947648 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Plug-ins\ADM\ADMPlugin.apl
2010-04-07 04:35 - 2010-04-07 04:35 - 000042496 _____ (Adobe Systems, Incorporated) [File not signed] [File is in use] C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Plug-ins\Extensions\FastCore.8BX
2010-04-07 04:36 - 2010-04-07 04:36 - 000279040 _____ (Adobe Systems, Incorporated) [File not signed] [File is in use] C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Plug-ins\Extensions\MMXCore.8BX
2010-04-07 04:27 - 2010-04-07 04:27 - 000446976 _____ (Adobe Systems, Incorporated) [File not signed] [File is in use] C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Plug-ins\Extensions\MultiProcessor Support.8BX
2010-04-07 03:48 - 2010-04-07 03:48 - 001986560 _____ (Adobe Systems, Incorporated) [File not signed] C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\PSViews.dll
2010-04-07 03:15 - 2010-04-07 03:15 - 002923008 _____ (Intel Corporation) [File not signed] C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\libmmd.dll
2010-04-07 03:22 - 2010-04-07 03:22 - 000237056 _____ (Intel Corporation) [File not signed] C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\tbb.dll
2010-04-07 03:26 - 2010-04-07 03:26 - 003840000 _____ (NVIDIA Corporation) [File not signed] C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\cg.dll
2010-04-07 03:26 - 2010-04-07 03:26 - 000392192 _____ (NVIDIA Corporation) [File not signed] C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\cgGL.dll
2016-09-14 15:31 - 2016-09-14 15:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
2010-02-22 05:50 - 2010-02-22 05:50 - 000192512 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\libcurl.dll
2010-02-22 05:50 - 2010-02-22 05:50 - 001028096 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\LIBEAY32.dll
2010-02-22 05:50 - 2010-02-22 05:50 - 000196608 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\SSLEAY32.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Andrew Sussmann\Documents\band contacts.rtf:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Andrew Sussmann\Documents\IRS letter Andrew Sussmann.jpg:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Andrew Sussmann\Documents\masked woman.jpg:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Andrew Sussmann\Documents\old tats:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Andrew Sussmann\Documents\RestoreWindowsPhotoViewerSetup.exe:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Andrew Sussmann\Documents\RestoreWindowsPhotoViewerSetup.exe:com.dropbox.attrs [58]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2616658645-1084935336-1968381307-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2616658645-1084935336-1968381307-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {12FF613D-8721-4EAD-9E1D-2CAD95E367F3} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {12FF613D-8721-4EAD-9E1D-2CAD95E367F3} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2616658645-1084935336-1968381307-1001 -> {12FF613D-8721-4EAD-9E1D-2CAD95E367F3} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-11 16:38 - 2018-04-11 16:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2616658645-1084935336-1968381307-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Andrew Sussmann\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img2.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "FAH.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Update Notifier.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-2616658645-1084935336-1968381307-1001\...\StartupApproved\Run: => "Avanquest Message"
HKU\S-1-5-21-2616658645-1084935336-1968381307-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A61BD4D7-422E-4A7B-894D-7FA6F6E71174}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1FBC3A81-58F0-430D-BFCF-14678D0940F0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9C2C4B12-02CC-43BF-B1D9-63A61B715F27}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8430B60A-0B7B-4B06-B414-E3BD473B4410}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{53C2E315-7FC9-471D-89BB-49F898709616}] => (Allow) C:\Users\Andrew Sussmann\AppData\Local\Temp\XP-7100\Network\EpsonNetSetup\ENEasyApp.exe => No File
FirewallRules: [{C0A2504A-F4E1-4CDE-A2BA-11B0CC9D60BA}] => (Allow) C:\Users\Andrew Sussmann\AppData\Local\Temp\XP-7100\Network\EpsonNetSetup\ENEasyApp.exe => No File
FirewallRules: [{41B04590-1D39-4188-9E10-5779A0F052E5}] => (Allow) C:\Users\Andrew Sussmann\AppData\Local\Temp\7zS53CE\HP.EasyStart.exe => No File
FirewallRules: [{C327DE86-0287-4AE4-93D3-313C368B9668}] => (Allow) C:\Users\Andrew Sussmann\AppData\Local\Temp\7zS4240\HP.EasyStart.exe => No File
FirewallRules: [{1D92CAFE-BC0F-46D0-A2E8-E43AC549798F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C7FC2FF4-BBD4-494F-9D2D-E6FDF4C6A9AE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7D02059A-939E-4C67-A9E1-4B39384FEE13}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{672B3124-41FC-4B79-832C-3B37553E8777}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{151304D9-7D55-4C4F-BF44-37182E17FB54}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{8CA4178A-4D1E-4824-9653-D7F1D33017BF}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{68002D3F-8793-418F-BE2A-A296E9D833C2}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [{09C9E295-E568-4E4C-8755-8E5C771AA69D}] => (Allow) C:\Program Files (x86)\uTorrent\utorrent.exe () [File not signed]
FirewallRules: [{EFF58D32-2AB1-41E3-A446-12B106DA18C6}] => (Allow) C:\Program Files (x86)\uTorrent\utorrent.exe () [File not signed]
FirewallRules: [{0570669A-54C3-40BD-9076-00FC3A9D9BF3}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{FC8A08FB-7970-471F-AA77-6FCEB414E387}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{7D10DF78-7FA2-4C9F-860A-AC8A83213A1B}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe => No File
FirewallRules: [{045E7FAF-A4E2-42F4-9D13-73E11227DA61}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe => No File
FirewallRules: [TCP Query User{C57C11C6-52B4-4C36-8F1C-199651CC09FC}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe () [File not signed]
FirewallRules: [UDP Query User{EEC9934D-2A38-4F7C-A721-658B191DE11E}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe () [File not signed]
FirewallRules: [TCP Query User{9D56593A-7047-4C95-9577-D9D5822D6DBD}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [UDP Query User{D453E805-8A2F-4E95-87AE-ED0704EF3F7F}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{450B75CD-AEBD-4059-A7DA-3CEE95613608}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{4BF4F340-F412-480D-A9C8-9351A6F3D85A}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{72951A9D-D6CD-4FA2-B8A5-A06F54CF2F23}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{0E29A5E8-3786-444B-B47A-62FC110E05D4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{B9EABC01-0864-4F5C-9579-4F34EEEE350A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{280A285C-E5BD-418D-B653-6F0D1B8F171C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{0EA52E13-615F-4ECC-8A73-19DE2742AC90}] => (Allow) C:\Users\Andrew Sussmann\AppData\Local\Temp\7zS2BC9\HP.EasyStart.exe => No File
FirewallRules: [{C3BDA28B-4761-4DCE-A9D5-1F0FCB61A34C}] => (Allow) C:\Users\Andrew Sussmann\AppData\Local\Temp\7zS2AFE\HP.EasyStart.exe => No File
FirewallRules: [{0DF2F7A6-61BB-4415-827E-BC33EE7F4DAB}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{395FE88C-A93B-401C-89D5-A33494FDEED2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B7B870F5-BB3E-4DDE-8559-DBA93154A724}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13231.20390.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

07-10-2020 11:32:17 Scheduled Checkpoint
14-10-2020 14:32:46 Scheduled Checkpoint
18-10-2020 09:30:39 Windows Modules Installer

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/18/2020 06:34:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname LAPTOP-V8JA8490.local already in use; will try LAPTOP-V8JA8490-2.local instead

Error: (10/18/2020 06:34:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 LAPTOP-V8JA8490.local. Addr 10.0.0.155

Error: (10/18/2020 06:34:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.155:5353 16 LAPTOP-V8JA8490.local. AAAA 2601:0602080:29F0:0000:0000:0000:9241

Error: (10/18/2020 10:14:42 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program YourPhone.exe version 1.20092.108.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2c70

Start Time: 01d6a56fb99b14f7

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe\YourPhone.exe

Report Id: a74e4bd8-d281-45f3-992f-8152b4324198

Faulting package full name: Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: App

Hang type: Quiesce

Error: (10/18/2020 09:57:12 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program YourPhone.exe version 1.20092.108.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2bc8

Start Time: 01d6a56e74d2aa5f

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe\YourPhone.exe

Report Id: bc41c78e-114d-47cd-b2b2-395469e4be5b

Faulting package full name: Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: App

Hang type: Quiesce

Error: (10/18/2020 09:32:42 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program YourPhone.exe version 1.20092.108.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 79c

Start Time: 01d6a56b10581647

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe\YourPhone.exe

Report Id: a442348d-6cbd-42c5-985b-26435d6c7476

Faulting package full name: Microsoft.YourPhone_1.20092.108.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: App

Hang type: Quiesce

Error: (10/18/2020 09:21:59 AM) (Source: DPTF) (EventID: 17) (User: NT AUTHORITY)
Description: ESIF(8.6.10401.9906) TYPE: ERROR MODULE: DPTF TIME 84967626 ms

DPTF Build Version: 8.6.10401.9906
DPTF Build Date: Jun 14 2019 17:55:37
Source File: c:\jenkins\workspace\dptf\src\dptf\sources\manager\domainworkitem.cpp @ line 79
Executing Function: DomainWorkItem::writeDomainWorkItemErrorMessagePolicy
Message: Unhandled exception caught during execution of work item
Framework Event: DomainPowerControlCapabilityChanged [25]
Participant: TCPU [1]
Domain: Invalid [0]
Policy: Passive Policy 2 [0]
Exception Function: Policy::executeDomainPowerControlCapabilityChanged
Exception Text:
invalid map<K, T> key

Error: (10/18/2020 09:21:59 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.504_none_e781e76525fb2269\TiWorker.exe -Embedding; Description = Windows Modules Installer; Error = 0x81000101).


System errors:
=============
Error: (10/18/2020 06:41:59 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-V8JA8490)
Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

Error: (10/18/2020 06:40:24 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Downloaded Maps Manager service hung on starting.

Error: (10/18/2020 06:38:05 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-V8JA8490)
Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

Error: (10/18/2020 06:37:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Edge Update Service (edgeupdate) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (10/18/2020 06:37:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Edge Update Service (edgeupdate) service to connect.

Error: (10/18/2020 06:36:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dropbox Update Service (dbupdate) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (10/18/2020 06:36:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Dropbox Update Service (dbupdate) service to connect.

Error: (10/18/2020 10:34:33 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-V8JA8490)
Description: The server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.


CodeIntegrity:
===================================

Date: 2020-10-18 18:42:11.0190000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-18 18:42:10.8310000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-18 18:42:10.5540000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-18 18:42:10.5120000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-18 18:37:24.7830000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-18 18:37:24.7750000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-18 18:37:24.7420000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-10-18 09:22:56.3810000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Insyde F.56 04/23/2020
Motherboard: HP 84CA
Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 77%
Total physical RAM: 8071.41 MB
Available physical RAM: 1820.09 MB
Total Virtual: 10375.41 MB
Available Virtual: 3591.66 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:914.05 GB) (Free:720.8 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:16.23 GB) (Free:1.96 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{cd0099a5-457e-4026-90ea-30553769acd9}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.37 GB) NTFS
\\?\Volume{cfe5df87-2dea-458c-ba7c-861a13e2e606}\ () (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

 

[iMacg3]

Yes these are the correct logs. You can attach FRST.txt by clicking "Attach Files" at the bottom of the reply screen.

 

[asuss06]

oh ok. here they are.

 

[iMacg3]

Hi asuss06

Please download and run the following tools. If you have any problems running either program, skip that one and move to the next. Include any error messages in your next reply

---------------------------------------------------
AdwCleaner

Download AdwCleaner and save it to your desktop.

• Double click AdwCleaner.exe to run it.
• Click Scan Now...
  • When the scan has finished a Scan Results window will open.
  • Click Cancel (at this point do not attempt to Quarantine anything that is found)
• Now click the Log Filestab ...
  • Double click on the latest scan log (Scan logs have a [S0*] suffix, where * is replaced by a number, the latest scan will have the largest number)
  • A Notepad file will open containing the results of the scan.
  • Please post the contents of the file in your next reply.

---------------------------------------------------
ESET Online Scanner

Download ESET Online Scanner and save it to your desktop.

• Right-click on esetonlinescanner_enu.exe and select Run as Administrator.
• When the tool opens, click Get Started.
• Read and accept the license agreement.
• At the Welcome to ESET Online Scanner window, click Get Started.
• Select whether you would like to send anonymous data to ESET.
• Note: if you see the "Welcome Back to ESET Online Scanner" screen, click Computer Scan > Full Scan.
• Click on the Full Scan option.
• Select Enable ESET to detect and remove potentially unwanted applications, then click Start scan.
• ESET will now begin scanning your computer. This may take some time.
• When the scan is finished and if threats have been detected, select Save scan log. Save it to your desktop as eset.txt. Click on Continue.
• ESET Online Scanner may ask if you'd like to turn on the Periodic Scan feature. Click on Continue.
• On the next screen, you can leave feedback about the program if you wish. Check the box for Delete application data on closing. If you left feedback, click Submit and continue. If not, Close without feedback.
• Open the scan log on your desktop (eset.txt) and copy and paste its contents into your next reply.

---------------------------------------------------

In your next reply

- Please include both logs and let me know how the computer is doing

• AdwCleaner log
• Eset log

 

[asuss06]

here is the adwcleaner results....
# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-09-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 10-21-2020
# Duration: 00:00:30
# OS: Windows 10 Home
# Scanned: 31837
# Detected: 28


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

PUP.Optional.Legacy C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Blackjack +.lnk

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.HPJumpStartLaunch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15E1FE65-E9EE-4E8D-9AA3-66C9954A794C}
Preinstalled.HPJumpStartLaunch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPJumpStartLaunch
Preinstalled.HPJumpStartLaunch Task C:\Windows\System32\Tasks\HPJUMPSTARTLAUNCH
Preinstalled.HPRegistrationService Folder C:\Program Files (x86)\HP\HP REGISTRATION SERVICE
Preinstalled.HPRegistrationService Folder C:\ProgramData\HP\HP REGISTRATION SERVICE
Preinstalled.HPSupportAssistant Folder C:\HP\SUPPORT
Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK
Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Users\Andrew Sussmann\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Users\Andrew Sussmann\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4AAC4B07-77EF-4BCF-88DC-D24E4DE683E8}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{63F82052-C045-4F97-A3CA-C41D2CCA1FFA}
Preinstalled.HPSureConnect Folder C:\Program Files\HPCOMMRECOVERY
Preinstalled.HPSureConnect Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6468C4A5-E47E-405F-B675-A70A70983EA6}
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES\SHORTCUTPROVIDER
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{80831F60-19D7-43B3-A60C-5CAF8C478DF6}
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{A39303AB-4898-4F12-BAA0-0B8630F86DB4}



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

 

[asuss06]

And here is the eset scan... thanks

 

[iMacg3]

Hi asuss06

---------------------------------------------------
AdwCleaner - Clean

• Double click AdwCleaner.exe to run it.
• Click Scan Now
• When the scan has finished a Scan Results window will open.
• Please check the following boxes and then click Quarantine
  • Click Next
  • If any pre-installed software was found on your machine, a prompt window will open ...
    • Click OK to close it
  • Check any pre-installed software items you want to remove (if they're not causing you a problem I recommend you don't select any)
  • Click Quarantine
• A prompt to save your work will appear ...
  • Click Continue when you're ready to proceed.
• A prompt to restart your computer will appear ...
  • Click Restart Now
• Once your computer has restarted ...
  • If it doesn't open automatically, please start AdwCleaner ...
  • Click the Log Files tab ...
  • Double click on the latest Clean log (Clean logs have a [C0*] suffix, where * is replaced by a number, the latest scan will have the largest number)
  • A Notepad file will open containing the results of the removal.
  • Please post the contents of the file in your next reply.

---------------------------------------------------

In your next reply, please include:

• Adwcleaner log
  • Let me know how the computer is running

 

[asuss06]

the log file is below....
so i have done everything you have recommended. just restarted everything and it all seems to be working fine for the moment. ill be doing some work with it a little later so that will be the real test. ill let you know if anything starts to get funny or seriously lagging, but for the moment i will consider this issue taken care of, as i have had Techguy's help before on similar issues in the past and it ALWAYS gets resolved.
I will thank you immensely for your help and dedication to this matter and appreciate all youve done.
.
# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-09-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-23-2020
# Duration: 00:00:08
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Blackjack +.lnk

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4754 octets] - [21/10/2020 09:36:14]
AdwCleaner[S01].txt - [4815 octets] - [23/10/2020 11:00:50]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

 

[iMacg3]

Hi asuss06

OK let me know if there any remaining problems.

 

[iMacg3]

Do you still need assistance?