This topic is locked
Hi.
This morning I turned on my Windows 10 laptop and Windows Command Processor popped up requesting permission. I closed it without granting permission.
I googled the issue and found several posts mentioning malware, so here I am.
One other thing — not sure if its related — occasionally, multiple error messages pop up saying something like "another instance of Acrobat Distiller is already running". Sometimes it's just a dozen or so popups and I just close them and that's that. Other times they might keep popping up infinitely. I try to close them, but they just keep coming up faster than I can close them. I end up having to force my PC to shut down and reboot to solve it.
Posting the FRST logs below. Thanks!
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-05-2021
Ran by adi (administrator) on ADI-SAGER-NP815 (Notebook P65xRP) (16-05-2021 11:25:25)
Running from C:\Users\adi\Desktop
Loaded Profiles: adi
Platform: Windows 10 Home Version 20H2 19042.985 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(Adobe Inc. -> Adobe Incorporated) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\RemoteComponents\UPI\ExManCoreLib\AdobeExtensionsService.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Inc. -> Adobe Systems Incorporated.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrodist.exe <4>
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(ALCPU -> ALCPU) C:\Program Files\Core Temp\Core Temp.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB5\Sound Blaster X-Fi MB5\SBXFIMB5.exe
(Dominik Levitsky Studio, LLC -> Dominik Levitsky Studio, LLC) C:\Users\adi\AppData\Local\Programs\FontBase\FontBase.exe <4>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\122.4.4867\QtWebEngineProcess.exe <3>
(Focusrite Audio Engineering, Ltd.) [File not signed] C:\Program Files\FocusriteUSB\Focusrite Notifier.exe
(Foxit Software Incorporated -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <20>
(GoPro, Inc. -> ) C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
(GoPro, Inc. -> ) C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\IntelCpHDCPSvc.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel® Software -> Intel® Corporation) C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe
(Intel® Software Development Products -> ) C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Mark of the Unicorn, Inc -> MOTU) C:\Program Files (x86)\MOTU\CoreUAC\MOTUMSeries.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\adi\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20122.11121.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Insyde Software Corp.) C:\Program Files (x86)\Hotkey\Driver\x64\HKClipSvc.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe
(Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareAccessibilityHelper.exe
(Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe
(Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Red Giant LLC -> Red Giant LLC) C:\Program Files\Red Giant\Services\Red Giant Service.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics) C:\ProgramData\Samsung Apps\Portable SSD\SamsungPortableSSDMon.exe
(SecureW2 -> SecureW2 B.V.) C:\Program Files (x86)\SecureW2\sw2_tray.exe
(ShareX Team) [File not signed] C:\Program Files\ShareX\ShareX.exe
(Shrew Soft Inc -> ) C:\Program Files\ShrewSoft\VPN Client\iked.exe
(Shrew Soft Inc -> ) C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(Steven Mayall) [File not signed] C:\Users\adi\OneDrive\MusicBee\MusicBee.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18378208 2017-06-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-01] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\MBCfg64.dll [41088 2014-02-21] (Creative Technology Ltd -> Creative Technology Ltd.)
HKLM\...\Run: [GoPro Tray App] => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [866224 2016-10-11] (GoPro, Inc. -> )
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Focusrite Notifier] => C:\Program Files\FocusriteUSB\Focusrite Notifier.exe [5029376 2020-06-02] (Focusrite Audio Engineering, Ltd.) [File not signed]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [MOTUMSeries.exe] => C:\Program Files (x86)\MOTU\CoreUAC\MOTUMSeries.exe [239736 2021-03-26] (Mark of the Unicorn, Inc -> MOTU)
HKLM-x32\...\Run: [Sound Blaster X-Fi MB5] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB5\Sound Blaster X-Fi MB5\SBXFIMB5.exe [871936 2016-06-15] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [File not signed]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [8172264 2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [779448 2021-05-12] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [SecureW2 Tray] => C:\Program Files (x86)\SecureW2\sw2_tray.exe [272200 2017-04-01] (SecureW2 -> SecureW2 B.V.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [271496 2017-11-02] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-02-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5237432 2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1669368 2020-11-19] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-884149921-2065793029-3257327610-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [11219376 2020-12-25] (Support.com Inc -> SUPERAntiSpyware)
HKU\S-1-5-21-884149921-2065793029-3257327610-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [680728 2021-05-05] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-884149921-2065793029-3257327610-1001\...\Run: [electron.app.FontBase] => C:\Users\adi\AppData\Local\Programs\FontBase\FontBase.exe [131458184 2021-04-22] (Dominik Levitsky Studio, LLC -> Dominik Levitsky Studio, LLC)
HKU\S-1-5-21-884149921-2065793029-3257327610-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [109961080 2021-04-23] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-884149921-2065793029-3257327610-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [277688 2021-03-31] (TEFINCOM S.A. -> TEFINCOM S.A.)
HKU\S-1-5-21-884149921-2065793029-3257327610-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5536440 2021-04-27] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-884149921-2065793029-3257327610-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-884149921-2065793029-3257327610-1001\...\Run: [GoogleChromeAutoLaunch_07E978E6F2BBB4AB0BC801F515EC9ED3] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKLM\...\Windows x64\Print Processors\Canon TS6300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDFQ.DLL [509952 2019-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65496 2021-02-02] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS6300 series: C:\Windows\system32\CNMLMFQ.DLL [940032 2019-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP 7212 Status Monitor: C:\Windows\system32\hpinksts7212LM.dll [336904 2014-07-15] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\...\Print\Monitors\MONVNC: C:\Windows\system32\VNCpm.dll [37704 2017-05-19] (RealVNC Ltd -> RealVNC Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-12] (Google LLC -> Google LLC)
Startup: C:\Users\adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\REAPER (x64).lnk [2016-10-17]
ShortcutTarget: REAPER (x64).lnk -> C:\Program Files\REAPER (x64)\reaper.exe (Cockos Incorporated -> Cockos Incorporated)
Startup: C:\Users\adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2018-06-26]
ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2021-03-17] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NIHardwareAccessibilityHelper.exe.lnk [2021-05-08]
ShortcutTarget: NIHardwareAccessibilityHelper.exe.lnk -> C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareAccessibilityHelper.exe (Native Instruments GmbH -> Native Instruments GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NotificationTool.lnk [2020-03-17]
ShortcutTarget: NotificationTool.lnk -> C:\Program Files (x86)\Canon\hdAlbum EZ\NotificationTool.exe (Canon Inc. -> CANON INC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NTKDaemon.lnk [2021-05-08]
ShortcutTarget: NTKDaemon.lnk -> C:\Program Files\Common Files\Native Instruments\NTK\NTKDaemon.exe (Native Instruments GmbH -> Native Instruments GmbH)
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0BCC5260-9A56-44FE-93DD-2C695686C3CC} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [572808 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0ED6B4DC-1B10-4021-9EF7-D211C17B15E7} - System32\Tasks\update-S-1-5-21-884149921-2065793029-3257327610-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {22F2CFAF-54BE-4118-B7A3-7472D78BEA03} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3724680 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2A79E818-FBC7-4F42-A9D9-367DC66CEA93} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2C8BF2A6-2805-4280-9E31-ED611AEBA9D8} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3EB9C998-FE96-460C-AC28-F3FFB6E0624B} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [8906097 2017-10-01] () [File not signed]
Task: {4651E58D-A552-47BD-B28F-79A728C8E251} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5174C6D2-5698-4A7A-87DB-7102203AE592} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {5C15533D-EADC-4C58-94D4-D80AEB769C16} - System32\Tasks\Core Temp Autostart adi => C:\Program Files\Core Temp\Core Temp.exe [1031512 2021-04-01] (ALCPU -> ALCPU)
Task: {5E9DC04A-2971-4D85-AA35-BBC137944873} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {69C8F1A7-A15F-44C8-A1EE-6DBCC06E327B} - System32\Tasks\G2MUpdateTask-S-1-5-21-884149921-2065793029-3257327610-1001 => C:\Users\adi\AppData\Local\GoToMeeting\19598\g2mupdate.exe [31320 2021-04-06] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {6E46AFF3-57C2-428A-8146-B1A0C00A6A1A} - System32\Tasks\G2MUploadTask-S-1-5-21-884149921-2065793029-3257327610-1001 => C:\Users\adi\AppData\Local\GoToMeeting\19598\g2mupload.exe [31320 2021-04-06] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {729D9C1F-1CA6-4523-B7F3-CCB4555FF5AC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {72E6BDBA-196D-4481-A45A-B7EEB13DD79E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [702856 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7C7FACA0-0372-4957-B99A-08EE3752F2F8} - System32\Tasks\Samsung_PSSD_Registration => C:\ProgramData\Samsung Apps\Portable SSD\SamsungPortableSSDMon.exe [775624 2017-05-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics)
Task: {7FEE5859-8A4A-47FD-A47D-966619876F44} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1741576 2016-03-17] (Intel® Software -> Intel Corporation)
Task: {86C6CB61-A780-4705-9AB7-0263EB845757} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [841096 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8A4671DD-76B1-492C-A260-03FD318CCF7E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {91CB1EDC-9453-4EC7-A81F-BB0445F5A865} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {97319470-700A-48EE-8B24-C4E39FAD6F3B} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {9E9804BC-E9C4-486B-BF3A-FD1BA5C55216} - System32\Tasks\AdobeAAMUpdater-1.0-ADI-SAGER-NP815-adi => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {A41481F8-DC44-4DC8-BB45-5193ABE80B4B} - System32\Tasks\SecureW2 Task => C:\Program Files (x86)\SecureW2\sw2_tray.exe [272200 2017-04-01] (SecureW2 -> SecureW2 B.V.)
Task: {A44BB0C9-12EA-4457-897B-59A93DD7214F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {A8A6EC50-3DCA-4546-BA48-528CCB70A456} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-06] (Google Inc -> Google Inc.)
Task: {AB1707CA-B9D6-4CC2-80DC-D4BAC12A99F6} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {AE101B01-06C0-4235-90BE-86350A263F31} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-05-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {B06D27E3-7D2A-4C93-A42D-D9AEA49BD238} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B29E7BF2-F784-461E-8E51-E9B932CAEFD7} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B592B25B-2A7D-412D-81A6-CF1028E4BC72} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {BD6FEE44-BF33-4C0D-8563-CC5232AF4CF2} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {BFDE5ABC-FD46-4294-9FF0-4B1CB065A3EA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CF6E6289-558A-4089-9E69-7531A3D5CB18} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877448 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D8F36848-463F-4556-BED9-86C69020E71B} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [909112 2016-06-14] (Intel® Trusted Connect Service -> Intel® Corporation)
Task: {E0DEE545-20F7-40DE-9A97-44CCDD7D1400} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [790920 2019-01-30] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {E9DE3553-B392-4D41-A0FA-CA3AF67B0E60} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-06] (Google Inc -> Google Inc.)
Task: {EE639C2E-FAE1-4640-8F4B-543D2292F390} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F55CDAA6-4823-4BC8-A21F-D4946602CA32} - System32\Tasks\Shutdown Timer => C:\Windows\System32\shutdown.exe [28160 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-884149921-2065793029-3257327610-1001.job => C:\Users\adi\AppData\Local\GoToMeeting\19598\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-884149921-2065793029-3257327610-1001.job => C:\Users\adi\AppData\Local\GoToMeeting\19598\g2mupload.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-884149921-2065793029-3257327610-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3fe6f436-7650-4b16-a0aa-f6030e351046}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{64cd7018-885b-42af-8866-a4e533a6a5b1}: [NameServer] 10.2.51.103,10.2.51.104
Tcpip\..\Interfaces\{713192c5-b3fd-453b-bc0e-3fcebd0d6786}: [NameServer] 10.2.51.103,10.2.51.104
Tcpip\..\Interfaces\{dcc70bb8-6a97-4d78-adf8-9fc27e189e96}: [DhcpNameServer] 192.168.0.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\adi\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-16]
FireFox:
========
FF DefaultProfile: kijmnzo9.default
FF ProfilePath: C:\Users\adi\AppData\Roaming\Mozilla\Firefox\Profiles\28zhrulg.default-release [2021-05-09]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\adi\AppData\Roaming\Mozilla\Firefox\Profiles\28zhrulg.default-release\Extensions\[email protected] [2021-05-06]
FF Extension: (LastPass: Free Password Manager) - C:\Users\adi\AppData\Roaming\Mozilla\Firefox\Profiles\28zhrulg.default-release\Extensions\[email protected] [2021-05-06]
FF Extension: (uBlock Origin) - C:\Users\adi\AppData\Roaming\Mozilla\Firefox\Profiles\28zhrulg.default-release\Extensions\[email protected] [2021-05-06]
FF ProfilePath: C:\Users\adi\AppData\Roaming\Mozilla\Firefox\Profiles\kijmnzo9.default [2021-03-05]
FF Session Restore: Mozilla\Firefox\Profiles\kijmnzo9.default -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\kijmnzo9.default -> hxxps://exodusmovement.slack.com; hxxps://app.gotowebinar.com; hxxps://calendar.google.com; hxxps://voice.google.com
FF Extension: (AdBlocker Ultimate) - C:\Users\adi\AppData\Roaming\Mozilla\Firefox\Profiles\kijmnzo9.default\Extensions\[email protected] [2020-01-10]
FF Extension: (LastPass: Free Password Manager) - C:\Users\adi\AppData\Roaming\Mozilla\Firefox\Profiles\kijmnzo9.default\Extensions\[email protected] [2020-03-23]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2018-01-05] (LastPass (Marvasol Inc) -> LastPass)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-05-12] (Adobe Inc. -> Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2016-12-08] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2016-12-08] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2016-12-08] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2016-12-08] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2018-01-05] (LastPass (Marvasol Inc) -> LastPass)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-05-12] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\adi\AppData\Local\Google\Chrome\User Data\Default [2021-05-16]
CHR Notifications: Default -> hxxps://helpx.adobe.com; hxxps://voice.google.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Google Translate) - C:\Users\adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-19]
CHR Extension: (Slides) - C:\Users\adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-05]
CHR Extension: (YouTube) - C:\Users\adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-06]
CHR Extension: (Honey) - C:\Users\adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2021-05-13]
CHR Extension: (Advanced Font Settings) - C:\Users\adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\caclkomlalccbpcdllchkeecicepbmbm [2016-10-14]
CHR Extension: (Google News) - C:\Users\adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2019-11-12]
CHR Extension: (Google Tasks) - C:\Users\adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmglolhoplikcoamfgjgammjbgchgjdd [2018-11-01]
CHR Extension: (Google Keep) - C:\Users\adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\eilembjdkfgodjkcjnpgpaenohkicgjd [2021-02-21]
CHR Extension: (Google Calendar) - C:\Users\adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-06]
CHR Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2021-03-20]
CHR Extension: (Sheets) - C:\Users\adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-16]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-05-02]
CHR Extension: (Google Photos) - C:\Users\adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcglmfcclpfgljeaiahehebeoaiicbko [2016-10-14]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2021-05-06]
CHR Extension: (feedly) - C:\Users\adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2017-08-15]
CHR Extension: (Auto Replay for YouTube™) - C:\Users\adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb [2019-11-26]
CHR Extension: (Window Resizer) - C:\Users\adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkelicaakdanhinjdeammmilcgefonfh [2020-03-29]
CHR Extension: (Google Maps) - C:\Users\adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-10-14]
CHR Extension: (Google Keep Chrome Extension) - C:\Users\adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2021-05-14]
CHR Extension: (Take Webpage Screenshots Entirely - FireShot) - C:\Users\adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2020-07-04]
CHR Extension: (Google Hangouts) - C:\Users\adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2020-08-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-05]
CHR Extension: (Chrome Media Router) - C:\Users\adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-24]
CHR Extension: (Password Checkup extension) - C:\Users\adi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pncabnpcffmalkkjpajodfhijclecjno [2020-09-13]
CHR Profile: C:\Users\adi\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-08-29]
CHR Profile: C:\Users\adi\AppData\Local\Google\Chrome\User Data\System Profile [2018-08-29]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842424 2021-05-12] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-13] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-13] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44272 2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
S3 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] (Intel® Software Development Products -> )
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2016-11-15] (Foxit Software Incorporated -> Foxit Software Inc.)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2016-10-11] (GoPro, Inc. -> )
R2 HKClipSvc; C:\Program Files (x86)\Hotkey\Driver\x64\HKClipSvc.exe [256480 2015-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Insyde Software Corp.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [399296 2019-11-28] (Canon Inc. -> )
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [1127736 2013-07-01] (Shrew Soft Inc -> )
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [810808 2013-07-01] (Shrew Soft Inc -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-05-16] (Malwarebytes Inc -> Malwarebytes)
R2 NIHostIntegrationAgent; C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe [18832256 2021-02-18] (Native Instruments GmbH -> Native Instruments GmbH)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [277688 2021-03-31] (TEFINCOM S.A. -> TEFINCOM S.A.)
S4 PowerBiosServer; C:\Program Files (x86)\Hotkey\HotkeyService.exe [30208 2016-08-09] (CLEVO CO.) [File not signed]
R2 Red Giant Service; C:\Program Files\Red Giant\Services\Red Giant Service.exe [5976136 2020-02-06] (Red Giant LLC -> Red Giant LLC)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] (Intel® Software Development Products -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12054872 2019-10-10] (TeamViewer GmbH -> TeamViewer GmbH)
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2018-04-09] (Reason Software Company Inc. -> Reason Software Company Inc.)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] (Intel® Software Development Products -> )
S3 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [5848656 2017-05-19] (RealVNC Ltd -> RealVNC Ltd)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-14] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AirplaneModeHid; C:\WINDOWS\system32\DRIVERS\AirplaneModeHid.sys [33496 2015-07-17] (Insyde Software Corp. -> Insyde Corporation)
R3 ALSysIO; C:\Users\adi\AppData\Local\Temp\ALSysIO64.sys [47240 2021-05-16] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION
R3 bomebus; C:\WINDOWS\System32\drivers\bomebus.sys [56376 2018-05-16] (Bome Software GmbH & Co.KG -> Bome Software GmbH & Co. KG)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 Focusriteusb; C:\WINDOWS\System32\drivers\Focusriteusb.sys [123456 2020-06-02] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
R3 FocusriteusbSwRoot; C:\WINDOWS\System32\drivers\FocusriteusbSwRoot.sys [92568 2020-06-02] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
S3 Focusriteusb_AUDIO; C:\WINDOWS\system32\drivers\FocusriteusbAudio.sys [87912 2020-06-02] (WDKTestCert builds,132265248139626354 -> Focusrite Audio Engineering Ltd.)
R0 FPWinIo; C:\WINDOWS\System32\drivers\FPWinIo.sys [23536 2014-10-07] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
R3 HKKbdFltr; C:\WINDOWS\system32\DRIVERS\HKKbdFltr.sys [51400 2015-11-26] (Insyde Software Corp. -> Insyde Software Corp.)
R3 HKMouFltr; C:\WINDOWS\system32\DRIVERS\HKMouFltr.sys [48344 2015-11-26] (Insyde Software Corp. -> Insyde Software Corp.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-04-27] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-05-16] (Malwarebytes Inc -> Malwarebytes)
R3 MOTUCoreUAC; C:\WINDOWS\System32\Drivers\MOTUCoreUAC.sys [131096 2021-03-26] (Mark of the Unicorn, Inc -> MOTU, Inc)
R3 MpKsl3ad30dbe; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7D23274D-7926-48A9-AEFC-091690B8103B}\MpKslDrv.sys [107744 2021-05-16] (Microsoft Windows -> Microsoft Corporation)
S3 NDivert; C:\WINDOWS\System32\drivers\NDivert.sys [105184 2021-02-01] (TEFINCOM S.A. -> )
R3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2020-10-24] (TEFINCOM S.A. -> WireGuard LLC)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [38608 2020-07-10] (TEFINCOM S.A. -> TEFINCOM S.A.)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SvThANSP; C:\Program Files (x86)\Hotkey\SvThANSP.sys [15224 2013-10-11] (Savitech Corp. -> Windows ® Win 7 DDK provider)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2017-05-13] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [45048 2017-04-25] (ExprsVPN LLC -> The OpenVPN Project)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-06-13] (TEFINCOM S.A. -> The OpenVPN Project)
R1 vflt; C:\WINDOWS\system32\DRIVERS\vfilter.sys [24064 2013-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Shrew Soft Inc)
S3 vnet; C:\WINDOWS\System32\drivers\virtualnet.sys [17408 2013-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Shrew Soft Inc)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [74048 2020-11-19] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-05-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-14] (Microsoft Windows -> Microsoft Corporation)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-04-19] (Zemana Ltd. -> Zemana Ltd.)
S3 MpKslac8353d8; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6F517DAC-566B-4288-B6B0-888F1E165D90}\MpKslDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-16 11:25 - 2021-05-16 11:26 - 000048859 _____ C:\Users\adi\Desktop\FRST.txt
2021-05-16 11:24 - 2021-05-16 11:26 - 000000000 ____D C:\FRST
2021-05-16 11:16 - 2021-05-16 11:16 - 002299392 _____ (Farbar) C:\Users\adi\Desktop\FRST64.exe
2021-05-16 09:45 - 2021-05-16 09:45 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-05-15 21:43 - 2021-05-15 21:43 - 000001008 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicBrainz Picard.lnk
2021-05-15 21:43 - 2021-05-15 21:43 - 000000000 ____D C:\Users\adi\AppData\Roaming\MusicBrainz
2021-05-15 21:43 - 2021-05-15 21:43 - 000000000 ____D C:\Users\adi\AppData\Local\MusicBrainz
2021-05-15 21:43 - 2021-05-15 21:43 - 000000000 ____D C:\Program Files\MusicBrainz Picard
2021-05-15 19:09 - 2021-05-15 19:09 - 000001071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2021.lnk
2021-05-13 19:53 - 2021-05-13 19:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-05-13 13:31 - 2021-05-13 13:31 - 000000341 _____ C:\Users\adi\Desktop\FORMEETING.txt
2021-05-13 10:01 - 2021-05-13 10:01 - 001445813 _____ C:\Users\adi\Desktop\f4868 Adar p1.pdf
2021-05-12 17:46 - 2021-05-12 17:46 - 001453372 _____ C:\Users\adi\Desktop\f4868 2020 p1.pdf
2021-05-12 09:12 - 2021-05-12 09:12 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-12 09:12 - 2021-05-12 09:12 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-12 09:12 - 2021-05-12 09:12 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-12 09:12 - 2021-05-12 09:12 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-12 09:12 - 2021-05-12 09:12 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-12 09:12 - 2021-05-12 09:12 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-12 09:12 - 2021-05-12 09:12 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-12 09:12 - 2021-05-12 09:12 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-12 09:12 - 2021-05-12 09:12 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-12 09:12 - 2021-05-12 09:12 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-12 09:12 - 2021-05-12 09:12 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-12 09:12 - 2021-05-12 09:12 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-12 09:04 - 2021-05-12 09:04 - 000001149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder 2021.lnk
2021-05-12 09:01 - 2021-05-12 09:01 - 000001089 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition 2021.lnk
2021-05-12 08:59 - 2021-05-12 08:59 - 000001257 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects 2021.lnk
2021-05-12 08:55 - 2021-05-12 08:55 - 000001137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2021.lnk
2021-05-11 17:25 - 2021-05-11 17:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-05-11 17:25 - 2021-05-11 17:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-05-11 17:25 - 2021-05-11 17:25 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-05-11 17:25 - 2021-05-11 17:25 - 000044272 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-05-08 23:01 - 2021-05-08 23:01 - 001276184 _____ C:\Users\adi\Desktop\screencapture-myaccount-uscis-gov-users-questions-2021-05-08-23_01_06.pdf
2021-05-08 16:02 - 2021-05-08 16:02 - 000001070 _____ C:\Users\Public\Desktop\Kontakt.lnk
2021-05-08 16:02 - 2021-05-08 16:02 - 000001070 _____ C:\ProgramData\Desktop\Kontakt.lnk
2021-05-08 16:02 - 2021-05-08 16:02 - 000000000 __HDC C:\ProgramData\{A71EF853-314A-46F6-BBED-73149F3D8B43}
2021-05-08 15:56 - 2021-05-08 15:56 - 000001164 _____ C:\Users\Public\Desktop\Komplete Kontrol.lnk
2021-05-08 15:56 - 2021-05-08 15:56 - 000001164 _____ C:\ProgramData\Desktop\Komplete Kontrol.lnk
2021-05-08 15:56 - 2021-05-08 15:56 - 000000000 __HDC C:\ProgramData\{411E17DB-5B57-4F1D-A50B-C624FDD55C04}
2021-05-08 15:55 - 2021-05-08 15:55 - 000000000 __HDC C:\ProgramData\{8BA2904A-CDA7-4C5D-930F-08C47D4AE2E1}
2021-05-08 15:55 - 2021-05-08 15:55 - 000000000 __HDC C:\ProgramData\{6945C421-BC7D-4621-AED5-084E11AE3726}
2021-05-08 15:55 - 2021-05-08 15:55 - 000000000 ____D C:\Program Files\Common Files\Steinberg
2021-05-08 15:54 - 2021-05-08 15:54 - 000001174 _____ C:\Users\Public\Desktop\Controller Editor.lnk
2021-05-08 15:54 - 2021-05-08 15:54 - 000001174 _____ C:\ProgramData\Desktop\Controller Editor.lnk
2021-05-08 15:54 - 2021-05-08 15:54 - 000000000 __HDC C:\ProgramData\{4938857D-54DB-4BDA-8E99-5E6238E20FC7}
2021-05-08 15:47 - 2021-05-08 15:47 - 000000000 __HDC C:\ProgramData\{8C4FEDD5-1BF9-48A8-82A5-765D1975BF67}
2021-05-08 15:46 - 2021-05-08 15:46 - 000000000 ____D C:\Users\Public\Documents\Expansions Selection
2021-05-08 15:46 - 2021-05-08 15:46 - 000000000 ____D C:\ProgramData\Documents\Expansions Selection
2021-05-08 15:44 - 2021-05-08 15:44 - 000000000 __HDC C:\ProgramData\{99B72EA3-D9F9-4199-AC97-D3EACEFBB031}
2021-05-08 15:44 - 2021-05-08 15:44 - 000000000 ____D C:\Users\Public\Documents\Blocks Base
2021-05-08 15:44 - 2021-05-08 15:44 - 000000000 ____D C:\ProgramData\Documents\Blocks Base
2021-05-08 15:24 - 2021-05-08 16:47 - 000000000 ____D C:\Users\adi\AppData\Roaming\com.spitfireaudio
2021-05-08 15:04 - 2021-05-08 15:04 - 000001134 _____ C:\Users\Public\Desktop\Native Access.lnk
2021-05-08 15:04 - 2021-05-08 15:04 - 000001134 _____ C:\ProgramData\Desktop\Native Access.lnk
2021-05-08 15:04 - 2021-05-08 15:04 - 000000000 __HDC C:\ProgramData\{D651086F-B9C2-4015-B429-A08BA3A77606}
2021-05-08 14:57 - 2021-05-08 14:57 - 000000000 ____D C:\Users\adi\Desktop\Ivy_Audio-Carpenter_Trombone
2021-05-08 14:06 - 2021-05-08 14:06 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-05-07 22:01 - 2021-05-07 22:01 - 000000000 ____D C:\Users\adi\AppData\Roaming\Spitfire Audio
2021-05-07 22:01 - 2021-05-07 22:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spitfire Audio
2021-05-07 22:01 - 2021-05-07 22:01 - 000000000 ____D C:\Program Files (x86)\Spitfire Audio
2021-05-07 22:00 - 2021-05-07 22:00 - 004396664 _____ (Spitfire Audio Holdings Ltd ) C:\Users\adi\Desktop\SpitfireAudioWinSetup-3.2.20.exe
2021-05-07 21:33 - 2021-05-15 19:20 - 000000000 ____D C:\Users\adi\AppData\Roaming\vital
2021-05-07 21:29 - 2021-05-07 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vital
2021-05-07 21:28 - 2021-05-07 21:29 - 000000000 ____D C:\Program Files\Vital
2021-05-07 21:27 - 2021-05-07 21:27 - 028132768 _____ ( ) C:\Users\adi\Desktop\VitalInstaller.exe
2021-05-07 10:05 - 2021-05-08 16:52 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-05-05 16:27 - 2021-05-05 16:27 - 000187980 _____ C:\Users\adi\Desktop\REFNUM_C1011791d21ef067137b54b2de.pdf
2021-05-02 22:26 - 2021-05-02 22:26 - 000000000 ____D C:\Users\adi\AppData\Local\BandLab_Singapore_Pte_Ltd
2021-04-30 22:23 - 2021-04-30 22:23 - 000000000 ____D C:\Users\adi\Documents\Reaper-Actions
2021-04-30 19:56 - 2021-04-30 19:56 - 000000000 ____D C:\Users\adi\Downloads\Cakewalk
2021-04-30 08:41 - 2021-04-30 08:41 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator 2021.lnk
2021-04-27 23:40 - 2021-05-08 00:07 - 000000809 _____ C:\Users\adi\Desktop\vst-plugins-good.txt
2021-04-27 09:14 - 2021-04-27 09:14 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-04-26 09:28 - 2021-04-26 09:28 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d71adf2fb9e6ed
2021-04-22 19:00 - 2021-04-22 19:00 - 000000000 ____D C:\Users\adi\Downloads\Toni Erdmann 2016 720p [FOXM.TO]
2021-04-22 18:57 - 2021-04-22 18:57 - 000000000 ____D C:\Users\adi\Downloads\Distant.Voices.Still.Lives.1988.1080p.BluRay.H264.AAC-RARBG
2021-04-22 18:46 - 2021-04-22 18:46 - 000000000 ____D C:\Users\adi\Downloads\Eternity and a Day (Theo Angelopoulos 1998)
2021-04-19 11:43 - 2021-04-19 11:43 - 000001033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge 2021.lnk
2021-04-19 09:53 - 2021-05-12 08:49 - 000001389 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2021-04-16 22:46 - 2021-04-16 22:46 - 003539541 _____ C:\Users\adi\Desktop\Photo-1-500016-0-Animated.mp4
2021-04-16 22:43 - 2021-04-16 22:43 - 000532438 _____ C:\Users\adi\Desktop\screencapture-myheritage-search-records-2021-04-16-22_43_25.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-16 11:27 - 2017-04-19 20:38 - 000186562 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2021-05-16 11:24 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-16 10:54 - 2019-10-02 00:39 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-05-16 10:54 - 2019-10-02 00:39 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2021-05-16 10:53 - 2017-03-17 23:59 - 000000000 ____D C:\Users\adi\AppData\Roaming\FreeFileSync
2021-05-16 10:47 - 2021-03-16 23:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-16 10:06 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-16 10:06 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-16 09:46 - 2021-03-16 23:43 - 000842414 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-16 09:46 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-16 09:41 - 2016-10-14 21:35 - 000000000 ___RD C:\Users\adi\Creative Cloud Files
2021-05-16 09:41 - 2016-09-29 14:45 - 000000000 ____D C:\ProgramData\NVIDIA
2021-05-16 09:40 - 2021-03-30 12:23 - 000000000 ____D C:\Users\adi\AppData\Roaming\FontBase
2021-05-16 09:40 - 2016-10-06 23:02 - 000000000 ___RD C:\Users\adi\OneDrive
2021-05-16 09:39 - 2021-03-16 23:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-16 09:39 - 2021-03-16 23:30 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-16 09:39 - 2017-08-20 10:27 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-05-16 09:39 - 2016-10-17 13:00 - 000000000 __SHD C:\Users\adi\IntelGraphicsProfiles
2021-05-15 23:03 - 2021-03-16 23:34 - 000000000 ____D C:\Users\adi
2021-05-15 23:03 - 2016-10-15 16:21 - 000000000 ____D C:\Users\adi\Documents\ShareX
2021-05-15 21:43 - 2019-11-21 03:24 - 000000000 ____D C:\Users\adi\AppData\Local\cache
2021-05-15 19:07 - 2020-05-04 00:57 - 000000000 ____D C:\Users\adi\AppData\Roaming\vlc
2021-05-15 19:03 - 2021-03-31 18:17 - 000000000 ____D C:\WINDOWS\Minidump
2021-05-15 19:02 - 2016-09-29 14:36 - 002433223 ____N C:\WINDOWS\Minidump\051521-12296-01.dmp
2021-05-14 21:08 - 2017-01-11 15:54 - 000002260 ____H C:\Users\adi\Documents\Default.rdp
2021-05-14 20:38 - 2019-12-07 05:50 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-05-14 14:11 - 2017-05-16 20:19 - 000000000 ____D C:\Users\adi\Desktop\_TDC
2021-05-14 08:51 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-14 08:41 - 2018-02-17 16:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-05-14 00:43 - 2019-12-07 05:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-05-14 00:40 - 2021-03-16 23:30 - 005196264 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-14 00:40 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-05-14 00:39 - 2019-12-07 05:50 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-14 00:39 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-14 00:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-14 00:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-14 00:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-14 00:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-14 00:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-14 00:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-14 00:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-14 00:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-14 00:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-14 00:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-14 00:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-14 00:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-14 00:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-14 00:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-14 00:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-14 00:39 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-13 19:53 - 2016-10-13 23:21 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-05-13 19:34 - 2020-06-20 17:32 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-13 15:56 - 2020-03-17 15:49 - 000000000 ____D C:\ProgramData\CanonIJPLM
2021-05-13 10:01 - 2021-03-05 16:16 - 000002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2021-05-13 10:01 - 2021-03-05 16:16 - 000002110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-05-12 19:01 - 2021-02-08 21:43 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-12 09:16 - 2019-12-07 05:52 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-12 09:16 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-12 09:04 - 2016-10-15 15:36 - 000000000 ____D C:\Program Files\Adobe
2021-05-12 09:02 - 2016-10-07 00:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-12 08:59 - 2016-10-17 22:35 - 000000000 ____D C:\Users\Public\Documents\Adobe
2021-05-12 08:59 - 2016-10-17 22:35 - 000000000 ____D C:\ProgramData\Documents\Adobe
2021-05-12 08:49 - 2016-10-15 15:36 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-05-12 08:49 - 2016-10-14 21:25 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-05-12 08:49 - 2016-10-07 00:00 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-10 19:02 - 2016-09-29 14:36 - 002292437 ____N C:\WINDOWS\Minidump\051021-8625-01.dmp
2021-05-09 20:16 - 2019-02-04 22:32 - 000000000 ____D C:\ProgramData\Mozilla
2021-05-09 16:24 - 2018-12-12 22:56 - 000000000 ____D C:\_Portable Software
2021-05-09 16:22 - 2017-04-06 00:12 - 000000000 ____D C:\Users\adi\AppData\LocalLow\Mozilla
2021-05-08 16:52 - 2016-10-13 23:21 - 000000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-05-08 16:52 - 2016-10-13 23:21 - 000000930 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2021-05-08 16:52 - 2016-10-13 23:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-05-08 16:44 - 2016-10-14 21:35 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-05-08 15:59 - 2020-08-03 22:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2021-05-08 15:59 - 2020-08-03 22:17 - 000000000 ____D C:\Program Files\Native Instruments
2021-05-08 15:56 - 2020-08-03 22:18 - 000000000 ____D C:\Program Files\Common Files\Native Instruments
2021-05-08 15:03 - 2020-08-03 22:18 - 000000000 ____D C:\Users\adi\AppData\Roaming\Native Instruments
2021-05-08 15:03 - 2020-08-03 22:18 - 000000000 ____D C:\Users\adi\AppData\Local\Native Instruments
2021-05-08 14:06 - 2020-04-01 18:21 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-05-07 22:43 - 2018-01-21 22:26 - 000000000 ____D C:\Program Files\Common Files\VST3
2021-05-07 08:05 - 2021-03-16 23:46 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-884149921-2065793029-3257327610-1001
2021-05-07 08:05 - 2021-03-16 23:34 - 000002410 _____ C:\Users\adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-06 20:20 - 2016-10-17 23:30 - 000000000 ____D C:\Users\adi\Desktop\_Output
2021-05-06 17:19 - 2016-10-06 23:00 - 000000000 ____D C:\Users\adi\AppData\Roaming\Adobe
2021-05-04 22:46 - 2021-03-16 23:46 - 000003994 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-05-04 22:46 - 2021-03-16 23:46 - 000003762 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2021-05-04 14:14 - 2020-02-06 22:56 - 000000081 _____ C:\Users\adi\AppData\Local\FILM_AE_LogFile.txt
2021-05-03 20:49 - 2018-01-21 22:34 - 000000000 ____D C:\Users\adi\AppData\Roaming\helm
2021-05-03 20:49 - 2016-10-17 23:22 - 000000000 ____D C:\Users\adi\AppData\Roaming\REAPER
2021-05-03 20:45 - 2016-10-17 23:22 - 000000876 _____ C:\Users\Public\Desktop\REAPER (x64).lnk
2021-05-03 20:45 - 2016-10-17 23:22 - 000000876 _____ C:\ProgramData\Desktop\REAPER (x64).lnk
2021-05-03 20:45 - 2016-10-17 23:22 - 000000000 ____D C:\Program Files\REAPER (x64)
2021-05-03 00:27 - 2021-03-17 09:20 - 000000000 ____D C:\Users\adi\AppData\Roaming\bandlab-assistant
2021-05-02 22:27 - 2021-03-17 09:20 - 000002480 _____ C:\Users\adi\Desktop\BandLab Assistant.lnk
2021-05-02 22:27 - 2021-03-17 09:20 - 000000000 ____D C:\Users\adi\Documents\BandLab
2021-05-02 22:26 - 2021-03-17 09:20 - 000000000 ____D C:\Users\adi\AppData\Local\bandlab-assistant-updater
2021-05-01 15:38 - 2020-09-23 22:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec
2021-05-01 15:38 - 2020-07-14 21:28 - 000001805 _____ C:\Users\adi\Desktop\NordVPN.lnk
2021-05-01 15:38 - 2020-07-14 21:28 - 000000000 ____D C:\ProgramData\NordVPN
2021-05-01 15:38 - 2020-07-14 21:28 - 000000000 ____D C:\Program Files\NordVPN
2021-05-01 15:38 - 2020-02-04 20:46 - 000000000 ____D C:\Users\adi\AppData\Local\NordVPN
2021-05-01 15:33 - 2016-12-30 22:32 - 000001176 _____ C:\Users\adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk
2021-04-30 20:49 - 2018-01-17 00:00 - 000000633 _____ C:\Users\adi\Documents\mtpdk.mid
2021-04-30 19:57 - 2021-03-17 20:46 - 000001924 _____ C:\Users\Public\Desktop\Cakewalk by BandLab.lnk
2021-04-30 19:57 - 2021-03-17 20:46 - 000001924 _____ C:\ProgramData\Desktop\Cakewalk by BandLab.lnk
2021-04-30 16:59 - 2020-04-22 13:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-04-29 23:46 - 2017-01-20 13:58 - 000000000 ____D C:\Users\adi\AppData\Roaming\tixati
2021-04-29 19:51 - 2020-05-05 18:34 - 000000000 ____D C:\Users\adi\Downloads\_tixati-download-in-progress-folder
2021-04-26 20:18 - 2016-10-14 22:05 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2021-04-26 10:25 - 2018-01-05 19:25 - 000000000 ____D C:\Users\adi\AppData\LocalLow\LastPass
2021-04-26 09:28 - 2021-03-16 23:46 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-21 21:55 - 2016-10-19 15:14 - 000001456 _____ C:\Users\adi\AppData\Local\Adobe Save for Web 13.0 Prefs
2021-04-20 15:52 - 2021-03-16 23:46 - 000003418 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-20 15:52 - 2021-03-16 23:46 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-18 16:12 - 2020-07-05 15:12 - 000001157 _____ C:\Users\adi\Desktop\MusicBee.exe - Shortcut.lnk
2021-04-18 10:08 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\NDF
==================== Files in the root of some directories ========
2016-10-15 14:26 - 2019-03-09 16:02 - 000000033 _____ () C:\Users\adi\AppData\Roaming\AdobeWLCMCache.dat
2019-08-07 20:45 - 2019-08-11 22:51 - 000000028 _____ () C:\Users\adi\AppData\Roaming\kulerdata.json
2020-12-24 23:24 - 2020-12-24 23:24 - 000001315 _____ () C:\Users\adi\AppData\Roaming\Roaming - Shortcut.lnk
2018-11-13 15:47 - 2020-04-28 10:10 - 000000600 _____ () C:\Users\adi\AppData\Roaming\winscp.rnd
2016-10-19 15:14 - 2021-04-21 21:55 - 000001456 _____ () C:\Users\adi\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-04-12 20:52 - 2017-05-25 23:08 - 000000058 _____ () C:\Users\adi\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2017-09-08 20:53 - 2017-09-08 20:53 - 000000063 _____ () C:\Users\adi\AppData\Local\emaildefaults
2020-02-06 22:56 - 2021-05-04 14:14 - 000000081 _____ () C:\Users\adi\AppData\Local\FILM_AE_LogFile.txt
2017-09-13 20:35 - 2017-09-13 20:35 - 000000039 _____ () C:\Users\adi\AppData\Local\kritadisplayrc
2017-09-08 20:53 - 2017-09-13 20:35 - 000015739 _____ () C:\Users\adi\AppData\Local\kritarc
2018-09-26 09:19 - 2018-09-26 09:19 - 000000000 _____ () C:\Users\adi\AppData\Local\oobelibMkey.log
2016-11-10 15:57 - 2020-09-29 13:10 - 000000600 _____ () C:\Users\adi\AppData\Local\PUTTY.RND
2017-01-15 13:05 - 2020-07-07 21:10 - 000007610 _____ () C:\Users\adi\AppData\Local\Resmon.ResmonCfg
2016-10-15 16:35 - 2016-10-15 16:35 - 000000003 _____ () C:\Users\adi\AppData\Local\updater.log
2016-10-15 16:35 - 2016-10-15 16:39 - 000000059 _____ () C:\Users\adi\AppData\Local\UserProducts.xml
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-05-2021
Ran by adi (16-05-2021 11:28:05)
Running from C:\Users\adi\Desktop
Windows 10 Home Version 20H2 19042.985 (X64) (2021-03-17 03:46:11)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
adi (S-1-5-21-884149921-2065793029-3257327610-1001 - Administrator - Enabled) => C:\Users\adi
Administrator (S-1-5-21-884149921-2065793029-3257327610-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-884149921-2065793029-3257327610-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-884149921-2065793029-3257327610-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-884149921-2065793029-3257327610-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-884149921-2065793029-3257327610-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . . (HKLM\...\{DB52A2D0-CAA1-4ED1-B122-29E7EDDE187F}) (Version: 2.1.28.3 - Intel) Hidden
. . . (HKLM-x32\...\{06DA421D-EE23-487D-878F-F0AF97EF69AD}) (Version: 2.6.1.4 - Intel) Hidden
4K Video Downloader 4.12 (HKLM-x32\...\{36DCC913-017B-43A0-85C2-9805270E38BB}) (Version: 4.12.1.3580 - Open Media LLC)
4K YouTube to MP3 (HKLM\...\{0937BD02-434D-49A9-B469-E1DD08337A07}) (Version: 4.0.0.4230 - Open Media LLC)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
ActivePresenter (HKLM\...\{A2A40277-D807-4754-95A3-2F294C2C51D3}_is1) (Version: 8.0.6 - Atomi Systems, Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.001.20155 - Adobe Systems Incorporated)
Adobe After Effects 2020 (HKLM-x32\...\AEFT_17_7) (Version: 17.7 - Adobe Inc.)
Adobe After Effects 2021 (HKLM-x32\...\AEFT_18_2) (Version: 18.2 - Adobe Inc.)
Adobe Animate 2020 (HKLM-x32\...\FLPR_20_5) (Version: 20.5 - Adobe Inc.)
Adobe Audition 2020 (HKLM-x32\...\AUDT_13_0_13) (Version: 13.0.13 - Adobe Inc.)
Adobe Audition 2021 (HKLM-x32\...\AUDT_14_2) (Version: 14.2 - Adobe Inc.)
Adobe Bridge 2021 (HKLM-x32\...\KBRG_11_0_2) (Version: 11.0.2 - Adobe Inc.)
Adobe Character Animator CC (Beta) (HKLM-x32\...\ANMLBETA_1_0_6) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.4.5.550 - Adobe Inc.)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.10 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Adobe Illustrator 2021 (HKLM-x32\...\ILST_25_2_3) (Version: 25.2.3 - Adobe Inc.)
Adobe InDesign 2021 (HKLM-x32\...\IDSN_16_1) (Version: 16.1 - Adobe Inc.)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_10_2) (Version: 10.2 - Adobe Inc.)
Adobe Media Encoder 2021 (HKLM-x32\...\AME_15_2) (Version: 15.2 - Adobe Inc.)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_4) (Version: 22.4.0.195 - Adobe Inc.)
Adobe Premiere Pro 2019 (HKLM-x32\...\PPRO_13_1_5) (Version: 13.1.5 - Adobe Systems Incorporated)
Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_9) (Version: 14.9 - Adobe Inc.)
Adobe Premiere Pro 2021 (HKLM-x32\...\PPRO_15_2) (Version: 15.2 - Adobe Inc.)
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_1_2) (Version: 12.1.2 - Adobe Systems Incorporated)
Airplane Mode Hid Installer (HKLM-x32\...\{5E5B067F-52A4-447E-A3F1-D6DD10565E73}) (Version: 5.0.0.2 - )
Ample Guitar LP version 3.1.0 (HKLM-x32\...\{057CB0CA-C238-4488-87F9-8F9EFC8B8CF9}_is1) (Version: 3.1.0 - Ample Sound Technology Co., Ltd.)
Ample Guitar M Lite II version 2.0.2 (HKLM-x32\...\{548F88E8-79D2-441F-B87B-E71754257651}_is1) (Version: 2.0.2 - Ample Sound Technology Co., Ltd.)
Apowersoft Online Launcher version 1.8.0 (HKU\S-1-5-21-884149921-2065793029-3257327610-1001\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.8.0 - APOWERSOFT LIMITED)
Atom (HKU\S-1-5-21-884149921-2065793029-3257327610-1001\...\atom) (Version: 1.54.0 - GitHub Inc.)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
Auslogics Duplicate File Finder (HKLM-x32\...\{6845255F-15CC-4DD1-94D5-D38F370118B3}_is1) (Version: 7.0.17.0 - Auslogics Labs Pty Ltd)
BandLab Assistant 7.0.0 (HKU\S-1-5-21-884149921-2065793029-3257327610-1001\...\9b08bea4-021c-5f9d-a74e-ac0ceb51fb28) (Version: 7.0.0 - BandLab Technologies)
Blender (HKLM\...\{6B32721F-EA02-40BB-B781-92404BA3485C}) (Version: 2.79.1 - Blender Foundation)
Bome Virtual MIDI 2.1.0.44 (HKLM\...\BMIDI_Driver1.0.0.11_is1) (Version: - Bome Software GmbH & Co. KG)
Cakewalk by BandLab (HKLM\...\Cakewalk Core_is1) (Version: 27.01.0.098 - BandLab Singapore Pte Ltd.)
Cakewalk Drum Replacer (HKLM\...\Cakewalk Drum Replacer_is1) (Version: 1.2.0.14 - BandLab Singapore Pte Ltd.)
Cakewalk Studio Instruments Suite (HKLM\...\Studio Instruments Suite_is1) (Version: 1.0.0.70 - BandLab Singapore Pte Ltd.)
Cakewalk Theme Editor (HKLM\...\Cakewalk Theme Editor_is1) (Version: 1.2.0.14 - BandLab Singapore Pte Ltd.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.10.2 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.30.1.52 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.5.5.3 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.2.0 - Canon Inc.)
Canon TS6300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS6300_series) (Version: 1.01 - Canon Inc.)
Cisco AnyConnect Diagnostics and Reporting Tool (HKLM-x32\...\{BC32F933-5365-43A8-8174-D469249D5A90}) (Version: 4.9.04053 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.9.04053 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{39CCD15F-6D82-4D13-8495-69B7C501B6B5}) (Version: 4.9.04053 - Cisco Systems, Inc.) Hidden
Control Center 5.0001.0.81 (HKLM-x32\...\{2F385B5D-5F23-4513-B3CE-9F5E4F4B882A}) (Version: 5.0001.0.81 - )
Core Temp 1.17 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.17 - ALCPU)
Data Lifeguard Diagnostic version 1.36 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
Dexed version 0.9.4 (HKLM\...\Dexed_is1) (Version: 0.9.4 - Digital Suburban)
Dropbox (HKLM-x32\...\Dropbox) (Version: 122.4.4867 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.459.1 - Dropbox, Inc.) Hidden
EgisTec Fingerprint Driver (HKLM-x32\...\InstallShield_{E8C889B8-0A8B-46BA-B433-F7D6968A6543}) (Version: 3.5.1.0 - Egis Technology Inc.)
Exodus (HKU\S-1-5-21-884149921-2065793029-3257327610-1001\...\exodus) (Version: 21.4.12 - Exodus Movement Inc)
Fidelity Active Trader Pro® (HKU\S-1-5-21-884149921-2065793029-3257327610-1001\...\a36ba76f6187edff) (Version: 10.7.123.0 - Fidelity Investments)
FileZilla Client 3.45.1 (HKLM-x32\...\FileZilla Client) (Version: 3.45.1 - Tim Kosse)
Fingerprint Driver (HKLM-x32\...\{E8C889B8-0A8B-46BA-B433-F7D6968A6543}) (Version: 3.5.1.0 - Egis Technology Inc.) Hidden
Focusrite Usb 4.65.5.658 (HKLM\...\Focusrite Usb_is1) (Version: 4.65.5.658 - Focusrite Audio Engineering, Ltd.)
FontBase 2.15.3 (HKU\S-1-5-21-884149921-2065793029-3257327610-1001\...\ffc1e284-e25b-515d-b453-93eb9fe955eb) (Version: 2.15.3 - Dominik Levitsky Studio, LLC)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.1.4.1208 - Foxit Software Inc.)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version: - Marek Jasinski)
FreeFileSync 11.6 (HKLM-x32\...\FreeFileSync_is1) (Version: 11.6 - FreeFileSync.org)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
GoPro Studio (HKLM-x32\...\{7BDB9575-D4C8-42B0-84EA-1CD654F63637}) (Version: 5.10.4320 - GoPro, Inc.) Hidden
GoTo Opener (HKLM-x32\...\{2C183CF0-3077-43D0-B001-F93AC5E68942}) (Version: 1.0.487 - LogMeIn, Inc.)
GoToMeeting 10.16.0.19598 (HKU\S-1-5-21-884149921-2065793029-3257327610-1001\...\GoToMeeting) (Version: 10.16.0.19598 - LogMeIn, Inc.)
Grace 64bit 1.0.4.9 (HKLM\...\Grace_is1) (Version: - One Small Clue)
Grace Factory Content 1.0 (HKLM-x32\...\Grace Factory Content_is1) (Version: - One Small Clue)
HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - )
hdAlbum EZ (HKLM-x32\...\{014BBF3C-D9C4-4FD0-857D-E7DDC95263C0}) (Version: 1.7.1.6 - Canon Inc.)
Helm (HKLM\...\{971514BD-7CC3-414F-9258-B79E6D53EC46}) (Version: 0.9.0.0 - Matt Tytel)
HP Universal Fax Driver (HKLM\...\{C2B45120-48BB-41FC-A1A7-4FF24DA5CDA3}) (Version: 2.0.100.0 - HP Inc.)
InqScribe 2.2.4.262 (HKLM-x32\...\InqScribe_is1) (Version: - Inquirium, LLC)
Insyde Airplane Mode HID Mini-Driver (HKLM\...\AirplaneModeHid) (Version: 1.4.0.3 - Insyde Corporation)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{aaa7f0fb-02dc-4576-beef-7d24842c5fbe}) (Version: 10.1.1.32 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.5.0.1020 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6373 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.0.0.1039 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{3920BCB0-23AA-4D0D-93E5-404692DAF9D2}) (Version: 19.00.1621.3340 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{fe2eebd3-ee15-4538-bb19-b627e3f2a911}) (Version: 2.6.1.4 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{475ea806-cb2a-455b-bb1b-9f99342b2fe2}) (Version: 19.40.0 - Intel Corporation)
iZotope RX 7 Audio Editor (HKLM\...\RX 7 Audio Editor_is1) (Version: 7.0.1 - iZotope)
Krita (x64) 3.2.1.0 (HKLM\...\Krita_x64) (Version: 3.2.1.0 - Krita Foundation)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass)
LibreOffice 6.3.4.2 (HKLM\...\{191F4D69-B671-4163-BB01-901B89A20D04}) (Version: 6.3.4.2 - The Document Foundation)
Magic Bullet Suite (HKLM\...\Magic Bullet Suite v13.0.15) (Version: - Red Giant LLC)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Maxon Cinema 4D 22 (HKLM\...\Maxon Cinema 4D S22) (Version: S22 - Maxon)
Maxon Cinema 4D R21 (HKLM\...\Maxon Cinema 4D R21) (Version: R21 - Maxon)
MediaInfo 21.03 (HKLM\...\MediaInfo) (Version: 21.03 - MediaArea.net)
Melodyne 4 (HKLM-x32\...\{16DF894D-FC3F-4B87-908D-671E201CD7A8}) (Version: 4.01.0111 - Celemony Software GmbH)
Melodyne Runtime 4.1 (x64) (HKLM\...\{721E4E34-AF7C-4345-93F9-282CCC8CCCB5}) (Version: 1.0.2 - Celemony Software GmbH)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.62 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 90.0.818.62 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-884149921-2065793029-3257327610-1001\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1109.411 - Microsoft Corporation)
MOTU M Series (HKLM\...\com_motu_installer_core_uac_is1) (Version: 4.0.8.8030 - MOTU, Inc.)
Mozilla Firefox 88.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 88.0.1 (x64 en-US)) (Version: 88.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 74.0 - Mozilla)
Mullvad (HKLM-x32\...\Product) (Version: - )
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 2.6.2 - MusicBrainz)
Native Instruments Blocks Base (HKLM-x32\...\Native Instruments Blocks Base) (Version: 1.0.1.1 - Native Instruments)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 2.6.2.547 - Native Instruments)
Native Instruments Expansions Selection (HKLM-x32\...\Native Instruments Expansions Selection) (Version: 1.0.0.10 - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: 5.2.2.8 - Native Instruments)
Native Instruments Kinetic Treats (HKLM-x32\...\Native Instruments Kinetic Treats) (Version: 1.1.0.4 - Native Instruments)
Native Instruments Komplete Kontrol (HKLM-x32\...\Native Instruments Komplete Kontrol) (Version: 2.6.0.198 - Native Instruments)
Native Instruments Komplete Kontrol Driver (HKLM-x32\...\Native Instruments Komplete Kontrol Driver) (Version: - Native Instruments)
Native Instruments Komplete Kontrol MK2 Driver (HKLM-x32\...\Native Instruments Komplete Kontrol MK2 Driver) (Version: - Native Instruments)
Native Instruments Kontakt (HKLM-x32\...\Native Instruments Kontakt) (Version: 6.5.3.125 - Native Instruments)
Native Instruments Kontakt Factory Selection (HKLM-x32\...\Native Instruments Kontakt Factory Selection) (Version: 1.4.2.1 - Native Instruments)
Native Instruments Mikro Prism (HKLM-x32\...\Native Instruments Mikro Prism) (Version: 1.1.0.14 - Native Instruments)
Native Instruments Native Access (HKLM-x32\...\Native Instruments Native Access) (Version: 1.13.3.136 - Native Instruments)
Native Instruments NIHostIntegrationAgent (HKLM-x32\...\Native Instruments NIHostIntegrationAgent) (Version: 1.10.2.5 - Native Instruments)
Native Instruments NTKDaemon (HKLM-x32\...\Native Instruments NTKDaemon) (Version: 1.1.0.96 - Native Instruments)
Native Instruments Play Series Selection (HKLM-x32\...\Native Instruments Play Series Selection) (Version: 1.0.0.6 - Native Instruments)
Native Instruments Reaktor 6 (HKLM-x32\...\Native Instruments Reaktor 6) (Version: 6.4.0.2 - Native Instruments)
Native Instruments Reaktor Factory Selection R2 (HKLM-x32\...\Native Instruments Reaktor Factory Selection R2) (Version: 1.0.1.7 - Native Instruments)
Native Instruments Supercharger (HKLM-x32\...\Native Instruments Supercharger) (Version: 1.3.1.45 - Native Instruments)
Native Instruments Traktor DJ 2 (HKLM-x32\...\Native Instruments Traktor DJ 2) (Version: 2.4.1.478 - Native Instruments)
Native Instruments TRK-01 Bass (HKLM-x32\...\Native Instruments TRK-01 Bass) (Version: 1.0.0.10 - Native Instruments)
Neat Video v5.1.9 Home plug-in (Second Revision) for Premiere (HKLM\...\Neat Video v5 (SR) for Premiere_is1) (Version: - Neat Video team, ABSoft)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.36.6.0 - TEFINCOM S.A.)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{BD0E4F38-D3F6-452D-A32E-B14D721839AC}) (Version: 1.0.1 - NordVPN)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.9.1 - Notepad++ Team)
NVIDIA GeForce Experience 3.17.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.17.0.126 - NVIDIA Corporation)
NVIDIA Graphics Driver 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Printer Registration (HKLM-x32\...\Canon EISRegistration) (Version: 1.6.0 - Canon Inc.)
PyScripter 3.6.4 (x64) (HKLM\...\PyScripter_is1) (Version: 3.6.4 - PyScripter)
Python 3.9.1 (64-bit) (HKU\S-1-5-21-884149921-2065793029-3257327610-1001\...\{b2be55ad-3177-42aa-a6c2-53004684e4ea}) (Version: 3.9.1150.0 - Python Software Foundation)
Python 3.9.1 Add to Path (64-bit) (HKLM\...\{5AD5ED9C-14D1-4CFA-B4B1-A02CE8916D9F}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Core Interpreter (64-bit) (HKLM\...\{1C00F581-D5BF-491E-B1BB-72AA3A2250E5}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Development Libraries (64-bit) (HKLM\...\{27AD952D-DD9D-4AAC-B486-8AA601BFA064}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Documentation (64-bit) (HKLM\...\{5CB3AEED-BB03-47E2-BFF1-0CA58C236895}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Executables (64-bit) (HKLM\...\{71A9F41D-A865-46D4-A650-B210150DEF2A}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 pip Bootstrap (64-bit) (HKLM\...\{EF2B9385-6453-4702-9584-21BA8288D157}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Standard Library (64-bit) (HKLM\...\{5DD5C023-790B-4F1B-9B1B-8D1BC48F3057}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Tcl/Tk Support (64-bit) (HKLM\...\{414B5372-24FD-4302-8090-B9CE5564A6DD}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Test Suite (64-bit) (HKLM\...\{A7EC4DEB-8ABD-471D-BB5B-E579EBC9B043}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Utility Scripts (64-bit) (HKLM\...\{47A9647A-A576-4751-9C37-D32EB70285A3}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{FFC95928-6A14-4FB3-8D73-7A62382F66AC}) (Version: 3.9.7280.0 - Python Software Foundation)
Quik (HKLM\...\{6249867C-ACE2-4400-AD50-4D6945A8EA8A}) (Version: 0.1.4320 - GoPro, Inc.) Hidden
Quik (HKLM-x32\...\{0d91b40f-e179-491c-a726-cd71dc297e8a}) (Version: 2.0.0.4320 - GoPro, Inc.)
RE:Flex v5 for After Effects (HKLM\...\RE:Flex v5 for After Effects 5.3.1) (Version: 5.3.1 - RE:Vision Effects)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21291 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8172 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version: - )
ReNamer (HKLM-x32\...\ReNamer_is1) (Version: 6.6.0.0 - den4b Team)
Samsung Portable SSD Software (HKLM-x32\...\SamsungPortableSSD_is1) (Version: 1.5.0.13 - Samsung Electronics)
SecureW2 Enterprise Client 3.5.17 (HKLM-x32\...\SecureW2 Enterprise Client) (Version: - )
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 13.4.0 - ShareX Team)
Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version: - )
Signal 1.40.0 (HKU\S-1-5-21-884149921-2065793029-3257327610-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 1.40.0 - Open Whisper Systems)
Sinnah 1.1.0 (HKLM-x32\...\NUSofting Sinnah VST Synthesizer_is1) (Version: 1.1.0 - NUSofting)
Skype version 8.71 (HKLM-x32\...\Skype_is1) (Version: 8.71 - Skype Technologies S.A.)
SoulseekQt version 2019.7.22 (HKLM-x32\...\{8A4E1646-488C-4E5B-AC31-F784400E8D2D}_is1) (Version: 2019.7.22 - Soulseek LLC)
Sound Blaster X-Fi MB5 (HKLM-x32\...\{918A4598-866C-4B8F-8901-13F8593EBED6}) (Version: 1.00.18 - Creative Technology Limited)
Spitfire Audio (HKLM-x32\...\{ABC5F486-25BD-4BAA-9FA1-A84152CBB563}_is1) (Version: 3.2.20 - Spitfire Audio Holdings Ltd)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1244 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.4.121 - Synaptics Incorporated)
TAP-NordVPN 9.21.2 (HKLM\...\TAP-NordVPN) (Version: 9.21.2 - NordVPN.com)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.7.1965 - TeamViewer)
Thonny 3.2.7 (HKU\S-1-5-21-884149921-2065793029-3257327610-1001\...\Thonny_is1) (Version: 3.2.7 - Aivar Annamaa)
Tixati (HKLM-x32\...\tixati) (Version: - )
TreeSize Free V4.4.1 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.4.1 - JAM Software)
Twixtor v7 for After Effects and Premiere Pro (HKLM\...\Twixtor v7 for After Effects and Premiere Pro 7.1.1) (Version: 7.1.1 - RE:Vision Effects)
Unchecky v1.2 (HKLM-x32\...\Unchecky) (Version: 1.2 - Reason Software Company Inc.)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
VFW_Codec32 (HKLM-x32\...\{FCA86F94-8BCA-491D-AFF9-90921796FCD8}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
VFW_Codec64 (HKLM\...\{341735D3-32CF-41BC-8C9B-FDE3975452DB}) (Version: 0.1.160.0 - GoPro, Inc.) Hidden
Virtual Creations Ultra Phazer version 1.4 (HKLM-x32\...\{3E0D82E0-94B1-47C7-ABEC-D3B5252A45DA}_is1) (Version: 1.4 - Virtual Creations)
Visual Studio Community 2017 (HKLM-x32\...\2fd452a2) (Version: 15.9.28307.1216 - Microsoft Corporation)
Vital version 1.0.8 (HKLM\...\Vital_is1) (Version: 1.0.8 - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
VNC Server 6.1.1 (HKLM\...\{BF68FC97-1CBA-49D5-88EB-3E0CDC3D379D}) (Version: 6.1.1.28093 - RealVNC Ltd)
VNC Viewer 6.1.1 (HKLM\...\{1B14F26D-AAC9-4781-A468-5DFD5DF5FF91}) (Version: 6.1.1.28093 - RealVNC Ltd)
vs_filehandler_amd64 (HKLM-x32\...\{A254DA0E-26A1-43C3-95BE-7A24D5599473}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{1F42A73E-CF26-4D67-BA79-752CA56B639F}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{A41E138F-5A3F-443C-B72D-957AB994FB5A}) (Version: 15.9.28128 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{68B8AD33-CE97-4C3D-9583-669C39D21BA5}) (Version: 15.9.28302 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{6DFE6F8D-B61D-4348-AB70-4ABF1210DFD5}) (Version: 15.0.26621 - Microsoft Corporation) Hidden
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.15-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.8 - Winamp SA)
Windows Driver Package - Insyde (AirplaneModeHid) HIDClass (07/14/2015 1.4.0.3) (HKLM\...\F6EE2AD6575789BFA9536FE4637A2E06B7F2DD0F) (Version: 07/14/2015 1.4.0.3 - Insyde)
WinSCP 5.13.4 (HKLM-x32\...\winscp3_is1) (Version: 5.13.4 - Martin Prikryl)
Zoom (HKU\S-1-5-21-884149921-2065793029-3257327610-1001\...\ZoomUMX) (Version: 5.5.4 (13142.0301) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2020-07-10] (Adobe Systems Incorporated)
Adobe XD -> C:\Program Files\WindowsApps\Adobe.CC.XD_34.1.12.9_x64__adky2gkssdxte [2020-10-26] (Adobe Systems Incorporated)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.193.200.0_x86__kgqvnymyfvs32 [2021-05-13] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-19] (Canon Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_127.1.115.0_x64__v10z8vjag6ke6 [2021-05-08] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-16] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5060.0_x64__8wekyb3d8bbwe [2021-05-10] (Microsoft Studios) [MS Ad]
Pandora -> C:\Program Files\WindowsApps\PandoraMediaInc.29680B314EFC2_15.0.3.0_x64__n619g4d5j0fnw [2019-11-20] (Pandora Media Inc) [Startup Task]
Python 3.9 -> C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.9_3.9.1520.0_x64__qbz5n2kfra8p0 [2021-05-05] (Python Software Foundation)
Stop Motion Studio Pro -> C:\Program Files\WindowsApps\Cateater.StopMotionStudioPro_3.1.8743.0_x64__eyzsqz3m42c14 [2021-04-10] (Cateater)
ToastWallet -> C:\Program Files\WindowsApps\ToastWallet_2.2.16.0_x64__v6a5p17k08cr4 [2018-02-17] (StarStone Limited)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-884149921-2065793029-3257327610-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-BF47F8059B62} -> [Creative Cloud Files] => C:\Users\adi\Creative Cloud Files [2016-10-14 21:35]
CustomCLSID: HKU\S-1-5-21-884149921-2065793029-3257327610-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\adi\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-884149921-2065793029-3257327610-1001_Classes\CLSID\{28A80003-18FD-411D-B0A3-3C81F618E22B}\InprocServer32 -> C:\Users\adi\AppData\Local\Kingsoft\WPS Office\11.2.0.9107\office6\kwpsmenushellext64.dll => No File
CustomCLSID: HKU\S-1-5-21-884149921-2065793029-3257327610-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-884149921-2065793029-3257327610-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\adi\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-884149921-2065793029-3257327610-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\adi\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-884149921-2065793029-3257327610-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\adi\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-884149921-2065793029-3257327610-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\adi\AppData\Local\GoToMeeting\17359\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-884149921-2065793029-3257327610-1001_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\adi\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-884149921-2065793029-3257327610-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\adi\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-884149921-2065793029-3257327610-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\adi\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-884149921-2065793029-3257327610-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\adi\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-884149921-2065793029-3257327610-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\adi\Dropbox [2016-10-17 20:49]
CustomCLSID: HKU\S-1-5-21-884149921-2065793029-3257327610-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-884149921-2065793029-3257327610-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\adi\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-884149921-2065793029-3257327610-1001_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\adi\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-26] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-26] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-26] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-26] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-04-20] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-11-02] (Notepad++ -> )
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-11-14] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_24de78387e6208e4\igfxDTCM.dll [2018-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-04-26] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-04-20] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2016-11-14] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
ContextMenuHandlers1_S-1-5-21-884149921-2065793029-3257327610-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\adi\AppData\Local\Kingsoft\WPS Office\11.2.0.9107\office6\kwpsmenushellext64.dll -> No File
ContextMenuHandlers4_S-1-5-21-884149921-2065793029-3257327610-1001: [ kwpsshellext] -> {28A80003-18FD-411D-B0A3-3C81F618E22B} => C:\Users\adi\AppData\Local\Kingsoft\WPS Office\11.2.0.9107\office6\kwpsmenushellext64.dll -> No File
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.CFHD] => C:\Windows\system32\CFHD.dll [1334784 2016-10-11] (CineForm Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.CFHD] => C:\Windows\SysWOW64\CFHD.dll [1119744 2016-10-11] (CineForm Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Keep.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=eilembjdkfgodjkcjnpgpaenohkicgjd
==================== Loaded Modules (Whitelisted) =============
2021-05-16 09:40 - 2021-05-16 09:40 - 000568320 _____ () [File not signed] \\?\C:\Users\adi\AppData\Local\Temp\0a179c09-5ae2-4572-8125-34547ca0d505.tmp.node
2015-03-17 02:34 - 2015-03-17 02:34 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\en_il\acrotray.meh
2021-02-02 01:49 - 2021-02-02 01:49 - 000858624 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\en_il\adistres.MEH
2013-06-30 19:17 - 2013-06-30 19:17 - 000017920 _____ () [File not signed] C:\Program Files\ShrewSoft\VPN Client\libdtp.dll
2013-06-30 19:15 - 2013-06-30 19:15 - 000022016 _____ () [File not signed] C:\Program Files\ShrewSoft\VPN Client\libidb.dll
2013-06-30 19:16 - 2013-06-30 19:16 - 000628224 _____ () [File not signed] C:\Program Files\ShrewSoft\VPN Client\libike.dll
2013-06-30 19:16 - 2013-06-30 19:16 - 000116736 _____ () [File not signed] C:\Program Files\ShrewSoft\VPN Client\libip.dll
2013-06-30 19:15 - 2013-06-30 19:15 - 000018432 _____ () [File not signed] C:\Program Files\ShrewSoft\VPN Client\libith.dll
2013-06-30 19:16 - 2013-06-30 19:16 - 000013312 _____ () [File not signed] C:\Program Files\ShrewSoft\VPN Client\liblog.dll
2013-06-30 19:17 - 2013-06-30 19:17 - 000029184 _____ () [File not signed] C:\Program Files\ShrewSoft\VPN Client\libpfk.dll
2013-06-30 19:17 - 2013-06-30 19:17 - 000035840 _____ () [File not signed] C:\Program Files\ShrewSoft\VPN Client\libvflt.dll
2013-06-30 19:16 - 2013-06-30 19:16 - 000039936 _____ () [File not signed] C:\Program Files\ShrewSoft\VPN Client\libvnet.dll
2021-05-15 19:04 - 2021-04-22 02:23 - 002821120 _____ () [File not signed] C:\Users\adi\AppData\Local\Programs\FontBase\ffmpeg.dll
2021-05-15 19:04 - 2021-04-22 02:23 - 000446464 _____ () [File not signed] C:\Users\adi\AppData\Local\Programs\FontBase\libegl.dll
2021-05-15 19:04 - 2021-04-22 02:23 - 007900160 _____ () [File not signed] C:\Users\adi\AppData\Local\Programs\FontBase\libglesv2.dll
2020-07-04 11:04 - 2018-08-30 15:24 - 000101376 _____ () [File not signed] C:\Users\adi\OneDrive\MusicBee\MusicBeeBass.dll
2016-09-29 14:56 - 2015-07-31 20:33 - 000366080 _____ () [File not signed] C:\Windows\SYSTEM32\APOMgr64.DLL
2016-09-29 14:56 - 2015-07-31 20:34 - 000089600 _____ () [File not signed] C:\Windows\SYSTEM32\CmdRtr64.DLL
2021-02-02 01:49 - 2021-02-02 01:49 - 000021504 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\en_il\Acrobat Elements\ContextMenuShim64.meh
2020-04-17 13:49 - 2017-11-02 15:36 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_ENU.DLL
2020-04-17 13:49 - 2017-11-02 15:36 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2016-09-29 14:56 - 2015-04-09 18:25 - 000559104 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB5\Sound Blaster X-Fi MB5\CTAudEp.dll
2016-09-29 14:56 - 2015-04-09 18:25 - 000238080 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB5\Sound Blaster X-Fi MB5\CTLoadRs.dll
2016-09-29 14:56 - 2015-05-27 12:49 - 000251904 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB5\Sound Blaster X-Fi MB5\HKDetect.dll
2021-04-11 10:51 - 2019-02-21 12:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2020-02-06 21:24 - 2020-02-06 21:24 - 002080256 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Red Giant\Services\LIBEAY32.dll
2020-07-04 11:04 - 2019-01-16 11:34 - 000127669 _____ (Un4seen Developments) [File not signed] C:\Users\adi\OneDrive\MusicBee\bass.dll
2020-07-04 11:04 - 2019-08-07 09:58 - 000018456 _____ (Un4seen Developments) [File not signed] C:\Users\adi\OneDrive\MusicBee\bassasio.dll
2020-07-04 11:04 - 2014-06-11 11:18 - 000019478 _____ (Un4seen Developments) [File not signed] C:\Users\adi\OneDrive\MusicBee\basscd.dll
2020-07-04 11:04 - 2018-01-16 09:08 - 000020700 _____ (Un4seen Developments) [File not signed] C:\Users\adi\OneDrive\MusicBee\bassmix.dll
2020-07-04 11:04 - 2017-11-15 11:54 - 000013754 _____ (Un4seen Developments) [File not signed] C:\Users\adi\OneDrive\MusicBee\basswasapi.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-02-02] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 07:47 - 2021-05-16 09:39 - 000002082 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
2017-05-10 10:12 - 2017-05-10 10:12 - 000000443 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-884149921-2065793029-3257327610-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-884149921-2065793029-3257327610-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Shrew Soft Lightweight Filter -> vflt (enabled)
Wi-Fi: NordVPN LightWeight Firewall -> NordLwf (enabled)
PIA: NordVPN LightWeight Firewall -> NordLwf (enabled)
PIA: Shrew Soft Lightweight Filter -> vflt (enabled)
Ethernet: Shrew Soft Lightweight Filter -> vflt (enabled)
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 2: Shrew Soft Lightweight Filter -> vflt (enabled)
Ethernet 3: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 3: Shrew Soft Lightweight Filter -> vflt (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKU\S-1-5-21-884149921-2065793029-3257327610-1001\...\StartupApproved\StartupFolder: => "REAPER (x64).lnk"
HKU\S-1-5-21-884149921-2065793029-3257327610-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_07E978E6F2BBB4AB0BC801F515EC9ED3"
HKU\S-1-5-21-884149921-2065793029-3257327610-1001\...\StartupApproved\Run: => "MusicManager"
HKU\S-1-5-21-884149921-2065793029-3257327610-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"
HKU\S-1-5-21-884149921-2065793029-3257327610-1001\...\StartupApproved\Run: => "NordVPN"
HKU\S-1-5-21-884149921-2065793029-3257327610-1001\...\StartupApproved\Run: => "Skype for Desktop"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{AA2CCEA0-2320-448C-8C39-FAAE6A679473}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CC824881-4C23-40CD-BE20-C2AB7653D99D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{E74ACF85-BF75-440C-8249-422CFA806AEB}C:\python39\python.exe] => (Allow) C:\python39\python.exe (Python Software Foundation -> Python Software Foundation)
FirewallRules: [TCP Query User{A541091E-F391-4E7E-B43E-C12BA8C6051F}C:\python39\python.exe] => (Allow) C:\python39\python.exe (Python Software Foundation -> Python Software Foundation)
FirewallRules: [{8A610377-AE73-448B-AE24-313BE5A7FB04}] => (Allow) C:\Program Files\ATOMI\ActivePresenter\rlactivator.exe (ATOMI SYSTEMS, INC. -> Atomi Systems, Inc.)
FirewallRules: [{2AAB44ED-261C-481E-9ADA-99B4E6CD67B1}] => (Allow) C:\Program Files\ATOMI\ActivePresenter\ActivePresenter.exe (ATOMI SYSTEMS, INC. -> Atomi Systems, Inc.)
FirewallRules: [{04223425-BBC0-4C9C-A409-30CBE9AAAC8A}] => (Allow) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{34040D0C-9C4C-4E57-998D-D21A2645CCBA}] => (Allow) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{4F4EF93B-A237-4CA6-A145-F82C655AC087}] => (Allow) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{68E47032-0795-4B5A-A65B-A36E5CE9EEB8}] => (Allow) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{FAF22CCC-8092-4EF1-AE06-1F134A5AE496}] => (Allow) C:\Program Files (x86)\Canon\IJ Scan Utility\SCANUTILITY.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{744A382B-B391-467F-8A85-7FDA9B131F0F}] => (Allow) C:\Program Files (x86)\Canon\IJ Scan Utility\SCANUTILITY.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{E643F134-A549-4A19-98E2-8DC46816EA32}] => (Allow) C:\Program Files (x86)\Canon\IJ Scan Utility\SCANUTILITY.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{EC17F8C3-D303-41D2-A682-E8A003CF3DEB}] => (Allow) C:\Program Files (x86)\Canon\IJ Scan Utility\SCANUTILITY.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{CBAD69B3-194D-4BF5-877C-1EF46ACCA92B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4FC87FC6-57F4-44C8-8935-DF767A918AA0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CB455A41-F1B1-4C7E-9454-B34C1F172C46}] => (Allow) C:\Users\adi\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{BD973EFC-1885-4DEC-A158-9F229D97A43E}] => (Allow) C:\Users\adi\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{A0FCDF2B-EC00-440B-AAC9-39784ACC03DE}] => (Block) C:\program files (x86)\soulseekqt\soulseekqt.exe () [File not signed]
FirewallRules: [{7DE68EE7-C2F9-4AD1-B310-A5BA1BAAD941}] => (Block) C:\program files (x86)\soulseekqt\soulseekqt.exe () [File not signed]
FirewallRules: [UDP Query User{95604A7B-903A-41A4-95C0-AE2E4A11A405}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe () [File not signed]
FirewallRules: [TCP Query User{8DAD314A-71E5-4D37-BAF7-B9F112775C70}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe () [File not signed]
FirewallRules: [{BA264A83-A5D4-4458-A6E8-34940B6BA556}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{02E535C6-069C-4630-B9D6-1850FA9D8C7C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{9330C993-0F69-4AF9-8E48-422C4BF5B788}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{7C7F6AA9-FFCE-457C-89C7-AA1CD27816F2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [UDP Query User{E3DFE921-C149-4D1D-979E-26E29F4BB485}C:\users\adi\appdata\local\brave\app-0.22.669\brave.exe] => (Block) C:\users\adi\appdata\local\brave\app-0.22.669\brave.exe => No File
FirewallRules: [TCP Query User{2EE055AC-78D2-48AA-9BDF-1885086C831E}C:\users\adi\appdata\local\brave\app-0.22.669\brave.exe] => (Block) C:\users\adi\appdata\local\brave\app-0.22.669\brave.exe => No File
FirewallRules: [{166609B7-1B93-4C2C-9BB6-69336EFA2225}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [UDP Query User{4C3E8E1D-302C-4F77-A59F-C63CC193B8DF}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe (Tixati Software Inc. -> Tixati Software Inc.)
FirewallRules: [TCP Query User{EADD2A65-A3A2-4EB8-940C-5968391B691D}C:\program files\tixati\tixati.exe] => (Allow) C:\program files\tixati\tixati.exe (Tixati Software Inc. -> Tixati Software Inc.)
FirewallRules: [{D9014FDF-5E61-4714-96D8-C66E42921DE6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{78A06FEB-FFFB-4B70-A53C-077E9A2D3D7B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{320D9E24-4DE8-4B04-8CA5-6FA3536BBA69}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe => No File
FirewallRules: [{BF3FA4F7-EAEA-4780-924E-A6310DF19A99}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4843FDCB-AEAF-4DCD-826F-067487FF8516}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{35D99ECD-3442-4389-B552-9C0228FADD9F}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe (GoPro, Inc. -> )
FirewallRules: [{E93E041E-A06B-4944-B236-54B8E3119687}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe (GoPro, Inc. -> )
FirewallRules: [{E1D5BD5A-3A11-45E4-8A38-27EE1041E2AB}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe (GoPro, Inc. -> )
FirewallRules: [{64A51DCB-552A-4AD9-818F-05FEDDD45C09}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\Quik.exe (GoPro, Inc. -> )
FirewallRules: [{4074F4A1-EED5-4A9C-AB3B-DD0A32E3C1EB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe => No File
FirewallRules: [TCP Query User{ACCB1F45-CCF7-46C0-AC38-182E0DF3B0B1}C:\users\adi\appdata\local\brave\app-0.18.36\brave.exe] => (Block) C:\users\adi\appdata\local\brave\app-0.18.36\brave.exe => No File
FirewallRules: [UDP Query User{4F4325F7-97B4-48C2-9423-A67E9EDDB508}C:\users\adi\appdata\local\brave\app-0.18.36\brave.exe] => (Block) C:\users\adi\appdata\local\brave\app-0.18.36\brave.exe => No File
FirewallRules: [TCP Query User{81BAEE15-6197-4AB9-A5DF-A818E3B614C4}C:\users\adi\appdata\local\brave\app-0.23.79\brave.exe] => (Block) C:\users\adi\appdata\local\brave\app-0.23.79\brave.exe => No File
FirewallRules: [UDP Query User{4D8122F1-DE54-4307-91DF-83AD9352ED01}C:\users\adi\appdata\local\brave\app-0.23.79\brave.exe] => (Block) C:\users\adi\appdata\local\brave\app-0.23.79\brave.exe => No File
FirewallRules: [TCP Query User{D22D4B15-80CC-414D-BE6B-3A4430AB834D}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{01473F1D-C871-4C84-8D84-E19C3C7AD890}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{A1715051-4C4C-4DEE-8DD5-AB3BB9E039D8}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{7C3F7C17-C1BA-449E-A327-7092658D5A51}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{3DBE9525-1E5C-4E40-9690-783574E13058}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe (RealVNC Ltd -> RealVNC Ltd)
FirewallRules: [{BEE36E6A-4568-4C6A-B76D-B1301C7B5127}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe (RealVNC Ltd -> RealVNC Ltd)
FirewallRules: [{1F34130F-65FE-4656-951D-91E9ED6C09A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DD067EF5-C721-459C-A678-C37408DF1F8E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4BC61077-8C55-4946-9D15-7763037FACDD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{603373A2-C107-4798-9291-CEC423813844}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3C46315C-B5B0-4A11-9055-A41F7573B5EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A9FBFB13-8F38-46A8-BC5A-48CFE88F5413}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{D3118CCB-ABD2-4A5C-BF3E-F96C22788A1E}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{B23484F4-DCB7-465B-9DA8-F5B6FCE82A15}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{40906640-AEB4-4604-A3A4-ED7A7EA5DAAC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{C8D135A7-A85E-454B-9999-6151C9FA1E2D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{331ACD54-4BD7-4E01-BFF4-77D818812BBA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{17147A35-4D68-484C-A12E-12B072ECA05F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{680FA605-0A91-4699-8C1C-9518B2981B36}] => (Allow) C:\Program Files\HP\HP Universal Fax Driver\bin\SendAFax.exe (HP Inc -> HP Development Company, L.P.)
FirewallRules: [{0099C546-9805-476D-BAC4-4F52D252309F}] => (Allow) C:\Program Files\HP\HP Universal Fax Driver\bin\FaxPrinterUtility64.exe (HP Inc -> HP Development Company, L.P.)
FirewallRules: [TCP Query User{6D30DDD5-912D-4124-92D1-2EDE0668DC39}C:\windows\splwow64.exe] => (Allow) C:\windows\splwow64.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{9D5E1683-4B95-461D-9B21-67F461D6738C}C:\windows\splwow64.exe] => (Allow) C:\windows\splwow64.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{07A327AC-9546-4390-BFE2-6C8EBDABD24A}C:\users\adi\appdata\local\programs\bandlab-assistant\bandlab assistant.exe] => (Allow) C:\users\adi\appdata\local\programs\bandlab-assistant\bandlab assistant.exe (BandLab Singapore Pte Ltd. -> BandLab Technologies)
FirewallRules: [UDP Query User{74F4DAEB-3F16-4441-9A45-36637FD81180}C:\users\adi\appdata\local\programs\bandlab-assistant\bandlab assistant.exe] => (Allow) C:\users\adi\appdata\local\programs\bandlab-assistant\bandlab assistant.exe (BandLab Singapore Pte Ltd. -> BandLab Technologies)
FirewallRules: [{AF4319ED-176F-431F-AB25-18014CBF9AF9}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D851E5C0-62FA-45B3-AAD1-2BE53729E1C6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{40ED6EF7-C8F8-41DC-AE97-E11E35A21C60}] => (Allow) D:\Cakewalk\Shared Utilities\StartPage\CakewalkStartScreen.exe (BandLab Singapore Pte Ltd. -> BandLab Singapore Pte Ltd.)
FirewallRules: [{B563B94E-C1B8-4B24-9A37-5CE8454AFA66}] => (Allow) D:\Cakewalk\Shared Utilities\StartPage\CakewalkStartScreen.exe (BandLab Singapore Pte Ltd. -> BandLab Singapore Pte Ltd.)
FirewallRules: [{5EC3AAA1-165C-4496-B4D4-E6593A224EA1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{59F76768-0D76-482A-86EC-F00D4F4632BA}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{1DAE1806-A839-4FF6-BBF4-49E283A8506A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\90.0.818.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
08-05-2021 10:16:54 Scheduled Checkpoint
12-05-2021 09:02:22 Windows Modules Installer
==================== Faulty Device Manager Devices ============
Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Shrew Soft Virtual Adapter #2
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (05/16/2021 11:16:32 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.844_none_ca00b6081b84eb1d.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.844_none_11adecdf30011423.manifest.
Error: (05/16/2021 11:16:32 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.844_none_ca00b6081b84eb1d.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.844_none_11adecdf30011423.manifest.
Error: (05/16/2021 10:50:23 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.844_none_ca00b6081b84eb1d.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.844_none_11adecdf30011423.manifest.
Error: (05/16/2021 10:50:23 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.844_none_ca00b6081b84eb1d.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.844_none_11adecdf30011423.manifest.
Error: (05/16/2021 10:50:18 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.844_none_ca00b6081b84eb1d.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.844_none_11adecdf30011423.manifest.
Error: (05/16/2021 10:50:18 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.844_none_ca00b6081b84eb1d.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.844_none_11adecdf30011423.manifest.
Error: (05/16/2021 09:41:12 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.844_none_ca00b6081b84eb1d.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.844_none_11adecdf30011423.manifest.
Error: (05/16/2021 09:41:12 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Audacity\audacity.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.844_none_ca00b6081b84eb1d.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.844_none_11adecdf30011423.manifest.
System errors:
=============
Error: (05/16/2021 09:39:41 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Red Giant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (05/16/2021 09:39:25 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:02:43 PM on 5/15/2021 was unexpected.
Error: (05/16/2021 09:39:16 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684A fatal error occurred processing the restoration data.
Error: (05/15/2021 11:03:19 PM) (Source: DCOM) (EventID: 10010) (User: ADI-SAGER-NP815)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (05/15/2021 11:03:19 PM) (Source: DCOM) (EventID: 10010) (User: ADI-SAGER-NP815)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (05/15/2021 11:03:19 PM) (Source: DCOM) (EventID: 10010) (User: ADI-SAGER-NP815)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (05/15/2021 11:03:19 PM) (Source: DCOM) (EventID: 10010) (User: ADI-SAGER-NP815)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (05/15/2021 11:03:19 PM) (Source: DCOM) (EventID: 10010) (User: ADI-SAGER-NP815)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Windows Defender:
================
Date: 2021-05-13 09:28:20
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-05-12 10:19:12
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-05-11 09:52:24
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-05-11 09:46:59
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-05-10 09:11:50
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-05-14 09:05:12
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
Date: 2021-05-12 18:09:41
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.339.514.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18100.6
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2021-05-10 19:15:31
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.339.360.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18100.6
Error code: 0x80072ee2
Error description: The operation timed out
Date: 2021-05-05 19:08:07
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.339.21.0
Previous security intelligence Version: 1.337.631.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.18100.6
Previous Engine Version: 1.1.18100.5
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.
Date: 2021-05-05 19:08:07
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.339.21.0
Previous security intelligence Version: 1.337.631.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.18100.6
Previous Engine Version: 1.1.18100.5
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1.05.03LS2 08/25/2016
Motherboard: Notebook P65xRP
Processor: Intel® Core™ i7-6700HQ CPU @ 2.60GHz
Percentage of memory in use: 28%
Total physical RAM: 32651.86 MB
Available physical RAM: 23221.13 MB
Total Virtual: 34699.86 MB
Available Virtual: 23633.6 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:464.54 GB) (Free:149.2 GB) NTFS
Drive d: () (Fixed) (Total:465.76 GB) (Free:228.02 GB) NTFS
Drive m: (Hollie) (Fixed) (Total:465.76 GB) (Free:236.67 GB) NTFS
\\?\Volume{ed5df3df-5ad8-46db-857b-8fcd7d7d50b0}\ (Windows RE tools) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{3e848c4c-dc00-40e4-aa5f-9ad8203f65b5}\ () (Fixed) (Total:0.55 GB) (Free:0.07 GB) NTFS
\\?\Volume{b5e248b8-09dc-48bd-aa83-b5f047c3f60e}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: FF3265EB)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: FF32659C)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: A4B57300)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
), MusicBee (for listening to music), Chrome (just standard web browsing, email, youtube, etc), and I do use my computer for work - I log in to my work computer remotely using Cisco AnyConnect VPN.
Sign In
Create Account
