Windows Defender not detecting malware??

Okay I have to retype this again because it timed out after submitting it the first time….

 

Hi and thank you for helping me fix my laptop of doom… A few months ago I started having problems with updating windows, some would update others would not, then BSOD would appear and so I learned that my memory was bad so went ahead and swapped that out a few days ago. Now the BSOD has stopped but I still cannot update windows, it will get to 7%, restart, undo changes, restart then go to the login screen. I’ve tried a bunch of command prompts etc to get this fixed to to avail. 

 

I tried to clear the windows update download path in regedit but could not locate 

HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsWindowsUpdate 

 

I also have a LOT of critical errors and warnings when I view “All problem Reports” in Security & Maint. settings. The troubleshooters in control panel do not find any errors either. 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-03-2021

Ran by Ashley (administrator) on LAPTOP-7Q3PPAK6 (HP HP Laptop 15-dy1xxx) (24-03-2021 06:45:12)

Running from C:UsersashleOneDriveDesktop

Loaded Profiles: Ashley

Platform: Windows 10 Home Version 20H2 19042.630 (X64) Language: English (United States)

Default browser: Chrome

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Adobe Inc. -> Adobe Inc.) C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonElevationManagerAdobeUpdateService.exe

(Adobe Inc. -> Adobe Inc.) C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe

(Adobe Inc. -> Adobe Systems Incorporated) C:Program Files (x86)AdobeAcrobat Reader DCReaderAdobeCollabSync.exe <2>

(Adobe Inc. -> Adobe Systems, Incorporated) C:Program Files (x86)Common FilesAdobeAdobeGCClientAGMService.exe

(Adobe Inc. -> Adobe Systems, Incorporated) C:Program Files (x86)Common FilesAdobeAdobeGCClientAGSService.exe

(Adobe Systems Incorporated) C:Program FilesWindowsAppsAdobeNotificationClient_2.0.1.8_x86__enpm4xejd91ycAdobeNotificationClient.exe

(Adobe Systems Incorporated) C:Program FilesWindowsAppsReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7rAcrobatNotificationClient.exe

(Apple Inc. -> Apple Inc.) C:Program FilesBonjourmDNSResponder.exe

(Connectify (Connectify, Inc.) -> Connectify) C:Program Files (x86)Speedifyspeedify.exe

(Connectify (Connectify, Inc.) -> Connectify) C:Program Files (x86)SpeedifySpeedifyLauncher.exe

(Connectify (Connectify, Inc.) -> Connectify) C:Program Files (x86)SpeedifySpeedifyUI.exe

(ELAN Microelectronics Corporation -> ) C:WindowsSystem32ELAN_MOC_IAP_Service.exe

(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:WindowsSystem32ETDCtrl.exe

(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:WindowsSystem32ETDService.exe

(Google LLC -> Google LLC) C:Program Files (x86)GoogleChromeApplicationchrome.exe <42>

(HP Inc. -> HP Inc.) C:WindowsSystem32DriverStoreFileRepositoryhpanalyticscomp.inf_amd64_f98b15466093b28ex64TouchpointAnalyticsClientService.exe

(HP Inc. -> HP Inc.) C:WindowsSystem32DriverStoreFileRepositoryhpcustomcapcomp.inf_amd64_5451dfef9ec90792x64AppHelperCap.exe

(HP Inc. -> HP Inc.) C:WindowsSystem32DriverStoreFileRepositoryhpcustomcapcomp.inf_amd64_5451dfef9ec90792x64NetworkCap.exe

(HP Inc. -> HP Inc.) C:WindowsSystem32DriverStoreFileRepositoryhpcustomcapcomp.inf_amd64_5451dfef9ec90792x64SysInfoCap.exe

(HP Inc.) C:Program FilesWindowsAppsAD2F1837.HPSystemEventUtility_1.1.21.0_x64__v10z8vjag6ke6SystemEventUtilityHPSystemEventUtilityHost.exe

(IDSA Production signing key 2021 -> Intel) C:Program Files (x86)IntelDriver and Support AssistantDSAService.exe

(Intel Corporation -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositorydptf_cpu.inf_amd64_21306a77b30fd6e0esif_uf.exe

(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositorydal.inf_amd64_31a8dbbf39dcdc3bjhi_service.exe

(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositorylms.inf_amd64_3ef70b9d5cc0699fLMS.exe

(Intel® pGFX 2020 -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepository21_hp_icl_dt_iigd_dch.inf_amd64_01579a078df03fe3IntelCpHDCPSvc.exe

(Intel® pGFX 2020 -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositorycui_dch.inf_amd64_1435685f32a64b64igfxCUIServiceN.exe

(Intel® pGFX 2020 -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositorycui_dch.inf_amd64_1435685f32a64b64igfxEMN.exe

(Intel® pGFX 2020 -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryigcc_dch.inf_amd64_ac82c743aa561853OneApp.IGCC.WinService.exe

(Intel® Rapid Storage Technology -> Intel Corporation) C:WindowsSystem32DriverStoreFileRepositoryiastorac.inf_amd64_86dc7f4c001ddecdRstMwService.exe

(Intuit, Inc. -> Intuit Inc.) C:Program Files (x86)Common FilesIntuitUpdate Service v4IntuitUpdateService.exe

(Logitech Inc -> ) C:Program FilesLogitechCollaborationServicesVideoRightSightAPIcrashpad_handler.exe

(Logitech Inc -> Logitech Europe S.A.) C:Program FilesLogitechCollaborationServicesVideoRightSightAPIRightSightService.exe

(Logitech Inc -> Logitech) C:Program FilesLogitechCollaborationServicesVideoServiceLayer.exe

(Logitech Inc -> Logitech) C:Program FilesLogitechLogiCapturebinServiceLogiFacecamService.exe

(Microsoft Corporation -> Microsoft Corporation) C:Program FilesCommon Filesmicrosoft sharedClickToRunOfficeClickToRun.exe

(Microsoft Corporation -> Microsoft Corporation) C:Program FilesCommon Filesmicrosoft sharedSource EngineOSE.EXE

(Microsoft Corporation -> Microsoft Corporation) C:UsersashleAppDataLocalMicrosoftBingWallpaperAppBingWallpaperApp.exe

(Microsoft Corporation -> Microsoft Corporation) C:UsersashleAppDataLocalMicrosoftOneDrive21.046.0307.0001FileCoAuth.exe

(Microsoft Corporation -> Microsoft Corporation) C:UsersashleAppDataLocalMicrosoftOneDriveOneDrive.exe

(Microsoft Corporation -> Microsoft Corporation) C:WindowsMicrosoft.NETFramework64v3.0WPFPresentationFontCache.exe

(Microsoft Corporation -> Microsoft Corporation) C:WindowsMicrosoft.NETFramework64v4.0.30319SMSvcHost.exe

(Microsoft Corporation) C:Program FilesWindowsAppsmicrosoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbweHxOutlook.exe

(Microsoft Corporation) C:Program FilesWindowsAppsmicrosoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbweHxTsr.exe

(Microsoft Corporation) C:Program FilesWindowsAppsMicrosoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbweWinStore.App.exe

(Microsoft Windows -> ) C:WindowsSystem32OpenSSHssh-agent.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsImmersiveControlPanelSystemSettings.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32CastSrv.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe <2>

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32MoUsoCoreWorker.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32oobeUserOOBEBroker.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32smartscreen.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32snmptrap.exe

(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:WindowsRtkBtManServ.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2102.4-0MsMpEng.exe

(Microsoft Windows Publisher -> Microsoft Corporation) C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2102.4-0NisSrv.exe

(NETGEAR TAIWAN CO., LTD -> ) C:Program Files (x86)NETGEARA6210NetgearSwitchUSB.exe

(NETGEAR TAIWAN CO., LTD -> NETGEAR) C:Program Files (x86)NETGEARA6210A6210.EXE

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:WindowsSystem32RtkAudUService64.exe <2>

(Sound Research Corporation -> Sound Research, Corp.) C:WindowsSystem32SECOMN64.exe

 

==================== Registry (Whitelisted) ===================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM…Run: [RtkAudUService] => C:windowsSystem32RtkAudUService64.exe [1138976 2020-08-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

HKLM…Run: [AdobeGCInvoker-1.0] => C:Program Files (x86)Common FilesAdobeAdobeGCClientAGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)

HKLM…Run: [AdobeAAMUpdater-1.0] => C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

HKLM…Run: [Restoro] => C:Program FilesRestorobinRestoroApp.ex

HKLM…Run: [Speedify] => C:Program Files (x86)SpeedifySpeedifyLauncher.exe [2175240 2021-03-19] (Connectify (Connectify, Inc.) -> Connectify)

HKLM-x32…Run: [Acrobat Assistant 8.0] => C:Program Files (x86)AdobeAcrobat DCAcrobatAcrotray.exe [5237416 2021-03-05] (Adobe Inc. -> Adobe Systems Inc.)

HKLM-x32…Run: [] => [X]

HKLM-x32…Run: [Adobe CCXProcess] => C:Program Files (x86)AdobeAdobe Creative Cloud ExperienceCCXProcess.exe [129288 2021-03-19] (Adobe Inc. -> )

HKLM-x32…Run: [Intel Driver & Support Assistant] => C:Program Files (x86)IntelDriver and Support AssistantDSATray.exe [286064 2021-01-25] (IDSA Production signing key 2021 -> Intel)

HKLM-x32…Run: [Adobe Creative Cloud] => C:Program FilesAdobeAdobe Creative CloudACCCreative Cloud.exe [779448 2021-03-19] (Adobe Inc. -> Adobe Inc.)

HKUS-1-5-21-1631848830-456654206-2620857842-1004…Run: [CCXProcess] => C:Program FilesAdobeAdobe Creative Cloud ExperienceCCXProcess.exe [680720 2021-03-19] (Adobe Inc. -> Adobe Systems Incorporated)

HKUS-1-5-21-1631848830-456654206-2620857842-1004…Run: [Adobe Acrobat Synchronizer] => C:Program Files (x86)AdobeAcrobat DCAcrobatAdobeCollabSync.exe [5536424 2021-03-05] (Adobe Inc. -> Adobe Systems Incorporated)

HKUS-1-5-21-1631848830-456654206-2620857842-1004…Run: [Adobe Reader Synchronizer] => C:Program Files (x86)AdobeAcrobat Reader DCReaderAdobeCollabSync.exe [5536424 2021-03-05] (Adobe Inc. -> Adobe Systems Incorporated)

HKUS-1-5-21-1631848830-456654206-2620857842-1004…Run: [BingWallpaperApp] => C:UsersashleAppDataLocalMicrosoftBingWallpaperAppBingWallpaperApp.exe [10948488 2021-03-11] (Microsoft Corporation -> Microsoft Corporation)

HKUS-1-5-21-1631848830-456654206-2620857842-1004…Run: [CiscoSpark] => C:UsersashleAppDataRoamingMicrosoftWindowsStart MenuProgramsWebexWebex.lnk [1521 2021-03-18] () [File not signed]

HKUS-1-5-21-1631848830-456654206-2620857842-1004…Run: [CiscoMeetingDaemon] => C:UsersashleAppDataLocalWebExciscowebexstart.exe [2689752 2021-03-11] (Cisco WebEx LLC -> Cisco Webex LLC)

HKUS-1-5-21-1631848830-456654206-2620857842-1004Control PanelDesktopSCRNSAVE.EXE -> C:windowssystem32ssText3d.scr [224768 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

HKLM…Windows x64Print ProcessorsCanon TR8500 series Print Processor: C:WindowsSystem32spoolprtprocsx64CNMPDDL.DLL [482816 2019-01-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)

HKLM…PrintMonitorsAdobe PDF Port Monitor: C:windowssystem32AdobePDF.dll [65496 2020-10-22] (Adobe Inc. -> Adobe Systems Inc)

HKLM…PrintMonitorsHP D711 Status Monitor: C:windowssystem32hpinkstsD711LM.dll [393352 2017-03-27] (Hewlett Packard -> HP Inc.)

HKLM…PrintMonitorsHP DD11 Status Monitor: C:windowssystem32hpinkstsDD11LM.dll [392192 2019-03-15] (HP Inc -> HP Inc.)

HKLMSoftwareMicrosoftActive SetupInstalled Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:Program Files (x86)GoogleChromeApplication89.0.4389.90Installerchrmstp.exe [2021-03-15] (Google LLC -> Google LLC)

Startup: C:ProgramDataMicrosoftWindowsStart MenuProgramsStartupNETGEAR A6210 Genie.lnk [2020-11-16]

ShortcutTarget: NETGEAR A6210 Genie.lnk -> C:Program Files (x86)NETGEARA6210A6210.EXE (NETGEAR TAIWAN CO., LTD -> NETGEAR)

GroupPolicy: Restriction ? <==== ATTENTION

Policies: C:ProgramDataNTUSER.pol: Restriction <==== ATTENTION

 

==================== Scheduled Tasks (Whitelisted) ============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {2102A01B-3007-41B2-8BE4-A6E7E7004377} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cleanup => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2102.4-0MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {223B306A-8EA1-4482-8019-F97A1C2982BA} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Verification => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2102.4-0MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {2F65580A-8ACA-4E0F-B77A-6B19A9ACE463} – System32TasksHewlett-PackardHP Support AssistantWarrantyChecker_TH71O4M11C => C:Program Files (x86)HPHP Support FrameworkResourcesHPWarrantyCheckHPWarrantyChecker.exe [1139032 2021-03-12] (HP Inc. -> HP Inc.)

Task: {2FCC9859-5478-4141-A37F-E8A189B6EEC6} – System32TasksHewlett-PackardHP DiagnosticsBHM2 => cmd /c start hpdiags://BHM2

Task: {34DDB762-7965-4E9B-B0AC-109F37FCA670} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Cache Maintenance => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2102.4-0MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {36DB271A-C747-4AB6-8AD6-9EFE188EDB73} – System32TasksHewlett-PackardHP DiagnosticsSmartCheckTest => cmd /c start hpdiags://SmartCheckTest

Task: {3D3BA375-2DF9-455F-85A3-4098C3E4E0F5} – System32TasksCreateExplorerShellUnelevatedTask => C:WINDOWSexplorer.exe /NOUACCHECK

Task: {50E36282-75F8-4C65-824D-C68306F0D8F7} – System32TasksMicrosoftOfficeOffice ClickToRun Service Monitor => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [23079792 2021-03-05] (Microsoft Corporation -> Microsoft Corporation)

Task: {5252D899-945A-4FF2-8DF9-FB04B0BE752F} – System32TasksHewlett-PackardHP DiagnosticsABO => cmd /c start hpdiags://ABO

Task: {5C2B9396-67F1-4540-A66E-53D8A8B30BA4} – System32TasksMicrosoftOfficeOffice Feature Updates => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [141136 2021-03-14] (Microsoft Corporation -> Microsoft Corporation)

Task: {665F6598-6E03-4AD8-9897-E5FD327BCC79} – System32TasksHewlett-PackardHP DiagnosticsLaunchUI => cmd /c start hpdiags://LaunchUI

Task: {6BC4215D-B5EB-4AC9-BF6B-8A46EDF41233} – System32TasksHewlett-PackardHP Support AssistantHP Support Assistant Update Notice => C:Program Files (x86)HPHP Support FrameworkResourcesBingPopupBingPopup.exe [553304 2020-11-14] (HP Inc. -> HP Inc.)

Task: {71DFB0FA-A8BE-4691-9589-F823B943CFA7} – System32TasksMicrosoftOfficeOffice Automatic Updates 2.0 => C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeC2RClient.exe [23079792 2021-03-05] (Microsoft Corporation -> Microsoft Corporation)

Task: {72C14479-588C-4BD2-BACF-BD7B80DDCF87} – System32TasksMicrosoftOfficeOffice Feature Updates Logon => C:Program FilesMicrosoft OfficerootOffice16sdxhelper.exe [141136 2021-03-14] (Microsoft Corporation -> Microsoft Corporation)

Task: {737D269F-D2F7-49BF-88AD-4149F1831F1A} – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156104 2020-04-03] (Google LLC -> Google LLC)

Task: {840B44E8-B754-4B12-A937-24790B579265} – System32TasksHPConsent Manager Launcher => sc start hptouchpointanalyticsservice

Task: {8A055FE7-152D-4094-8CA6-52B468484E6B} – System32TasksAdobe Acrobat Update Task => C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)

Task: {8A3C6D9E-4B15-401D-A5AA-41ED92FFB043} – System32TasksHewlett-PackardHP DiagnosticsShowUI => cmd /c start hpdiags:

Task: {8F98B849-8877-4D03-8B6D-BEDB943ED66D} – System32TasksMicrosoftOfficeOffice Subscription Maintenance => C:Program FilesMicrosoft OfficerootvfsProgramFilesCommonx64Microsoft SharedOffice16OLicenseHeartbeat.exe [1511320 2021-03-14] (Microsoft Corporation -> Microsoft Corporation)

Task: {96E8E9E4-BCA5-4750-B282-80EB53FE4B4C} – System32TasksHewlett-PackardHP DiagnosticsBHM1 => cmd /c start hpdiags://BHM1

Task: {A8B5A5C5-7EE6-48C1-86BE-309B8BE22F26} – System32TasksHewlett-PackardHP DiagnosticsBCF => cmd /c start hpdiags://BCF

Task: {B53FF31B-79B2-4986-8562-CED6EA072835} – System32TasksHewlett-PackardHP DiagnosticsBatteryStatusError => cmd /c start hpdiags://BatteryStatusError

Task: {C8765F0E-87E8-451F-ABB3-9F8850DD0986} – System32TasksHewlett-PackardHP DiagnosticsSmartCheckError => cmd /c start hpdiags://SmartCheckError

Task: {CB5CFA26-B7F1-4CFA-BC03-FCE2595C31BE} – System32TasksMicrosoftWindowsWindows DefenderWindows Defender Scheduled Scan => C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2102.4-0MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {CF8EBB63-9442-4D90-8EE9-3A15D45FAB00} – System32TasksHewlett-PackardHP DiagnosticsBatteryStatusTest => cmd /c start hpdiags://BatteryStatusTest

Task: {D18B21BE-975E-42AC-AF36-974CCFD7EF9C} – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156104 2020-04-03] (Google LLC -> Google LLC)

Task: {D24EAD90-0DA0-4EDA-8FB5-C18C8DEC35EB} – System32TasksHewlett-PackardHP Support AssistantWarrantyChecker_DeviceScan => C:Program Files (x86)HPHP Support FrameworkResourcesHPWarrantyCheckHPWarrantyChecker.exe [1139032 2021-03-12] (HP Inc. -> HP Inc.)

Task: {E96AC3E3-FCFA-4639-9ED5-6C979ACBA4A1} – System32TasksAdobeGCInvoker-1.0 => C:Program Files (x86)Common FilesAdobeAdobeGCClientAGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)

Task: {FEFD77A5-786D-4519-B957-B2D96BD8D26A} – System32TasksHewlett-PackardHP Support AssistantWarrantyChecker => C:Program Files (x86)HPHP Support FrameworkResourcesHPWarrantyCheckHPWarrantyChecker.exe [1139032 2021-03-12] (HP Inc. -> HP Inc.)

Task: {FFD232D3-78F7-4B47-BD47-FFFC2C971938} – System32TasksHewlett-PackardHP Support AssistantHP Support Solutions Framework Report => C:Program Files (x86)HPHP Support FrameworkResourcesHPSFReport.exe [135000 2020-10-03] (HP Inc. -> HP Inc.)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:windowsTasksCreateExplorerShellUnelevatedTask.job => C:windowsexplorer.exe

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

Winsock: Catalog5 08 C:Program Files (x86)BonjourmdnsNSP.dll [121704 2011-08-31] (Apple Inc. -> Apple Inc.)

Winsock: Catalog5-x64 08 C:Program FilesBonjourmdnsNSP.dll [132968 2011-08-31] (Apple Inc. -> Apple Inc.)

TcpipParameters: [DhcpNameServer] 192.168.128.1

Tcpip..Interfaces{8d625e2a-ab72-40d0-b916-a13fea6bf056}: [DhcpNameServer] 172.20.10.1

Tcpip..Interfaces{b475bf07-9b50-4de7-93c8-00cc7ef7407f}: [DhcpNameServer] 192.168.128.1

Tcpip..Interfaces{f0c1b8db-2bcd-4d74-a281-12780582d634}: [NameServer] 10.202.0.1

Tcpip..Interfaces{f13e3f71-0f24-496d-a749-3c5f45dc3ff6}: [DhcpNameServer] 192.168.128.1

HKLMSOFTWAREPoliciesMicrosoftInternet Explorer: Restriction <==== ATTENTION

 

Edge: 

=======

Edge DefaultProfile: Default

Edge Profile: C:UsersashleAppDataLocalMicrosoftEdgeUser DataDefault [2021-03-24]

 

FireFox:

========

FF HKLM…FirefoxExtensions: [[email protected]] – C:Program Files (x86)AdobeAcrobat DCAcrobatBrowserWCFirefoxExtnWebExtnsigned_extnadobe_acrobat-1.0-windows.xpi

FF Extension: (Adobe Acrobat) – C:Program Files (x86)AdobeAcrobat DCAcrobatBrowserWCFirefoxExtnWebExtnsigned_extnadobe_acrobat-1.0-windows.xpi [2020-03-05]

FF HKLM-x32…FirefoxExtensions: [[email protected]] – C:Program Files (x86)AdobeAcrobat DCAcrobatBrowserWCFirefoxExtnWebExtnsigned_extnadobe_acrobat-1.0-windows.xpi

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootOffice16NPSPWRAP.DLL [2021-03-08] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect -> C:Program Files (x86)AdobeAdobe Creative CloudUtilsnpAdobeAAMDetect64.dll [2021-03-19] (Adobe Inc. -> Adobe Systems)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:Program FilesMicrosoft OfficerootVFSProgramFilesX86Microsoft OfficeOffice16NPSPWRAP.DLL [2021-03-08] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: Adobe Acrobat -> C:Program Files (x86)AdobeAcrobat DCAcrobatAirnppdf32.dll [2021-03-05] (Adobe Inc. -> Adobe Systems Inc.)

FF Plugin-x32: Adobe Reader -> C:Program Files (x86)AdobeAcrobat Reader DCReaderAIRnppdf32.dll [2021-03-05] (Adobe Inc. -> Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:Program Files (x86)AdobeAdobe Creative CloudUtilsnpAdobeAAMDetect32.dll [2021-03-19] (Adobe Inc. -> Adobe Systems)

 

Chrome: 

=======

CHR Profile: C:UsersashleAppDataLocalGoogleChromeUser DataDefault [2021-03-24]

CHR Notifications: Default -> hxxps://celeb.tv; hxxps://chaturbate.com; hxxps://ecig-city.com; hxxps://modelcenter.livejasmin.com; hxxps://offerup.com; hxxps://web.webex.com; hxxps://www.facebook.com; hxxps://www.jerkmate.com; hxxps://www.myfreecams.com; hxxps://www.youtube.com

CHR HomePage: Default -> hxxp://www.google.com/

CHR StartupUrls: Default -> “hxxp://www.google.com/”

CHR DefaultSearchURL: Default -> hxxps://www.gstatic.com/youtube/img/branding/favicon/favicon_144x144.png

CHR Extension: (Slides) – C:UsersashleAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2020-04-03]

CHR Extension: (YouTube) – C:UsersashleAppDataLocalGoogleChromeUser DataDefaultExtensionsagimnkijcaahngcdmfeangaknmldooml [2021-03-18]

CHR Extension: (Docs) – C:UsersashleAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2020-04-03]

CHR Extension: (Google Drive) – C:UsersashleAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2020-10-24]

CHR Extension: (YouTube) – C:UsersashleAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-03]

CHR Extension: (Google Tips) – C:UsersashleAppDataLocalGoogleChromeUser DataDefaultExtensionscnhacgcmhcgppboemgoobibkhlpglejb [2020-04-05]

CHR Extension: (Adobe Acrobat) – C:UsersashleAppDataLocalGoogleChromeUser DataDefaultExtensionsefaidnbmnnnibpcajpcglclefindmkaj [2021-03-11]

CHR Extension: (Sheets) – C:UsersashleAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2020-04-03]

CHR Extension: (Kaspersky Security) – C:UsersashleAppDataLocalGoogleChromeUser DataDefaultExtensionsganjnhaighehkjnnlmaikllkkiejibfe [2020-09-23]

CHR Extension: (Google Docs Offline) – C:UsersashleAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-16]

CHR Extension: (OneNote Web Clipper) – C:UsersashleAppDataLocalGoogleChromeUser DataDefaultExtensionsgojbdfnpnhogfdgjbigejoaolejmgdhk [2020-09-29]

CHR Extension: (Pinterest Save Button) – C:UsersashleAppDataLocalGoogleChromeUser DataDefaultExtensionsgpdjojdkbbmdfjfahjcgigfpmkopogic [2021-03-17]

CHR Extension: (Kindle Cloud Reader) – C:UsersashleAppDataLocalGoogleChromeUser DataDefaultExtensionsicdipabjmbhpdkjaihfjoikhjjeneebd [2020-04-05]

CHR Extension: (Grammarly for Chrome) – C:UsersashleAppDataLocalGoogleChromeUser DataDefaultExtensionskbfnbcaeplbcioakkpcpgfkobkghlhen [2021-03-24]

CHR Extension: (My Study Life) – C:UsersashleAppDataLocalGoogleChromeUser DataDefaultExtensionsmnjdjjiobjicmlhnjlogfgbibihjhkeo [2020-04-05]

CHR Extension: (Office) – C:UsersashleAppDataLocalGoogleChromeUser DataDefaultExtensionsndjpnladcallmjemlbaebfadecfhkepb [2021-02-16]

CHR Extension: (MyFreeCams Flash Enabler) – C:UsersashleAppDataLocalGoogleChromeUser DataDefaultExtensionsnlmddcogekenbhipfficilblmbmmpoek [2020-04-05]

CHR Extension: (Chrome Web Store Payments) – C:UsersashleAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-02-04]

CHR Extension: (Gmail) – C:UsersashleAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]

CHR Extension: (Chrome Media Router) – C:UsersashleAppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-14]

CHR Extension: (Lovense Extension) – C:UsersashleDownloads [2021-03-24]

CHR Profile: C:UsersashleAppDataLocalGoogleChromeUser DataSystem Profile [2020-11-16]

CHR HKUS-1-5-21-1631848830-456654206-2620857842-1004SOFTWAREGoogleChromeExtensions…ChromeExtension: [cflanjgoamglnnocilcllegbbbfogfjc]

CHR HKLM-x32…ChromeExtension: [efaidnbmnnnibpcajpcglclefindmkaj]

 

==================== Services (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AdobeARMservice; C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)

R2 AdobeUpdateService; C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonElevationManagerAdobeUpdateService.exe [842424 2021-03-19] (Adobe Inc. -> Adobe Inc.)

R2 AGMService; C:Program Files (x86)Common FilesAdobeAdobeGCClientAGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)

R2 AGSService; C:Program Files (x86)Common FilesAdobeAdobeGCClientAGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)

R2 ClickToRunSvc; C:Program FilesCommon FilesMicrosoft SharedClickToRunOfficeClickToRun.exe [8988552 2021-03-05] (Microsoft Corporation -> Microsoft Corporation)

S3 Connectify; C:Program Files (x86)ConnectifyConnectifyService.exe [276480 2020-11-23] (Connectify (Connectify, Inc.) -> Connectify)

R2 HPAppHelperCap; C:windowsSystem32DriverStoreFileRepositoryhpcustomcapcomp.inf_amd64_5451dfef9ec90792x64AppHelperCap.exe [729608 2021-03-02] (HP Inc. -> HP Inc.)

R2 HPNetworkCap; C:windowsSystem32DriverStoreFileRepositoryhpcustomcapcomp.inf_amd64_5451dfef9ec90792x64NetworkCap.exe [728568 2021-03-02] (HP Inc. -> HP Inc.)

S3 hpqcaslwmiex; C:Program Files (x86)HPSharedhpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)

R2 HPSysInfoCap; C:windowsSystem32DriverStoreFileRepositoryhpcustomcapcomp.inf_amd64_5451dfef9ec90792x64SysInfoCap.exe [729080 2021-03-02] (HP Inc. -> HP Inc.)

R2 HpTouchpointAnalyticsService; C:windowsSystem32DriverStoreFileRepositoryhpanalyticscomp.inf_amd64_f98b15466093b28ex64TouchpointAnalyticsClientService.exe [479504 2021-01-06] (HP Inc. -> HP Inc.)

R2 LogiFacecamService; C:Program FilesLogitechLogiCapturebinServiceLogiFacecamService.exe [498576 2021-02-04] (Logitech Inc -> Logitech)

R2 nebula; C:Program FilesLogitechCollaborationServicesVideoServiceLayer.exe [4489352 2019-06-12] (Logitech Inc -> Logitech)

R2 NetgearSwitchUSB; C:Program Files (x86)NETGEARA6210NetgearSwitchUSB.exe [192232 2015-09-17] (NETGEAR TAIWAN CO., LTD -> )

S3 RestoroActiveProtection; C:Program FilesRestorobinRestoroProtection.exe [9310216 2021-02-07] (Restoro Ltd -> Restoro)

R2 Speedify; C:Program Files (x86)SpeedifySpeedify.exe [5317384 2021-03-19] (Connectify (Connectify, Inc.) -> Connectify)

R3 WdNisSvc; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2102.4-0NisSrv.exe [2483616 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 WinDefend; C:ProgramDataMicrosoftWindows DefenderPlatform4.18.2102.4-0MsMpEng.exe [128376 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)

S4 ElevationService; C:Program Files (x86)WondershareWondershare MirrorGoElevationService.exe [X]

S2 HP Comm Recover; “C:Program FilesHPCommRecoveryHPCommRecovery.exe” [X]

S4 Wondershare InstallAssist; C:ProgramDataWondershareServiceInstallAssistService.exe [X]

S4 WsDrvInst; C:Program Files (x86)WondersharedrfoneAddinsRepairDriverInstall.exe [X]

 

===================== Drivers (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 A6100; C:windowsSystem32driversA6100.sys [7957584 2020-05-09] (NETGEAR TAIWAN CO., LTD -> Realtek Semiconductor Corporation)

R3 A6210; C:windowssystem32DRIVERSA6210.sys [2259016 2020-05-10] (NETGEAR TAIWAN CO., LTD -> MediaTek Inc.)

S3 CH341SER_A64; C:windowsSystem32DriversCH341S64.SYS [59904 2015-01-26] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)

R1 cnnctfy4; C:windowssystem32DRIVERScnnctfy4.sys [50528 2021-03-15] (Connectify (Connectify, Inc.) -> Connectify)

R3 HPCustomCapDriver; C:windowsSystem32DriverStoreFileRepositoryhpcustomcapdriver.inf_amd64_1f5602eb8a12ac4cx64hpcustomcapdriver.sys [25024 2019-04-18] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)

R3 iaLPSS2_I2C_ICL; C:windowsSystem32DriverStoreFileRepositoryialpss2_i2c_icl.inf_amd64_c8c0638291b9b209iaLPSS2_I2C_ICL.sys [200456 2020-04-28] (Intel Corporation -> Intel Corporation)

R3 MpKslb9faecb6; C:ProgramDataMicrosoftWindows DefenderDefinition Updates{4A61330C-B004-4EAE-86F7-5877631D4745}MpKslDrv.sys [90360 2021-03-24] (Microsoft Windows -> Microsoft Corporation)

R3 scaudio; C:windowsSystem32driversscaudio.sys [54792 2020-05-25] (Brandmeister LLC -> )

S3 SnapCameraVirtualDevice; C:windowsSystem32driversSnapCameraVirtualDevice.sys [2800232 2020-03-21] (Snap Inc. -> Windows ® Win 7 DDK provider)

R3 splitcam_hd_driver; C:windowsSystem32driverssplitcam_hd_driver.sys [38000 2020-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)

S3 ssudqcfilter; C:windowsSystem32driversssudqcfilter.sys [64872 2019-09-26] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)

R3 tap0901cn; C:windowsSystem32driverstap0901cn.sys [47448 2020-07-09] (Connectify (Connectify, Inc.) -> The OpenVPN Project)

S0 WdBoot; C:windowsSystem32driverswdWdBoot.sys [49560 2021-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

R0 WdFilter; C:windowsSystem32driverswdWdFilter.sys [420072 2021-03-15] (Microsoft Windows -> Microsoft Corporation)

R3 WdNisDrv; C:windowsSystem32driverswdWdNisDrv.sys [72952 2021-03-15] (Microsoft Windows -> Microsoft Corporation)

R3 WirelessButtonDriver64; C:windowsSystem32driversWirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)

U3 aspnet_state; no ImagePath

S3 dg_ssudbus; SystemRootSystem32driversssudbus.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One month (created) (Whitelisted) =========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-03-24 06:44 – 2021-03-24 06:45 – 000000000 ____D C:FRST

2021-03-24 03:18 – 2021-03-24 03:18 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSpeedify

2021-03-23 02:19 – 2021-03-23 02:19 – 002743356 _____ C:windowsMinidump