Random close down and freezing

T

tonyabacus

New member
Joined
Nov 25, 2016
Posts
2
Started about a week or so ago after a Windows update, for no reason my Outlook emails freeze for long periods and sometimes the machine closes down for no apparent reason. The machine is a Packard Bell All in One with Windows 10 installed, all Windows updates appear to be in place.
Not much to go on I know but have tried various things without success, not the greatest computer literate operator but have tried the Microsoft Office (installed) repairs which run Outlook but that found nothing, can anyone recommend a good Driver updater, preferably free to use as there are so many on offer and one I tried seemed to make things worse.
Thanks
Tony
 
Responding to actions required by Corinne
My computer has over the past few weeks started to close down randomly, sometimes shortly after start up, other times after being on for several hours and sometimes mid way through certain interactions with different programs. Also it has taken to being very slow on occasions and sometimes freezing part way through working within different programs. One of the main areas of freezing is with my Outlook mail file where it will start up but then in downloading new mail it can take several minutes as it will freeze during odd moments during the download. This is unusual as normally these programs have not been an issue previously.
I have McAfee Total Protection running to prevent malware mand I use System Mechanic Ultimate Protection to periodically clean up the system, defrag the disc etc. The machine has a single disc but is split into two partitions, the C drive is virtually nothing but the system and program files, the D drive is for all my data files. I have run defrag in the last few days and also checked the state of the disc which is shown as good. Also run Microsoft Updates to ensure latest files are in use.

Please find the logs you requested as follows, and thank you for providing assistance as I am rather elderly and not very computer literate, but try to keep up as best I can, so trust I have done as requested
Many thanks
Tony


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-08-2021
Ran by user (administrator) on USER-PC (Packard Bell ONETWO L5710) (10-08-2021 21:43:47)
Running from C:\Users\user\Downloads
Loaded Profiles: user
Platform: Windows 10 Home Version 2004 19041.1110 (X64) Language: English (United States) -> English (United Kingdom)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\MusicAgent.exe
() [File not signed] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\SNSAgent.exe
() [File not signed] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\TouchMusic.exe
(Acer Corp.) [File not signed] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\TouchPortal.exe
(Acer Inc.) [File not signed] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\TouchMemo.exe
(Acer Incorporated -> Acer Corp.) C:\Program Files (x86)\TouchSettings\TouchPortalOBR.exe
(acer) [File not signed] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\TouchPhotoShow.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(AOMEI International Network Limited -> AOMEI International Network Limited) C:\Program Files (x86)\AOMEI\ABService.exe
(CyberLink -> ) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(CyberLink -> ) C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe
(CyberLink -> ) C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVESched.exe
(CyberLink -> CyberLink Corp.) [File not signed] C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
(Cyren -> Cyren, Inc.) C:\Program Files\Common Files\Commtouch\AntiVirus5\vseamps.exe
(Cyren -> Cyren, Inc.) C:\Program Files\Common Files\Commtouch\AntiVirus5\vsedsps.exe
(Cyren -> Cyren, Inc.) C:\Program Files\Common Files\Commtouch\AntiVirus5\vseqrts.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\4.4.103.0\McCSPServiceHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <3>
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_21_4\mcapexe.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MAT\McPvTray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <16>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20090.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20090.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(RealDefense LLC -> RealDefense LLC) C:\Program Files\iolo technologies\System Mechanic\SSTray.exe
(RealDefense, LLC -> RealDefense LLC) C:\Program Files\iolo technologies\System Mechanic\ToolKit.exe
(RealDefense, LLC -> RealDefense LLC) C:\Program Files\iolo technologies\System Mechanic\x64\LBGovernor.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TouchPortal] => C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\TouchPortal.exe [4940800 2009-10-24] (Acer Corp.) [File not signed]
HKLM\...\Run: [TouchORB] => C:\Program Files (x86)\TouchSettings\TouchPortalOBR.exe [151368 2009-10-23] (Acer Incorporated -> Acer Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-03-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1841496 2016-10-14] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirror Tray icon] => C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167008 2009-09-14] (CyberLink -> CyberLink Corp.) [File not signed]
HKLM-x32\...\Run: [TVEService] => C:\Program Files (x86)\CyberLink\TV Enhance\TVEService.exe [230632 2009-06-24] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [669664 2019-10-02] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [894944 2019-10-02] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-06-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1663276179-2122725057-4209459169-1000\...\Run: [PhotoGadgetFirstRun] => 0
HKU\S-1-5-21-1663276179-2122725057-4209459169-1000\...\Run: [MusicGadget] => C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\TouchMusic.exe [416256 2009-08-25] () [File not signed]
HKU\S-1-5-21-1663276179-2122725057-4209459169-1000\...\Run: [TouchMemo] => C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\TouchMemo.exe [380928 2009-08-25] (Acer Inc.) [File not signed]
HKU\S-1-5-21-1663276179-2122725057-4209459169-1000\...\Run: [PhotoGadgetFirstRun_Portal] => 0
HKU\S-1-5-21-1663276179-2122725057-4209459169-1000\...\Run: [PhotoGadget] => C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\TouchPhotoShow.exe [382976 2009-08-25] (acer) [File not signed]
HKU\S-1-5-21-1663276179-2122725057-4209459169-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-07-23] (Google Inc -> Google Inc.)
HKU\S-1-5-21-1663276179-2122725057-4209459169-1000\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIKAE.EXE [298560 2013-09-12] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1663276179-2122725057-4209459169-1000\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIKAE.EXE [298560 2013-09-12] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1663276179-2122725057-4209459169-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [34508416 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1663276179-2122725057-4209459169-1000\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5550304 2021-07-24] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1663276179-2122725057-4209459169-1000\...\Run: [MicrosoftEdgeAutoLaunch_8714F0D917266FE3AFB7F8BB98EEBC18] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-1663276179-2122725057-4209459169-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1663276179-2122725057-4209459169-1000\...\MountPoints2: {c3ec391e-0d11-11e9-900e-00269eb1022c} - "F:\AutoRun.exe" {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083
HKU\S-1-5-21-1663276179-2122725057-4209459169-500\...\Run: [MusicGadget] => C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\TouchMusic.exe [416256 2009-08-25] () [File not signed]
HKU\S-1-5-21-1663276179-2122725057-4209459169-500\...\Run: [TouchMemo] => C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\TouchMemo.exe [380928 2009-08-25] (Acer Inc.) [File not signed]
HKU\S-1-5-21-1663276179-2122725057-4209459169-500\...\Run: [PhotoGadgetFirstRun] => 0
HKU\S-1-5-21-1663276179-2122725057-4209459169-500\...\Run: [PhotoGadget] => C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\TouchPhotoShow.exe [382976 2009-08-25] (acer) [File not signed]
HKU\S-1-5-21-1663276179-2122725057-4209459169-500\...\Run: [PhotoGadgetFirstRun_Portal] => 0
HKU\S-1-5-21-1663276179-2122725057-4209459169-500\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Packard Bell.scr [425984 2009-08-20] () [File not signed]
HKLM\...\Print\Monitors\EPSON WF-7620 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBKAE.DLL [179712 2013-10-22] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [558592 2012-11-12] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.131\Installer\chrmstp.exe [2021-08-05] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
BootExecute: autocheck autochk * SmartDefragBootTime.exe
HKU\S-1-5-21-1663276179-2122725057-4209459169-1000\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {078AEA27-749F-4831-AB6E-CFCD336293C3} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0C292589-0CB1-43BD-B827-4D63F1FD2D81} - System32\Tasks\iolo\Live Boost Process Governor => C:\Program Files\iolo technologies\System Mechanic\x64\LBGovernor.exe [930352 2021-07-23] (RealDefense, LLC -> RealDefense LLC)
Task: {14061002-E244-4287-A2C0-E46ECD51BA27} - System32\Tasks\EPSON WF-7620 Series Update {17262555-C946-4276-B9C0-C599C788294E} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {172E1F67-104B-459B-AD2C-94A07BC91B80} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1CA04461-A14C-4477-B6E2-CC885ECCA124} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {23772165-089C-4456-8EFC-0DD9103748B9} - System32\Tasks\SU_AutoUpdate => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4530712 2021-06-03] (IObit CO., LTD -> IObit)
Task: {2626A7FF-8D6A-4397-9286-9E0BD81B94D9} - System32\Tasks\Software Updater Scheduler => C:\Program Files (x86)\IObit\Software Updater\SUInit.exe [1794584 2021-04-14] (IObit CO., LTD -> IObit) <==== ATTENTION
Task: {28A43EF3-5FF7-4D07-9BB0-95CFD1334FC8} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3DD013A5-F61F-4F42-9BC9-73484EFA6F9B} - System32\Tasks\Software Updater SkipUAC(user) => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4530712 2021-06-03] (IObit CO., LTD -> IObit) <==== ATTENTION
Task: {3E980281-F099-461D-865F-66503394DDC3} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {47AAA7FB-EF08-4171-812E-7E5FDD6A0200} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [4114728 2021-04-29] (McAfee, LLC -> McAfee, LLC)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {49546395-167A-4970-935E-BFEEBD710112} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {513AA818-E9E1-4553-9456-87C1DC1B7C91} - System32\Tasks\iolo\ActiveMessenger => C:\Program Files\iolo technologies\System Mechanic\ActiveBridge.exe [565808 2021-07-23] (RealDefense, LLC -> RealDefense LLC)
Task: {54494C3A-E932-4592-8A0A-D1CFC113728F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {55A5DFEA-9042-4336-A86A-2183D2136C20} - System32\Tasks\iolo\ioloSystemShield => C:\Program Files\iolo technologies\System Mechanic\SSTray.exe [1769472 2021-07-23] (RealDefense LLC -> RealDefense LLC)
Task: {583EF853-AE14-4083-9BFC-5318E0220B5E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION
Task: {5AFA7BB9-E7BD-47BB-913C-8D052B920708} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-05-12] (McAfee, LLC -> McAfee, LLC)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5D769410-4C19-479F-A1BD-38275F340141} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-06-17] (Piriform Software Ltd -> Piriform)
Task: {5FBF170C-895A-476E-B0A4-0683D70A93A4} - System32\Tasks\iolo\ioloActiveCare => C:\Program Files\iolo technologies\System Mechanic\systemmechanic.exe [4234800 2021-07-23] (RealDefense, LLC -> RealDefense LLC)
Task: {6211E85C-052A-4E07-A443-2750E59B958C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6412D9A2-1217-4913-9FF4-786379471C41} - System32\Tasks\IObitSelfCheckTask => C:\Program Files (x86)\IObit\Smart Defrag\IObitSelfCheck.exe
Task: {6C98C616-3CCF-453C-A809-010E0B17454C} - System32\Tasks\Uninstaller_SkipUac_user => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [6712856 2021-06-15] (IObit CO., LTD -> IObit)
Task: {74E804F1-161F-4EE3-ACA6-48DE25A221E0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-23] (Google Inc -> Google Inc.)
Task: {76C92FBB-53EF-4B0A-8FE6-4429A6DE6D7F} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7B76A29D-A966-41B7-BAAB-543D81099557} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {86AAFF4B-CB65-4213-81E7-A71F0693026A} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {8C7E5957-2626-4F68-9E58-EFE701AF1CDB} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {8E6AD151-6DE9-4F5D-9F76-71986E81EBF1} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [3472848 2021-01-05] (IObit Information Technology -> IObit)
Task: {8FBC3BFE-9412-4164-956E-47315D959077} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9504075F-FC45-4BC3-A961-5B6988C2BD1F} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {9A733A50-E278-4720-B72C-EB963D5E280F} - System32\Tasks\iolo\ioloAVDefsDownloader => C:\Program Files\iolo technologies\System Mechanic\SSDefs.exe [54320 2021-07-23] (RealDefense, LLC -> RealDefense LLC)
Task: {9E2C3CAE-E360-42EA-91EA-7618E63C5E26} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A1630062-45C6-404F-AE4F-67721054BBCA} - System32\Tasks\EPSON WF-7620 Series Invitation {17262555-C946-4276-B9C0-C599C788294E} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE [679488 2013-02-28] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {AD5937E3-02B8-48CA-8760-EB812852D16A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AF3F27B2-D226-47F2-BA7E-F75615D1E5A4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28880512 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B2322BF8-6252-43DA-8FFF-0CC5826E16BA} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4702928 2021-06-08] (McAfee, LLC -> McAfee, LLC)
Task: {BB14D845-738F-4517-8D88-81670F6CE338} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {C2ECE1A1-B991-4FE5-AC44-FE947C51A3AC} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {C7CFB042-5BF7-4FD0-981D-BC1B0F875911} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\NotificationCenter\Notification.exe [675840 2009-10-01] (Acer) [File not signed]
Task: {C800923E-7301-4441-8A60-BEE00BE72667} - System32\Tasks\iolo\iolo Products Monitor => C:\Program Files\iolo technologies\System Mechanic\ActiveBridge.exe [565808 2021-07-23] (RealDefense, LLC -> RealDefense LLC)
Task: {D3AAA9F9-E4E3-438E-9368-CCADC95F7A1B} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {D4311B3A-DC8B-4713-AF1C-B0C35A0518A3} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D715745A-3C04-446D-8844-218B574F25BD} - System32\Tasks\McAfee\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.12.663\mcdatrep.exe [1889696 2021-01-08] (McAfee, Inc. -> McAfee, LLC.)
Task: {D79FC840-0346-40A8-8863-5F5711692BF6} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DE1188FC-4212-45D0-9E53-E74622A742CD} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E91B5219-F796-451B-9CFD-EEF63AE47562} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {E9616125-C84D-4FFB-8DBD-6D368CE876DA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-23] (Google Inc -> Google Inc.)
Task: {EB807402-8973-4183-840F-66C44461D7BB} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-05-12] (McAfee, LLC -> McAfee, LLC)
Task: {EC566786-D6FA-48D1-B82B-931781FCE1CD} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F4FA384B-257E-40BE-B71A-74621586E5E6} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [757944 2021-05-06] (McAfee, LLC -> McAfee, LLC)
Task: {F6C76CF3-0225-4D74-8320-E6453215CCAF} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [5868248 2021-03-17] (IObit Information Technology -> IObit)
Task: {FCCEF987-2E70-4E82-A6EE-693109809CD1} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FFB05EA0-CD93-489C-B55E-7F61EB48662A} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\EPSON WF-7620 Series Invitation {17262555-C946-4276-B9C0-C599C788294E}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE
Task: C:\WINDOWS\Tasks\EPSON WF-7620 Series Invitation {70AC8CD1-6FCD-4371-9748-B20518A09E14}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE
Task: C:\WINDOWS\Tasks\EPSON WF-7620 Series Update {17262555-C946-4276-B9C0-C599C788294E}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE:/EXE:{17262555-C946-4276-B9C0-C599C788294E} /F:UpdateWORKGROUP\USER-PC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-7620 Series Update {70AC8CD1-6FCD-4371-9748-B20518A09E14}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKAE.EXE:/EXE:{70AC8CD1-6FCD-4371-9748-B20518A09E14} /F:UpdateWORKGROUP\USER-PC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{1E9B5BE7-E4D9-4C89-81D8-532603E6324A}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{506FD504-F22D-4F12-93B0-DD0BD43F890A}: [DhcpNameServer] 192.168.1.254

Edge:
=======
DownloadDir: C:\Users\user\Downloads
Edge Notifications: HKU\S-1-5-21-1663276179-2122725057-4209459169-1000 -> hxxps://www.youtube.com; hxxps://forums.jag-lovers.com
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-10]
Edge DownloadDir: Default -> C:\Users\user\Downloads
Edge Notifications: Default -> hxxps://forums.jag-lovers.com; hxxps://service.mcafee.com; hxxps://www.youtube.com
Edge DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
Edge DefaultSearchKeyword: Default -> duckduckgo.com
Edge DefaultNewTabURL: Default -> hxxps://duckduckgo.com/chrome_newtab
Edge DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
Edge Profile: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2021-05-10]

FireFox:
========
FF DefaultProfile: rkqawopy.default-1628339535145
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\rkqawopy.default-1628339535145 [2021-08-08]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (No Name) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-04-24] [not signed]
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2018-11-28] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2021-08-04] [Legacy] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2021-06-29] (McAfee, LLC -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ [0000-00-00] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\dtplugin\npDeployJava1.dll [2021-08-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.301.2 -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\plugin2\npjp2.dll [2021-08-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2021-06-29] (McAfee, LLC -> )
FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll [2018-11-19] (McAfee, Inc. -> McAfee LLC)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ [0000-00-00] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2021-08-10]
CHR Notifications: Default -> hxxps://mail.google.com; hxxps://mediaplayer10.com
CHR Extension: (Slides) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-24]
CHR Extension: (Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-24]
CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-31]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-24]
CHR Extension: (Sheets) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-24]
CHR Extension: (SearchWeb) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhcppgeljnkolcbgmejalipnenkhonnm [2019-03-10]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-06-19]
CHR Extension: (Google Docs Offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-05]
CHR Extension: (McAfee® Web Boost) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\klekeajafkkpokaofllcadenjdckhinm [2021-06-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (mp10search) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfkloachmagkajpnglbknngaimopgkbd [2019-06-20]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-31]
CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-27]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [klekeajafkkpokaofllcadenjdckhinm]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [klekeajafkkpokaofllcadenjdckhinm]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI\ABService.exe [1024448 2021-05-14] (AOMEI International Network Limited -> AOMEI International Network Limited)
S3 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [40104 2019-11-15] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
R3 EPMVssEaseusProvider; C:\WINDOWS\system32\dllhost.exe /Processid:{1546F71E-A9FF-421B-8478-E42AB2212822} [21312 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
S3 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [158992 2021-06-15] (IObit Information Technology -> IObit)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899640 2019-02-05] (McAfee, Inc. -> McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_21_4\McApExe.exe [797576 2021-07-07] (McAfee, LLC -> McAfee, LLC)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\4.4.103.0\\McCSPServiceHost.exe [2825792 2021-06-11] (McAfee, LLC -> McAfee, LLC)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [652232 2021-05-11] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [652232 2021-05-11] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [652232 2021-05-11] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1669200 2021-06-11] (McAfee, LLC -> McAfee, LLC)
S3 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4289856 2021-06-15] (McAfee, LLC -> McAfee, LLC)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247088 2009-06-24] (CyberLink -> )
R2 TVECapSvc; C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe [386400 2009-06-24] (CyberLink -> )
R2 TVESched; C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVESched.exe [202080 2009-06-24] (CyberLink -> )
R2 vseamps; C:\Program Files\Common Files\Commtouch\AntiVirus5\vseamps.exe [133136 2019-07-05] (Cyren -> Cyren, Inc.)
R2 vsedsps; C:\Program Files\Common Files\Commtouch\AntiVirus5\vsedsps.exe [130576 2019-07-05] (Cyren -> Cyren, Inc.)
R2 vseqrts; C:\Program Files\Common Files\Commtouch\AntiVirus5\vseqrts.exe [193368 2019-07-05] (Cyren -> Cyren, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2019-05-14] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 AMP; C:\WINDOWS\system32\Drivers\amp.sys [202840 2019-07-08] (Cyren -> Cyren, Inc.)
R2 AMPSE; C:\WINDOWS\system32\Drivers\ampse.sys [2069472 2019-07-08] (Cyren -> Cyren, Inc.)
R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2020-06-15] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [109504 2019-02-06] (Alcorlink Corp. -> )
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [32176 2021-06-19] (AOMEI International Network Limited -> )
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 AVerPola; C:\WINDOWS\system32\DRIVERS\AVerPola.sys [887320 2019-02-06] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
R3 AVPolDIR; C:\WINDOWS\System32\drivers\AVPolDIR.sys [15896 2019-02-06] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [80400 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
S3 epmdkdrv; C:\WINDOWS\system32\epmdkdrv.sys [36280 2021-04-21] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2021-04-21] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
R0 EUBAKUP; C:\WINDOWS\System32\drivers\eubakup.sys [73448 2019-06-28] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [53504 2019-06-28] (Microsoft Windows Hardware Compatibility Publisher -> )
R0 EUDCPEPM; C:\WINDOWS\System32\drivers\EUDCPEPM.sys [76344 2021-04-21] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [22784 2019-06-28] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUEDKEPM; C:\WINDOWS\system32\drivers\EUEDKEPM.sys [33712 2021-04-21] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [341760 2019-06-28] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-02-06] (Martin Malik - REALiX -> REALiX(tm))
R3 ITECIRfilter; C:\WINDOWS\system32\DRIVERS\ITECIRfilter.sys [36312 2019-02-06] (ITE Tech. Inc. -> ITE Tech. Inc.)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [43896 2020-07-31] (IObit Information Technology -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2020-07-31] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [51128 2020-07-31] (IObit Information Technology -> IObit)
S3 massfilter_hs; C:\WINDOWS\System32\drivers\massfilter_hs.sys [18456 2019-02-06] (ZTE CORPORATION -> HandSet Incorporated)
R2 McPvDrv; C:\WINDOWS\system32\drivers\McPvDrv.sys [89112 2021-01-18] (McAfee, LLC -> McAfee, LLC)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [550944 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [390664 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85952 2021-05-19] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [527368 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [1037320 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [590032 2021-04-16] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [120512 2021-04-16] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [121352 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [257552 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit Information Technology -> IObit)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2021-07-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [425184 2021-07-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-07-02] (Microsoft Windows -> Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\user\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X]
U3 idsvc; no ImagePath
S3 mfeavfk01; \Device\mfeavfk01.sys [X]
S3 semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-10 21:43 - 2021-08-10 21:47 - 000039717 _____ C:\Users\user\Downloads\FRST.txt
2021-08-10 21:42 - 2021-08-10 21:45 - 000000000 ____D C:\FRST
2021-08-10 21:39 - 2021-08-10 21:39 - 002300416 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2021-08-07 13:32 - 2021-08-07 13:32 - 000000000 ____D C:\Users\user\Desktop\Old Firefox Data
2021-08-07 13:13 - 2021-08-07 13:13 - 000007597 _____ C:\Users\user\AppData\Local\Resmon.ResmonCfg
2021-08-04 23:23 - 2021-08-04 23:23 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2021-08-04 12:32 - 2021-08-04 12:32 - 000318666 _____ C:\Users\user\Downloads\Web capture_4-8-2021_123237_.jpeg
2021-08-04 12:19 - 2021-08-04 12:19 - 000302456 _____ C:\Users\user\Downloads\WK68ZMO-eV948.pdf
2021-07-23 16:29 - 2021-07-23 16:29 - 000000000 ____D C:\Users\user\AppData\Roaming\iolo technologies
2021-07-23 16:29 - 2021-07-23 16:29 - 000000000 ____D C:\ProgramData\Commtouch
2021-07-23 16:29 - 2021-07-23 16:29 - 000000000 ____D C:\Program Files\Common Files\Commtouch
2021-07-23 16:29 - 2019-07-08 04:10 - 002069472 ____R (Cyren, Inc.) C:\WINDOWS\system32\Drivers\ampse.sys
2021-07-23 16:29 - 2019-07-08 04:10 - 000202840 ____R (Cyren, Inc.) C:\WINDOWS\system32\Drivers\amp.sys
2021-07-23 16:28 - 2021-08-01 22:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\iolo
2021-07-23 16:28 - 2021-07-23 16:28 - 000002201 _____ C:\Users\user\Desktop\Privacy Guardian.lnk
2021-07-23 16:28 - 2021-07-23 16:28 - 000002193 _____ C:\Users\user\Desktop\Malware Killer.lnk
2021-07-23 16:28 - 2021-07-23 16:28 - 000001291 _____ C:\Users\user\Desktop\System Mechanic.lnk
2021-07-23 16:28 - 2021-07-23 16:28 - 000000000 ____D C:\Users\user\AppData\Local\iolo technologies
2021-07-23 16:28 - 2021-07-23 16:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iolo
2021-07-23 16:27 - 2021-07-23 16:27 - 000000000 ____D C:\Program Files\iolo technologies
2021-07-23 16:07 - 2021-07-23 16:07 - 058136112 _____ (RealDefense LLC) C:\Users\user\Downloads\SystemMechanic_Ultimate_Defense (1).exe
2021-07-23 16:05 - 2021-07-23 16:05 - 058136112 _____ (RealDefense LLC) C:\Users\user\Downloads\SystemMechanic_Ultimate_Defense.exe
2021-07-23 16:02 - 2021-07-23 16:28 - 000000000 ____D C:\ProgramData\iolo technologies
2021-07-23 16:01 - 2021-07-23 16:02 - 058136112 _____ (RealDefense LLC) C:\Users\user\Downloads\SystemMechanic_PRO.exe
2021-07-23 15:58 - 2021-07-23 15:58 - 000000000 ____D C:\ProgramData\iolo
2021-07-23 15:26 - 2021-07-23 15:27 - 004866096 _____ C:\Users\user\Downloads\SystemMechanicPro_DM (3).exe
2021-07-20 11:31 - 2021-07-20 11:31 - 001270959 _____ C:\Users\user\Downloads\Estate Planning Explained.pdf
2021-07-15 21:59 - 2021-07-15 21:59 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-15 21:58 - 2021-07-15 21:58 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-15 21:58 - 2021-07-15 21:58 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-15 21:58 - 2021-07-15 21:58 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-15 21:57 - 2021-07-15 21:57 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-15 21:57 - 2021-07-15 21:57 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-14 11:19 - 2021-07-14 10:57 - 001818456 _____ C:\Users\user\Downloads\IH_UK_Jaguar_E-type_S2 V1 EZ Kit.pdf
2021-07-14 01:47 - 2021-07-14 01:47 - 000005000 _____ C:\Users\user\Documents\cc_20210714_014707.reg
2021-07-14 01:47 - 2021-07-14 01:47 - 000000552 _____ C:\Users\user\Documents\cc_20210714_014746.reg
2021-07-13 21:08 - 2021-07-13 21:08 - 000412989 _____ C:\Users\user\Downloads\YourBTbill_13112020 (2).pdf
2021-07-13 21:08 - 2021-07-13 21:08 - 000412314 _____ C:\Users\user\Downloads\YourBTbill_13122020 (2).pdf
2021-07-13 21:07 - 2021-07-13 21:07 - 000411806 _____ C:\Users\user\Downloads\YourBTbill_13102020.pdf
2021-07-13 21:06 - 2021-07-13 21:06 - 000413520 _____ C:\Users\user\Downloads\YourBTbill_13092020.pdf
2021-07-13 21:05 - 2021-07-13 21:05 - 000411649 _____ C:\Users\user\Downloads\YourBTbill_13082020.pdf
2021-07-13 21:02 - 2021-07-13 21:02 - 000419915 _____ C:\Users\user\Downloads\YourBTbill_13012021.pdf
2021-07-13 21:01 - 2021-07-13 21:01 - 000416013 _____ C:\Users\user\Downloads\YourBTbill_13022021.pdf
2021-07-13 20:55 - 2021-07-13 20:55 - 000413957 _____ C:\Users\user\Downloads\YourBTbill_13042020.pdf
2021-07-13 20:54 - 2021-07-13 20:54 - 000410334 _____ C:\Users\user\Downloads\YourBTbill_13052021.pdf
2021-07-13 20:53 - 2021-07-13 20:53 - 000413615 _____ C:\Users\user\Downloads\YourBTbill_13062020.pdf
2021-07-13 20:53 - 2021-07-13 20:53 - 000411281 _____ C:\Users\user\Downloads\YourBTbill_13062021.pdf
2021-07-13 20:51 - 2021-07-13 20:51 - 000410041 _____ C:\Users\user\Downloads\YourBTbill_13072020.pdf
2021-07-13 20:49 - 2021-07-13 20:49 - 000412463 _____ C:\Users\user\Downloads\YourBTbill_13072021 (2).pdf
2021-07-13 20:48 - 2021-07-13 20:48 - 000412463 _____ C:\Users\user\Downloads\YourBTbill_13072021 (1).pdf
2021-07-13 20:44 - 2021-07-13 20:44 - 000412463 _____ C:\Users\user\Downloads\YourBTbill_13072021.pdf
2021-07-11 11:24 - 2021-07-11 11:24 - 000454111 _____ C:\Users\user\Downloads\Motor bracket.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-10 21:47 - 2021-06-13 12:49 - 000181482 _____ C:\WINDOWS\ZAM.krnl.trace
2021-08-10 21:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Registration
2021-08-10 21:32 - 2013-07-23 09:46 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-10 21:30 - 2020-08-01 12:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-10 21:30 - 2018-07-04 16:02 - 000000000 ____D C:\Users\user\Documents\Outlook Files
2021-08-10 19:22 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-10 15:54 - 2020-08-01 12:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2021-08-10 15:09 - 2020-11-29 10:18 - 000000000 __RSD C:\Users\user\Documents\McAfee Vaults
2021-08-10 15:07 - 2021-06-19 01:30 - 000000000 ____D C:\Program Files (x86)\AOMEI
2021-08-10 15:07 - 2020-01-21 11:54 - 000000208 _____ C:\WINDOWS\SysWOW64\AbBakConfig.dat
2021-08-10 15:07 - 2020-01-21 11:54 - 000000150 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2021-08-10 15:06 - 2020-08-01 12:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-10 15:06 - 2020-08-01 12:14 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-10 13:23 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-08-10 09:42 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-10 09:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-10 09:42 - 2018-06-24 05:16 - 000000000 ____D C:\Users\user\AppData\Local\Packages
2021-08-10 09:28 - 2019-02-06 16:53 - 000000000 ____D C:\ProgramData\ProductData
2021-08-08 23:48 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-08-07 21:33 - 2018-06-20 15:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-08-07 21:33 - 2018-06-20 15:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-08-07 13:34 - 2018-06-20 15:12 - 000000000 ____D C:\Users\user\AppData\LocalLow\Mozilla
2021-08-07 13:32 - 2018-06-20 15:12 - 000001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-08-07 10:34 - 2020-06-17 09:40 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-07 10:34 - 2020-06-17 09:40 - 000002288 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-08-05 09:33 - 2018-06-24 11:57 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-05 09:33 - 2018-06-24 11:57 - 000002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-08-05 09:06 - 2020-08-01 12:14 - 000460760 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-05 09:05 - 2018-10-11 13:20 - 000000000 ____D C:\Program Files\McAfee
2021-08-05 09:05 - 2018-10-11 13:18 - 000000000 ____D C:\Program Files (x86)\McAfee
2021-08-05 09:05 - 2018-10-11 13:16 - 000000000 ____D C:\ProgramData\McAfee
2021-08-04 23:24 - 2013-07-23 09:37 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2021-08-04 23:23 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-08-04 23:22 - 2009-07-14 08:45 - 000000000 ____D C:\WINDOWS\ShellNew
2021-08-04 23:14 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-08-04 23:14 - 2009-07-14 03:34 - 000000478 _____ C:\WINDOWS\win.ini
2021-08-04 22:30 - 2018-10-11 13:16 - 000000000 ____D C:\Program Files\Common Files\McAfee
2021-08-04 22:28 - 2020-08-01 12:53 - 000003316 _____ C:\WINDOWS\system32\Tasks\McAfeeLogon
2021-08-04 17:52 - 2018-06-24 12:30 - 000000000 ____D C:\Users\user\AppData\Local\ElevatedDiagnostics
2021-08-04 09:36 - 2021-01-22 11:44 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-03 21:57 - 2021-03-15 14:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-08-03 21:57 - 2021-03-15 14:11 - 000000000 ____D C:\Program Files (x86)\Java
2021-08-03 21:54 - 2021-03-15 14:12 - 000164696 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2021-08-03 09:27 - 2020-08-01 12:53 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-03 09:27 - 2020-08-01 12:53 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-02 09:55 - 2020-08-01 12:53 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-02 09:55 - 2020-08-01 12:53 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-01 23:10 - 2021-06-19 01:23 - 000003430 _____ C:\WINDOWS\system32\Tasks\SU_AutoUpdate
2021-07-29 11:20 - 2018-06-24 13:32 - 000002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-07-26 22:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-07-17 12:43 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-07-17 09:46 - 2020-08-01 12:37 - 000939138 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-17 09:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-17 09:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-17 09:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-16 09:45 - 2021-01-22 11:44 - 000740152 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-07-16 09:45 - 2021-01-22 11:44 - 000486712 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-07-15 22:09 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-15 21:23 - 2020-07-25 12:20 - 000000000 ___HD C:\$WinREAgent
2021-07-15 21:11 - 2018-06-24 00:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-15 20:56 - 2018-06-24 00:20 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-07-14 02:13 - 2019-02-06 16:52 - 000000000 ____D C:\ProgramData\IObit
2021-07-14 01:34 - 2019-10-26 15:50 - 000000000 ____D C:\Program Files\CCleaner

==================== Files in the root of some directories ========

2021-06-19 01:30 - 2021-05-14 16:25 - 000491968 _____ (AOMEI International Network Limited) C:\Program Files (x86)\ABLaucher.exe
2021-06-19 01:31 - 2021-03-19 15:11 - 000018432 _____ () C:\Program Files (x86)\Uninstall.exe
2013-07-23 09:26 - 2008-06-11 16:12 - 000776614 _____ () C:\Program Files (x86)\Common Files\packardbell.ico
2021-08-07 13:13 - 2021-08-07 13:13 - 000007597 _____ () C:\Users\user\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-08-2021
Ran by user (10-08-2021 21:49:06)
Running from C:\Users\user\Downloads
Windows 10 Home Version 2004 19041.1110 (X64) (2020-08-01 11:55:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1663276179-2122725057-4209459169-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1663276179-2122725057-4209459169-503 - Limited - Disabled)
Guest (S-1-5-21-1663276179-2122725057-4209459169-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1663276179-2122725057-4209459169-1002 - Limited - Enabled)
user (S-1-5-21-1663276179-2122725057-4209459169-1000 - Administrator - Enabled) => C:\Users\user
WDAGUtilityAccount (S-1-5-21-1663276179-2122725057-4209459169-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: System Shield (Disabled - Up to date) {CFD1F43D-7501-B54F-88CE-D3F6D5EF8990}
AV: System Shield (Disabled - Up to date) {85385B05-8E3E-65BB-DB9F-5F1E3AB43231}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AS: McAfee VirusScan (Enabled - Up to date) {4DE344F8-6897-65B4-CED0-82B3AF2591B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {A57E80C3-3899-292F-ECD6-209A91801C57}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.005.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 33.1.1.502 - HARMAN International)
Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.2 - Nero AG) Hidden
Airport Mania First Flight (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}) (Version: - Oberon Media)
AOMEI Backupper (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: - AOMEI International Network Limited.)
Attribute Changer 9.50 (HKLM\...\{27263813-8BDE-4CD2-84D3-02536743428A}_is1) (Version: 9.50 - Romain Petges)
AVSDK5 (HKLM\...\{D5A6E342-907C-4CEF-96CC-FC2F4990DC9C}) (Version: 6.2.2 - CYREN Inc.) Hidden
Belarc Advisor 9.0 (HKLM-x32\...\Belarc Advisor) (Version: 9.0.0.0 - Belarc Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.82 - Piriform)
Core Temp 1.14 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.14 - ALCPU)
CPUID CPU-Z 1.96 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.96 - CPUID, Inc.)
CPUID HWMonitor 1.44 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.44 - CPUID, Inc.)
CyberLink TV Enhance (HKLM-x32\...\{E4C891D6-6844-41B8-86E8-633CACCC644F}) (Version: 2.0.6624 - CyberLink Corp.)
EaseUS Partition Master 15.8 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
EaseUS Todo Backup Free 12.0 (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 12.0 - CHENGDU YIWO Tech Development Co., Ltd)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.1 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{F05A434E-D3CF-4B44-9D3E-779D42090781}) (Version: 2.8.0.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 3.02.00 - Seiko Epson Corporation)
EPSON Manuals (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.56.1.0 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 2.00.0000 - SEIKO EPSON Corp.)
EPSON Scan PDF Extensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.0001 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{FD036A57-F81D-4865-AAF0-811558EA76AE}) (Version: 4.5.1 - Seiko Epson Corporation)
EPSON WF-7620 Series Printer Uninstall (HKLM\...\EPSON WF-7620 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.131 - Google LLC)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
IObit Software Updater (HKLM-x32\...\IObit Software Updater_is1) (Version: 4.1.0.142 - IObit)
IObit Uninstaller 10 (HKLM-x32\...\IObitUninstall) (Version: 10.6.0.4 - IObit)
ITECIR (HKLM-x32\...\{40580068-9B10-40B5-9548-536CE88AB23C}) (Version: 1.00.0000 - ITE)
Java 8 Update 301 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180301F0}) (Version: 8.0.3010.9 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.33.2 - JMicron Technology Corp.)
McAfee Virtual Technician (HKLM-x32\...\McAfee Virtual Technician) (Version: 8.3.0.363 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.36 - McAfee, Inc.)
McAfee® Total Protection (HKLM-x32\...\MSC) (Version: 16.0 R35 - McAfee, LLC)
Metaboli (HKLM-x32\...\Metaboli) (Version: 1.00.0006 - Packard Bell)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.67 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1663276179-2122725057-4209459169-1000\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1663276179-2122725057-4209459169-500\...\OneDriveSetup.exe) (Version: 19.043.0304.0013 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Support and Recovery Assistant (HKU\S-1-5-21-1663276179-2122725057-4209459169-1000\...\f9a89bd2a46a7606) (Version: 17.0.4589.1 - Microsoft Corporation)
Microsoft Support and Recovery Assistant for Office 365 (HKU\S-1-5-21-1663276179-2122725057-4209459169-1000\...\7181b9498a4ee6aa) (Version: 16.0.3054.6 - Microsoft Corporation)
Microsoft Touch Pack for Windows 7 (HKLM-x32\...\{8FF90DB8-6DED-44A3-B182-244FEC09012F}) (Version: 1.0.40517.00 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Mozilla Firefox 60.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 60.0.2 (x86 en-US)) (Version: 60.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyEpson Portal (HKLM-x32\...\{3361D415-BA35-4143-B301-661991BA6219}) (Version: 1.1.2.2 - SEIKO EPSON CORPORATION) Hidden
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version: - SEIKO EPSON Corporation)
Nero 9 Essentials (HKLM-x32\...\{308cb208-80e7-4d08-bcef-7e856cd40d4c}) (Version: - Nero AG)
Packard Bell InfoCentre (HKLM-x32\...\Packard Bell InfoCentre) (Version: 3.02.3000 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0907 - Packard Bell Incorporated)
Packard Bell Software Suite SE (HKLM-x32\...\Packard Bell Software Suite SE) (Version: 2.01.3001 - Packard Bell)
PowerCinema Movie (HKLM-x32\...\{70CC0095-AA68-45BE-AE98-D8170182E9EB}) (Version: 9.0.5725 - CyberLink Corp.) Hidden
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Smart Defrag 6 (HKLM-x32\...\Smart Defrag_is1) (Version: 6.7.5 - IObit)
System Mechanic (HKLM\...\{95129D61-FF52-4FA8-A403-3E31FC5D9696}) (Version: 21.5.0.3 - RealDefense LLC)
Team Knowhow Expert Support (HKLM-x32\...\{FADEBE7D-06AC-C11B-8FC3-597845FE28DC}) (Version: 7.11.760 - LogMeIn, Inc.)
TouchSettings (HKLM-x32\...\{75880CD4-9436-4EDD-B7E7-400EBFD60B2C}) (Version: 1.00.0004 - Packard Bell)
Tumble Bees To Go (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11120457}) (Version: - Oberon Media)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Virtual Earth 3D (Beta) (HKLM\...\{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}) (Version: 4.0.903.16005 - Microsoft Corporation)
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.00.3008 - Packard Bell)
Zoho Assist (HKU\S-1-5-21-1663276179-2122725057-4209459169-1000\...\Zoho Assist) (Version: 111.0.3.98 - Zoho Corporation)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.8.1165.0_x64__rz1tebttyb220 [2021-07-24] (Dolby Laboratories)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6 [2021-07-24] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-04] (Microsoft Studios) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-15] (Microsoft Corporation)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2018-12-21] (Adobe Systems Incorporated)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-06-29] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers1: [SimpleShlExt] -> [CC]{45203D3B-3D73-4497-8AFE-D29950AC6C55} => -> No File
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2019-09-12] (IObit Information Technology -> IObit)
ContextMenuHandlers3: [ACShell] -> {D3F9A525-8824-497A-BE36-B23E22F141FC} => C:\Program Files\Attribute Changer\acshell.dll [2020-01-04] (Romain Petges) [File not signed]
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-06-29] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2019-09-12] (IObit Information Technology -> IObit)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Public\Desktop\PB Accessory Store.lnk -> C:\Program Files\PB Accessory Store\StartURL.exe () -> hxxp://store.packardbell.com/Store/ASUK?utm_source=Icons&utm_medium=Link&utm_campaign=PB%2BInternal

==================== Loaded Modules (Whitelisted) =============

2013-07-23 09:32 - 2009-08-25 02:53 - 000141312 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\Facebook.dll
2013-07-23 09:32 - 2009-04-24 17:56 - 000081920 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\Interop.iTunesLib.dll
2013-07-23 09:32 - 2002-11-12 01:08 - 000049152 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\Interop.WIA.dll
2013-07-23 09:32 - 2009-04-24 17:56 - 000344064 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\Interop.WMPLib.dll
2013-07-23 09:32 - 2009-08-25 03:08 - 001049088 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\mediaPlayer.dll
2013-07-23 09:32 - 2009-08-25 03:08 - 000016384 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\MTGesture.dll
2013-07-23 09:32 - 2009-08-25 03:08 - 000014336 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\MusicRemorting.dll
2013-07-23 09:32 - 2009-08-25 02:44 - 000015872 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\PhotoListViewControl.dll
2013-07-23 09:32 - 2009-08-17 02:27 - 000013312 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\Remoting.dll
2013-07-23 09:32 - 2009-08-25 02:42 - 000087552 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\SharingDevice.dll
2013-07-23 09:32 - 2009-08-25 02:59 - 000017408 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\SNSDraggableListView.dll
2013-07-23 09:32 - 2009-08-12 08:18 - 000028672 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\SNSFacebook.dll
2013-07-23 09:32 - 2009-08-12 08:18 - 000033280 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\SNSFlickr.dll
2013-07-23 09:32 - 2009-08-25 02:59 - 000156672 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\SNSGadget.dll
2013-07-23 09:32 - 2009-08-12 08:18 - 000036864 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\SNSService.dll
2013-07-23 09:32 - 2009-08-12 08:18 - 000076800 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\SNSStack.dll
2013-07-23 09:32 - 2009-08-17 09:06 - 000013824 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\XMLStorage.dll
2013-07-23 09:32 - 2009-09-28 17:41 - 000033280 _____ (Acer Corp.) [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\AcerTouchPortalLib.dll
2013-07-23 09:32 - 2009-08-25 02:42 - 000175616 _____ (Acer Inc.) [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\Memo_Lib.dll
2013-07-23 09:32 - 2009-08-17 01:18 - 000137728 _____ (Acer) [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\AlbumControlLibrary.dll
2013-07-23 09:32 - 2009-08-25 03:08 - 001225728 _____ (acer) [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\MusicSelectBarControl.dll
2013-07-23 09:32 - 2009-08-25 02:44 - 000093696 _____ (acer) [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\PhotoControl.dll
2013-07-23 09:32 - 2009-08-25 02:44 - 000060928 _____ (acer) [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\PhotoSelectBarControl.dll
2013-07-23 09:32 - 2009-08-17 07:45 - 000013312 _____ (Acer) [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\RSACryptor.dll
2009-09-14 22:36 - 2009-09-14 22:36 - 001056352 ____N (CyberLink -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\CyberLink\YouCam\MFC71U.DLL
2009-09-14 22:36 - 2009-09-14 22:36 - 000506976 ____N (CyberLink -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\CyberLink\YouCam\MSVCP71.dll
2009-09-14 22:36 - 2009-09-14 22:36 - 000351328 ____N (CyberLink -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\CyberLink\YouCam\MSVCR71.dll
2020-08-01 12:27 - 2020-08-01 12:27 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2020-08-01 12:27 - 2020-08-01 12:27 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
2020-08-01 12:27 - 2020-08-01 12:27 - 000065536 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vcomp.dll
2013-07-23 09:32 - 2009-08-14 20:33 - 000090112 _____ (Microsoft) [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\Microsoft.WindowsAPICodePack.dll
2013-07-23 09:32 - 2009-08-15 14:07 - 000508416 _____ (Microsoft) [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\Microsoft.WindowsAPICodePack.Shell.dll
2013-07-23 09:32 - 2009-08-25 02:44 - 000033792 _____ (Microsoft) [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\PhotoMitsuControl.dll
2013-07-23 09:32 - 2009-08-25 02:44 - 000016384 _____ (Microsoft) [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\ShareUtilityLib.dll
2013-07-23 09:32 - 2009-09-28 17:41 - 000042496 _____ (Microsoft) [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\TouchMitsuBookControl.dll
2013-07-23 09:32 - 2009-05-26 20:57 - 000051200 _____ (Microsoft) [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\Windows7.Multitouch.dll
2013-07-23 09:32 - 2009-05-26 21:29 - 000008704 _____ (Microsoft) [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\Windows7.Multitouch.WPF.dll
2013-07-23 09:32 - 2009-06-29 19:08 - 000167936 _____ (Sam Judson) [File not signed] [File is in use] C:\Program Files (x86)\Packard Bell\Packard Bell Touch Suite\FlickrNet.dll
2018-11-28 12:09 - 2012-11-12 16:15 - 000558592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
2018-11-28 12:09 - 2012-10-22 18:19 - 000219648 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enpres.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SDCSSCPS => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1663276179-2122725057-4209459169-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1663276179-2122725057-4209459169-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0809&m=onetwo_l5710&r=173606180400p0437y145y44211531
SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
SearchScopes: HKU\S-1-5-21-1663276179-2122725057-4209459169-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_enGB802
SearchScopes: HKU\S-1-5-21-1663276179-2122725057-4209459169-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_enGB802
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-06-23] (Google Inc -> Google Inc.)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-02-05] (McAfee, Inc. -> McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\ssv.dll [2021-08-03] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2018-06-23] (Google Inc -> Google Inc.)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-02-05] (McAfee, Inc. -> McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_301\bin\jp2ssv.dll [2021-08-03] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-06-23] (Google Inc -> Google Inc.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2018-06-23] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Toolbar: HKU\S-1-5-21-1663276179-2122725057-4209459169-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2018-06-23] (Google Inc -> Google Inc.)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2019-01-25] (Belarc, Inc. -> Belarc, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2021-06-29] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2021-06-29] (McAfee, LLC -> McAfee, LLC)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2021-06-30 17:46 - 000000852 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\AOMEI
HKU\S-1-5-21-1663276179-2122725057-4209459169-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img1.jpg
HKU\S-1-5-21-1663276179-2122725057-4209459169-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Block)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: Backupper Service => 2
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "TVEService"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM Tray Agent"
HKLM\...\StartupApproved\Run32: => "FUFAXSTM"
HKLM\...\StartupApproved\Run32: => "FUFAXRCV"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKU\S-1-5-21-1663276179-2122725057-4209459169-1000\...\StartupApproved\Run: => "swg"
HKU\S-1-5-21-1663276179-2122725057-4209459169-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1663276179-2122725057-4209459169-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1663276179-2122725057-4209459169-1000\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-1663276179-2122725057-4209459169-1000\...\StartupApproved\Run: => "EPLTarget\P0000000000000001"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B44506F1-9F00-47A0-81FE-3C1F2807A76F}] => (Allow) C:\Program Files (x86)\AOMEI\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [{72337E6C-63F1-4798-8FC6-829A06C9BBDE}] => (Allow) C:\Program Files (x86)\AOMEI\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [{FBC1FCD8-A702-4565-BE8B-24E2CE4BE1CC}] => (Allow) C:\Program Files (x86)\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{11B61597-6605-4721-840A-6F99315F3912}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{AC29D9B8-9764-4DD2-BC51-10451D5FE60C}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{3C643F04-14D0-4A5E-BAB8-60119D1EDB69}] => (Allow) C:\Program Files (x86)\AOMEI\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [{EBD87870-188E-4663-89EA-A175D30C2133}] => (Allow) C:\Program Files (x86)\AOMEI\ABService.exe (AOMEI International Network Limited -> AOMEI International Network Limited)
FirewallRules: [{96EABF42-A79A-4CBA-BC9E-8EF1110AEAF2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3D4B9210-001C-42B0-BDA7-85573885ACE1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7EFFD7B9-93BD-4BB9-856C-68726B18B577}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FF607EC2-0EAA-46AA-9722-BFB3ADAF0A4C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F8FC8007-CBAA-4791-A7B4-0D95B8409011}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D7011FFF-3B90-413E-8C0E-DD2414EEF7C3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5E09C2C3-91E0-4798-BADD-0BE4F19964D7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

==================== Restore Points =========================

08-08-2021 01:33:50

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/10/2021 07:02:48 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (08/10/2021 03:17:16 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (08/10/2021 01:22:13 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (08/10/2021 01:22:13 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (08/10/2021 09:34:28 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (08/10/2021 09:23:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TVECapSvc.exe, version: 2.0.6624.1555, time stamp: 0x4a41dca8
Faulting module name: OLEAUT32.dll, version: 10.0.19041.985, time stamp: 0xfc8f0d5b
Exception code: 0xc0000005
Fault offset: 0x0001ea87
Faulting process ID: 0xfc0
Faulting application start time: 0x01d78dc0df54dd30
Faulting application path: C:\Program Files (x86)\CyberLink\TV Enhance\Kernel\TV\TVECapSvc.exe
Faulting module path: C:\WINDOWS\System32\OLEAUT32.dll
Report ID: 64b7b890-59dc-4a4e-9e2f-3d85003ea202
Faulting package full name:
Faulting package-relative application ID:

Error: (08/09/2021 05:49:07 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (08/09/2021 11:58:06 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimiser couldn't complete retrim on DATA (D:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)


System errors:
=============
Error: (08/10/2021 09:51:07 PM) (Source: DCOM) (EventID: 10029) (User: NT AUTHORITY)
Description: The activation of the CLSID {4991D34B-80A1-4291-83B6-3328366B9097} timed out waiting for the service BITS to stop.

Error: (08/10/2021 09:47:05 PM) (Source: DCOM) (EventID: 10029) (User: NT AUTHORITY)
Description: The activation of the CLSID {4991D34B-80A1-4291-83B6-3328366B9097} timed out waiting for the service BITS to stop.

Error: (08/10/2021 09:43:03 PM) (Source: DCOM) (EventID: 10029) (User: NT AUTHORITY)
Description: The activation of the CLSID {4991D34B-80A1-4291-83B6-3328366B9097} timed out waiting for the service BITS to stop.

Error: (08/10/2021 09:39:02 PM) (Source: DCOM) (EventID: 10029) (User: USER-PC)
Description: The activation of the CLSID {4991D34B-80A1-4291-83B6-3328366B9097} timed out waiting for the service BITS to stop.

Error: (08/10/2021 09:35:00 PM) (Source: DCOM) (EventID: 10029) (User: NT AUTHORITY)
Description: The activation of the CLSID {4991D34B-80A1-4291-83B6-3328366B9097} timed out waiting for the service BITS to stop.

Error: (08/10/2021 06:51:35 PM) (Source: DCOM) (EventID: 10010) (User: USER-PC)
Description: The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register with DCOM within the required timeout.

Error: (08/10/2021 03:29:04 PM) (Source: DCOM) (EventID: 10010) (User: USER-PC)
Description: The server {4991D34B-80A1-4291-83B6-3328366B9097} did not register with DCOM within the required timeout.

Error: (08/10/2021 03:27:06 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Background Intelligent Transfer Service service terminated with the following service-specific error:
%%2388525606


Windows Defender:
================
Date: 2021-07-02 10:23:45
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-07-02 09:45:02
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-09 17:52:38
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-09 17:12:39
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-02-09 11:39:29
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-11-17 20:09:42
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.325.1508.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17500.4
Error code: 0x80070102
Error description: The wait operation timed out.

CodeIntegrity:
===============
Date: 2021-08-10 21:35:54
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\mfevtps.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: Phoenix P01-B0 11/30/2009
Motherboard: Packard Bell ONETWO L5710
Processor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz
Percentage of memory in use: 69%
Total physical RAM: 4093.42 MB
Available physical RAM: 1228.37 MB
Total Virtual: 8118.68 MB
Available Virtual: 3059.45 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:688.08 GB) (Free:471.34 GB) NTFS
Drive d: (DATA) (Fixed) (Total:688.08 GB) (Free:675.92 GB) NTFS

\\?\Volume{69e26ecf-74c3-11e8-8998-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{69e26ece-74c3-11e8-8998-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:21 GB) (Free:10.51 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1397.3 GB) (Disk ID: 0AB06485)
Partition 1: (Not Active) - (Size=21 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=688.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=688.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================
 
Threads merged.

While you are receiving help from one of the experts, you can paste any requested logs in the same thread.
 
Hello, tonyabacus..! I will analyze and review your logs ..! This may take some time ..!When I am ready I will give you an answer ..! Thanks..! :-)
 
Hello, tonyabacus..!

Uninstall programs (Optimizers/Cleaners/Boosters )

We do not recomment these programs. It is your computer and certainly your choice. However, please consider that with registry cleaners and system optimization software programs, the potential is ever present to cause more problems than they claim to fix. You have these programs installed in your computer, and I strongly recommend you to uninstall them.
  • Press the Windows Key + R.
  • Type appwiz.cpl in the Run box and click OK.
  • The Add/Remove Programs list will open. Locate the following programs on the list:
Code: 
IObit Software Updater
Smart Defrag
System Mechanic

  • Select the above programs, one by one, and click Uninstall.
  • Restart the computer.



After that, I will need fresh FRST logs.


Fresh FRST logs

  • Double-click on the FRST icon to run it, as you did before. When the tool opens click Yes to disclaimer.
  • Press Scan button and wait for a while.
  • The scanner will produced two logs on your Desktop: FRST.txt and Addition.txt.
  • Please attach the content of these two logs in your next reply.
 
You must log in or register to reply here.

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top