Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer acting weird, think i might have a virus. [Closed]


  • This topic is locked This topic is locked

#1
Maleboe

Maleboe

    Member

  • Member
  • PipPipPip
  • 100 posts

I have installed Kaspersky and it identified two trojan's and "removed" them. Slowly my taskbar has been acting wonky. At first I couldn't access the notifications bar now the taskbar is partially on my screen and partially hanging off the side. Games I downloaded from the Microsoft Store specifically Microsoft Jigsaw crash. Also Discord was uninstalled it seems like too.  Thanks in advance for any help.

 

Josh

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-06-2021
Ran by Mike (administrator) on COMMANDCENTER (09-06-2021 16:19:43)
Running from C:\Users\Mike\Desktop
Loaded Profiles: Mike & Andrew
Platform: Windows 10 Pro Version 21H1 19043.1023 (X64) Language: English (United States)
Default browser: Vivaldi
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
() [File not signed] C:\Users\Mike\Desktop\Sorted\Xpadder.v2015.01.01.Repack.Multilingual.Retail\Xpadder.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Andrew Masyk -> ) C:\Program Files (x86)\Simkl Tracker\1.0.6\Driver.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Brio) [File not signed] C:\Program Files\FolderSize\FolderSize.exe
(Brio) [File not signed] C:\Program Files\FolderSize\FolderSizeSvc.exe
(Deluge Team) [File not signed] C:\Program Files (x86)\Deluge\deluge.exe
(Discord Inc. -> Discord Inc.) C:\Users\Mike\AppData\Local\Discord\app-1.0.9002\Discord.exe <6>
(Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe <2>
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginClientService.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(F.lux Software LLC) C:\Program Files\WindowsApps\F.luxSoftwareLLC.f.lux_4.118.0.0_x86__sw1dyjdkns7gt\Flux\flux.exe
(Facebook Inc) C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\Messenger.exe <5>
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
(Google Inc (TEST) -> Epic Privacy Browser) [File not signed] C:\Users\Mike\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe
(Google LLC -> Google LLC) C:\Users\Mike\AppData\Local\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Users\Mike\AppData\Local\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avpui.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2105.19601.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17003.0_x64__8wekyb3d8bbwe\GamingServices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_2.53.17003.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.621.4222.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.621.4222.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1108979a670abe46\Display.NvContainer\NVDisplay.Container.exe <2>
(Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Windows\SwUSB.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(ShareX Team) [File not signed] C:\Program Files\ShareX\ShareX.exe
(sonarr.tv) [File not signed] C:\ProgramData\NzbDrone\bin\NzbDrone.Console.exe
(SurfRight B.V. -> SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(TAOBAO (CHINA) SOFTWARE CO.,LTD. -> ) C:\Program Files (x86)\UCBrowser\Application\7.0.185.1002\UCAgent.exe
(TAOBAO (CHINA) SOFTWARE CO.,LTD. -> ) C:\Program Files (x86)\UCBrowser\Application\UCService.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Vincent Burel -> VB-AUDIO Software) C:\Program Files (x86)\VB\Voicemeeter\voicemeeterpro.exe
(Vivaldi Technologies AS -> Vivaldi Technologies AS) C:\Program Files\Vivaldi\Application\update_notifier.exe
(Vivaldi Technologies AS -> Vivaldi Technologies AS) C:\Program Files\Vivaldi\Application\vivaldi.exe <41>
(VS Revo Group Ltd. -> VS Revo Group) C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [GameSessionsTray] => C:\Program Files\Tangentix\Runtime\x64\GSTray.exe [162192 2019-02-18] (Tangentix Ltd -> Tangentix Ltd)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [4357560 2017-06-13] (Stardock Corporation -> Stardock Corporation) [File not signed] [File is in use]
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1070664 2021-02-12] (Heidi Computers Ltd -> The Eraser Project)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3952096 2020-03-11] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [Innkeeper] => C:\ProgramData\SquirrelMachineInstalls\Innkeeper.exe [66593672 2019-01-12] (Curse, Inc. -> Curse Inc.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] (OOO Lightshot -> )
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [70858912 2021-06-06] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Run: [Vivaldi Update Notifier] => C:\Program Files\Vivaldi\Application\update_notifier.exe [2978192 2021-06-07] (Vivaldi Technologies AS -> Vivaldi Technologies AS)
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Run: [Discord] => C:\Users\Mike\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33223648 2021-06-06] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Run: [Google Update] => C:\Users\Mike\AppData\Local\Google\Update\1.3.36.82\GoogleUpdateCore.exe [217432 2021-04-20] (Google LLC -> Google LLC)
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Run: [SendAnywhere] => C:\Program Files (x86)\Send Anywhere\Send Anywhere.exe [90454840 2020-12-22] (Estmob Inc. -> Estmob Inc.)
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Run: [Microsoft Edge Update] => C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.143.57\MicrosoftEdgeUpdateCore.exe [242592 2021-04-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [44544 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [21793392 2021-04-19] (Plex, Inc. -> Plex, Inc.)
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Run: [SimklTracker] => C:\Program Files (x86)\Simkl Tracker\Launcher.exe [351160 2020-02-01] (Andrew Masyk -> )
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Run: [Fences] => c:\program files (x86)\stardock\fences\Fences.exe [4357560 2017-06-13] (Stardock Corporation -> Stardock Corporation) [File not signed] [File is in use]
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [109961064 2021-05-10] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Run: [TinyTake by MangoApps] => C:\Users\Mike\AppData\Local\MangoApps\TinyTake\TinyTake by MangoApps.exe [400992 2020-01-10] (MangoApps, Inc. -> MangoApps)
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3144824 2021-05-20] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Run: [Rambox] => C:\Users\Mike\AppData\Local\Programs\Rambox\Rambox.exe [105111640 2020-10-08] (Rambox LLC -> Rambox LLC)
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14858824 2020-12-23] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Run: [Xpadder] => C:\Users\Mike\Desktop\Sorted\Xpadder.v2015.01.01.Repack.Multilingual.Retail\Xpadder.exe [1178624 2014-12-31] () [File not signed]
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Run: [Folder Size] => C:\Program Files\FolderSize\FolderSize.exe [169472 2013-02-13] (Brio) [File not signed]
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [408896 2021-03-16] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4109032 2021-06-08] (Valve -> Valve Corporation)
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Run: [Epic Privacy Browser Installer] => C:\Users\Mike\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe [509096 2021-01-20] (Google Inc (TEST) -> Epic Privacy Browser) [File not signed]
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Run: [Opera GX Browser Assistant] => C:\Users\Mike\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Run: [Opera Browser Assistant] => C:\Users\Mike\assistant\browser_assistant.exe [4671696 2021-06-02] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\MountPoints2: {6ab08fea-361f-11eb-b262-60e3270d7793} - "E:\setup.exe" 
HKU\S-1-5-21-3967705999-1235421771-3941837385-1003\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33223648 2021-06-06] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-18\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [109961064 2021-05-10] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-18\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [21793392 2021-04-19] (Plex, Inc. -> Plex, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{401C381F-E0DE-4B85-8BD8-4F3F14FBDA57}] -> C:\Program Files (x86)\Microsoft\Edge Dev\Application\93.0.910.5\Installer\setup.exe [2021-06-09] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{43F137B0-8F4D-463B-AB83-ADEAD4F15096}] -> C:\Program Files (x86)\Microsoft\Edge Beta\Application\92.0.902.9\Installer\setup.exe [2021-06-09] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.77\Installer\chrmstp.exe [2021-05-26] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{9C142C0C-124C-4467-B117-EBCC62801D7B}] -> C:\Program Files\Vivaldi\Application\4.0.2312.24\Installer\chrmstp.exe [2021-06-09] (Vivaldi Technologies AS -> Vivaldi Technologies AS)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\91.1.25.70\Installer\chrmstp.exe [2021-06-03] (Brave Software, Inc. -> Brave Software, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TurboTop.lnk [2019-01-05]
ShortcutTarget: TurboTop.lnk -> C:\Program Files (x86)\TurboTop\TurboTop.exe (Savard Software -> Savard Software)
Startup: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Deluge.lnk [2019-05-15]
ShortcutTarget: Deluge.lnk -> C:\Program Files (x86)\Deluge\deluge.exe (Deluge Team) [File not signed]
Startup: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeskPins.lnk [2019-01-05]
ShortcutTarget: DeskPins.lnk -> C:\Program Files (x86)\DeskPins\deskpins.exe (Elias Fotinis) [File not signed]
Startup: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2020-08-04]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Mike\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook, Inc. -> Facebook)
Startup: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2021-05-16]
ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team) [File not signed]
Startup: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2019-11-21]
ShortcutTarget: Twitch.lnk -> C:\Users\Mike\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
Startup: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Voicemeeter (VB-Audio).LNK [2020-11-28]
ShortcutTarget: Voicemeeter (VB-Audio).LNK -> C:\Program Files (x86)\VB\Voicemeeter\voicemeeterpro.exe (Vincent Burel -> VB-AUDIO Software)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {09CF660B-5C5A-4C3B-801B-FAA481FCC535} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-04-25] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {0D00D3A4-0120-4275-BD90-E3EF9C4AF6A3} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {11805A04-0471-4F4E-BE86-6F037ECC3A15} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2021-06-06] (Kaspersky Lab JSC -> AO Kaspersky Lab)
Task: {144E5350-BC75-46FD-880F-4E9863C457DE} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-28] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {19695898-3CAB-45EC-AA92-22686FF5AF07} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3967705999-1235421771-3941837385-1001Core => C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [223120 2019-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {234A7308-0C3F-402B-9BC9-FF5E5472EF02} - System32\Tasks\Opera scheduled Autoupdate 1549159975 => C:\Users\Mike\launcher.exe [2199760 2021-06-02] (Opera Software AS -> Opera Software) <==== ATTENTION
Task: {2AAF58B0-AD45-40E2-A8EF-EE4772313469} - System32\Tasks\G2MUploadTask-S-1-5-21-3967705999-1235421771-3941837385-1001 => C:\Users\Mike\AppData\Local\GoToMeeting\19709\g2mupload.exe [31320 2021-05-29] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {30C128D9-8B66-459C-A676-292E16350B2E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {37317A0D-6899-462D-A1E9-0E12779155C2} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe [566672 2018-01-02] (TAOBAO (CHINA) SOFTWARE CO.,LTD. -> UCWeb Inc) <==== ATTENTION
Task: {41A7BBAD-FFAB-4F8E-9527-3B25EBABE388} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {49434581-68A6-4A48-990C-F64E771E3CCF} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4B1B3EB5-942D-448E-A7A3-D8C373F9920F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {50F89142-F515-49BE-92AB-8933E15041EF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-06] (Google Inc -> Google Inc.)
Task: {5CE4265A-0E19-424F-A02D-647171439CD2} - System32\Tasks\Patch My PC => C:\Users\Mike\Desktop\PatchMyPC.exe [3164696 2021-04-09] (Patch My PC, LLC -> Patch My PC, LLC)
Task: {5E6F6F69-9208-4F2E-9515-EBB6FA5AD925} - System32\Tasks\TinyTakeUpgrade => C:\Users\Mike\AppData\Local\MangoApps\TinyTake\TinyTake.exe [98912 2020-01-10] (MangoApps, Inc. -> MangoApps Inc.)
Task: {60E3C5E5-15B8-4FD8-AD42-D197DB3083FF} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
Task: {614419CA-B19D-4A8F-B6BA-85562E66F4C2} - \CMPCUAC -> No File <==== ATTENTION
Task: {65CB17C9-437B-4C94-BF1E-0DDA4C0BCCD9} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3817392 2020-06-18] (Easeware Technology Limited -> Easeware)
Task: {683622AB-7838-497C-B0A1-512E04ADF04A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3953096 2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {6AF1311F-4295-4B76-A9F1-E3C8D1729CDA} - System32\Tasks\Opera scheduled assistant Autoupdate 1616978256 => C:\Users\Mike\launcher.exe [2199760 2021-06-02] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Mike\assistant" $(Arg0)
Task: {6B448BB0-545D-494C-9B96-66CB1BE922A6} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {72D74017-981C-48B9-A856-44F1AECE33A9} - System32\Tasks\Simkl Tracker Detection System => C:\Program Files (x86)\Simkl Tracker\Launcher.exe [351160 2020-02-01] (Andrew Masyk -> )
Task: {7397046B-2C4F-4370-9C91-AA2A83962EF2} - System32\Tasks\UCBrowserUpdaterCore => C:\Program Files (x86)\UCBrowser\Application\update_task.exe [566672 2018-01-02] (TAOBAO (CHINA) SOFTWARE CO.,LTD. -> UCWeb Inc) <==== ATTENTION
Task: {74F5B3C2-8FCF-4922-BC70-CC1A20CBF521} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1614987101 => C:\Users\Mike\AppData\Local\Programs\Opera GX\launcher.exe [1821392 2021-06-01] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Mike\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {7DD98DCA-75E6-4932-B20D-0B5CB2BF8FFF} - System32\Tasks\PowerToys\Autorun for Mike => C:\Program Files\PowerToys\PowerToys.exe [1254288 2021-05-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E7F881A-2B95-470C-8996-04148FB37D1A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3953096 2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {7EE83B49-23AC-4E46-BC52-3060CD616AA2} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Mike\Desktop\esetonlinescanner.exe [11697056 2021-06-06] (ESET, spol. s r.o. -> ESET)
Task: {82641F35-D066-4243-8D62-B479CE166134} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {844B744A-E0E0-4A59-ACD9-CE1CF4989D81} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {859B64E4-3F84-47C1-B341-BB354B80C2CE} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {9B676832-0A68-45F4-84ED-E86A64C1D2BF} - System32\Tasks\Opera GX scheduled Autoupdate 1611185292 => C:\Users\Mike\AppData\Local\Programs\Opera GX\launcher.exe [1821392 2021-06-01] (Opera Software AS -> Opera Software)
Task: {9F50D58A-9E5E-4327-86D2-A0A474D3C2D3} - System32\Tasks\Opera scheduled assistant Autoupdate 1600302842 => C:\Users\Mike\launcher.exe [2199760 2021-06-02] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Mike\assistant" $(Arg0)
Task: {A1B6CA89-6751-444D-8323-7A85143192F3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {AE084A12-BFE0-40D6-B292-F75E67453971} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3967705999-1235421771-3941837385-1001Core => C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [156968 2019-02-26] (Google Inc -> Google Inc.)
Task: {B4899648-3A99-48E9-A64F-83D4BD98A8C1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118088 2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {B8416E93-0048-4430-88E2-F6EBDB475F4B} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe
Task: {C6246036-7B8E-4D3C-BC51-648909B28C56} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3967705999-1235421771-3941837385-1001UA => C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe [156968 2019-02-26] (Google Inc -> Google Inc.)
Task: {CDBE9E94-90D8-4568-A94A-41B0742392F4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118088 2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE899CC0-4439-405A-8008-4A576D4D2DBB} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Mike\Desktop\esetonlinescanner.exe [11697056 2021-06-06] (ESET, spol. s r.o. -> ESET)
Task: {D6992509-9944-4885-A5E0-70D68875D968} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {DAAC57CC-24A6-4933-BFAE-6D2119C80ECE} - System32\Tasks\G2MUpdateTask-S-1-5-21-3967705999-1235421771-3941837385-1001 => C:\Users\Mike\AppData\Local\GoToMeeting\19709\g2mupdate.exe [31320 2021-05-29] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {DC3091A8-1EDA-4F61-BEB6-6FE509A877C0} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3336560 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E489964C-1CA6-4F2B-96A9-5BA412B730AE} - System32\Tasks\Open URL by RoboForm => C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "https://www.roboform...AJKILIBNKJHIKJ"
Task: {E5BD55E7-770A-4A9C-BF80-857E29D429D0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-06] (Google Inc -> Google Inc.)
Task: {FA42075A-3D71-44E1-B2E9-053FA36D4017} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3967705999-1235421771-3941837385-1001UA => C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [223120 2019-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {FC268B2D-2DE5-47E6-9CE5-2D0193BF4BF1} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-04-25] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {FEFC62F9-A9D1-49D6-B632-D530AE067983} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-28] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3967705999-1235421771-3941837385-1001.job => C:\Users\Mike\AppData\Local\GoToMeeting\19709\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3967705999-1235421771-3941837385-1001.job => C:\Users\Mike\AppData\Local\GoToMeeting\19709\g2mupload.exe
Task: C:\WINDOWS\Tasks\Simkl Tracker Detection System.job => C:\Program Files (x86)\Simkl Tracker\Launcher.exe
Task: C:\WINDOWS\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\UCBrowserUpdaterCore.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7430b88c-9c8d-4970-8254-8575e4fd3798}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{acf3bd59-99b8-4138-bb30-01cce098497b}: [DhcpNameServer] 192.168.1.1
 
Edge: 
=======
DownloadDir: C:\Users\Mike\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (RoboForm) -> EdgeExtension_SiberSystemsIncRoboFormEdge_7kk3kr9e0p1np => C:\Program Files\WindowsApps\SiberSystemsInc.RoboFormEdge_8.5.7.0_x86__7kk3kr9e0p1np [2021-06-03]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-06]
Edge Notifications: Default -> hxxps://www.youtube.com
Edge HomePage: Default -> edge://newtab/
Edge NewTab: Default ->  Not-active:"chrome-extension://acifeljplikjhjobbicjiknoeafjoddh/newtab.html"
Edge Extension: (Cluster - Window & Tab Manager) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aadahadfdmiibmdhfmpbeeebejmjnkef [2020-07-22]
Edge Extension: (Context) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aalnjolghjkkogicompabhhbbkljnlka [2020-07-22]
Edge Extension: (Google Translate) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-07-22]
Edge Extension: (Magic Actions for YouTube™) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2021-05-17]
Edge Extension: (New tab page by start.me) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\acifeljplikjhjobbicjiknoeafjoddh [2021-01-06]
Edge Extension: (Buster: Captcha Solver for Humans) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\admkpobhocmdideidcndkfaeffadipkc [2020-10-17]
Edge Extension: (Universal Bypass) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aihomhdbhpnpmcnnbckjjcebjoikpihj [2020-07-22]
Edge Extension: (Dr.Web Link Checker) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aleggpabliehgbeagmfhnodcijcmbonb [2020-07-22]
Edge Extension: (reddit companion) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\algjnflpgoopkdijmkalfcifomdhmcbe [2020-07-22]
Edge Extension: (TooManyTabs for Chrome) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp [2020-07-22]
Edge Extension: (Honey) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\amnbcmdbanbkjhnfoeceemmmdiepnbpp [2021-05-17]
Edge Extension: (WikiTube) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aneddidibfifdpbeppmpoackniodpekj [2020-07-22]
Edge Extension: (Tools for Amazon's Mechanical Turk) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aoffgjejcepnijgahpckhajchahfpojo [2020-07-22]
Edge Extension: (PriceBlink Coupons and Price Comparison) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aoiidodopnnhiflaflbfeblnojefhigh [2020-11-03]
Edge Extension: (F.B.(FluffBusting)Purity) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bbadpifemeclpdmgelgehgclmeohdoge [2021-06-06]
Edge Extension: (LastPass: Free Password Manager) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bbcinlkgjjkejfdpemiealijmmooekmp [2021-03-29]
Edge Extension: (Sexy Undo Close Tab) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bcennaiejdjpomgmmohhpgnjlmpcjmbg [2020-07-22]
Edge Extension: (HoverReader) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bgchppjofckmmlfpegeinpegcjmejnlk [2020-07-22]
Edge Extension: (Social Fixer for Facebook) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bhaooomeolkdacolgpkfbfookhomkbei [2021-06-06]
Edge Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2020-10-20]
Edge Extension: (ReviewMeta.com Review Analyzer) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cagmalmckifngccehkojnimlabphpgci [2020-07-22]
Edge Extension: (JunkFill) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cajejbcjfkhgmfbapmhopccephhjedeb [2020-07-22]
Edge Extension: (DuckDuckGo) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caoacbimdbbljakfhgikoodekdnlcgpk [2021-05-17]
Edge Extension: (Link Grabber) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caodelkhipncidmoebgbbeemedohcdma [2020-07-22]
Edge Extension: (DuckieTV - 'Browser Action' mode) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cdfkaloficjmdjbgmckaddgfcghgidei [2020-07-22]
Edge Extension: (Random Select Radio Buttons) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cdhihojoekiijkcmfdejobiodnlgijmb [2020-07-22]
Edge Extension: (DownAlbum) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cgjnhhjpfcdhbhlcmmjppicjmgfkppok [2020-07-30]
Edge Extension: (OneTab) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2021-03-19]
Edge Extension: (Add to Amazon Wish List) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2020-07-22]
Edge Extension: (TwoSeven Extension) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cjdnfmjmdligcpfcekfmenlhiopehjkd [2021-06-06]
Edge Extension: (Houseparty) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cjkkodhikogdenlfobgbhkggogejidim [2020-07-22]
Edge Extension: (uBlock Origin) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-03-20]
Edge Extension: (Do Not Track) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ckdcpbflcbeillmamogkpmdhnbeggfja [2020-07-22]
Edge Extension: (QueueTube for YouTube!) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cmgmibjndnhopdjednaoapagmpchagmg [2020-07-22]
Edge Extension: (Grammarly for Microsoft Edge) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cnlefmmeadmemmdciolhbnfeacpdfbkd [2021-04-08]
Edge Extension: (Netfix) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cpgbdfpoaalclikhghccccakifaoboam [2020-07-22]
Edge Extension: (IMDB Ratings Viewer) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\daaoegihbflfijkdhalidlmochdbobgb [2020-08-11]
Edge Extension: (Outline: Read & annotate without distractions) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\daoolpmoieinofbnddaofhkhmbagfmnj [2020-07-22]
Edge Extension: (Enhancer for Netflix, Crunchyroll, etc) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dbpjfmehfpcgmlpfnfilcnhbckmecmca [2021-01-06]
Edge Extension: (Auto Copy) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dccbmdgkdanddjmfehgigdhcijadgfkc [2020-07-22]
Edge Extension: (Quick Search for Google Drive™) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ddebdlfmldojeofgkeocjdkloocegmae [2020-07-22]
Edge Extension: (User-Agent Switcher for Chrome) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2020-07-22]
Edge Extension: (MightyText - SMS from PC & Text from Computer) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi [2020-07-22]
Edge Extension: (Yet another flags) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dmchcmgddbhmbkakammmklpoonoiiomk [2020-07-22]
Edge Extension: (Hover Hound) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dogmhlelnjpjgahofccgbfnmojkmlfep [2021-04-08]
Edge Extension: (Project Naptha) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eckaechjaiiiffijigiigbhbfhelljmi [2020-07-22]
Edge Extension: (Session Buddy) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2020-07-22]
Edge Extension: (VT4Browsers) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\efbjojhplkelaegfbieplglfidafgoka [2021-03-19]
Edge Extension: (Tabs Outliner) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eggkanocgddhmamlbiijnphhppkpkmkl [2021-04-08]
Edge Extension: (Floating Video - Picture in Picture) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\egncdnniomonjgpjbapalkckojhkfddk [2021-03-19]
Edge Extension: (Floating Player) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ekajjllcmeckibblgckgoceinmmgnfop [2020-07-22]
Edge Extension: (Custom Cursor for Microsoft Edge™) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ekmpbacnhaailfeebjmpoeifoobmpfhk [2020-07-22]
Edge Extension: (streamkeys) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ekpipjofdicppbepocohdlgenahaneen [2021-01-22]
Edge Extension: (Photo Zoom for Facebook) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2020-07-22]
Edge Extension: (MediaPlus) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emaamodndfmmmcjepfigalbjjjemadom [2020-07-22]
Edge Extension: (Disable Youtube™ HTML5 Player) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\enmofgaijnbjpblfljopnpdogpldapoc [2020-07-22]
Edge Extension: (Link Klipper - Extract all links) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fahollcgofmpnehocdgofnhkkchiekoo [2020-07-22]
Edge Extension: (PageZipper) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fbbmnbomimdgmecfpbilhoafgmmeagef [2020-07-22]
Edge Extension: (Flix Plus by Lifehacker) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fcjjgdnadfneaamhipplgpfkdnbfagla [2020-07-22]
Edge Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2021-03-19]
Edge Extension: (AddToAny: Share Anywhere) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ffpgijchhhkhnokafdeklpllijgnbche [2021-02-16]
Edge Extension: (TV Time) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fhcbbglcdkbmpdgjdjijeffldkboolmf [2020-07-22]
Edge Extension: (Simkl Lists: TV, Anime, Movies - TV Tracker) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fhiabfcpddboebdhgemjmgjekolegdop [2020-07-22]
Edge Extension: (RetailMeNot Deal Finder™️) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fhlidomodkicgjafmppbblmgbkdcjpad [2021-04-08]
Edge Extension: (Tab Suspender) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fiabciakcmgepblmdkmemdbbkilneeeh [2021-02-18]
Edge Extension: (netflixQ) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fjbfidbblfnfbgniilajdlnfdoefbabj [2020-07-22]
Edge Extension: (Stylish - Custom themes for any website) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2020-07-22]
Edge Extension: (All Netflix Categories) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fkjmbiakdlohkehbmcoalflelnbhpkpl [2021-03-19]
Edge Extension: (Turn Off the Lights) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fmamkbgpnienhphflfdamlhnljffjdgm [2021-02-24]
Edge Extension: (appchan x) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gfibffekgcmgabbfaibbbcapgnfobnoi [2020-07-22]
Edge Extension: (TLDR: Summarize Anything) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\giepilabiomhlcmlefmbfkgeoccfhhhc [2020-07-22]
Edge Extension: (FBS II : Fast Bookmark Scanner II) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gjcmklpilmpfhfjpebhnapnglcppdbic [2020-07-22]
Edge Extension: (Google Calendar) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2021-01-22]
Edge Extension: (Surfkollen) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gppknicflbmnbafhkkioomiflihfcplh [2020-07-22]
Edge Extension: (trakt.tv Everywhere) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\haogccejmloicihdocopcddefdcphfei [2020-07-22]
Edge Extension: (SurfSafe - join the fight against fake news) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hbpagabeiphkfhbboacggckhkkipgdmh [2020-07-22]
Edge Extension: (Drumpfinator) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hcimhbfpiofdihhdnofbdlhjcmjopilp [2020-07-22]
Edge Extension: (LinkedIn Sales Navigator) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hihakjfhbmlmjdnnhegiciffjplmdhin [2020-07-22]
Edge Extension: (Sync Video) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hilcpphmhldjdgdhfkbmdeobjmpecmih [2020-07-22]
Edge Extension: (SuperSorter) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hjebfgojnlefhdgmomncgjglmdckngij [2020-08-11]
Edge Extension: (Silent Site Sound Blocker) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hkbdhiphllimobjnfeeekaogfibmdgfe [2020-07-22]
Edge Extension: (Sprucemarks) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hkgmpcaalcjjihcdkbnlnnhkppibepoa [2021-02-16]
Edge Extension: (Sure Or Not - News Date Validator) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hkiapjaidokhcajjnpldhioambcjbbhp [2020-07-22]
Edge Extension: (Break Timer) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hklkdbpicdmlpoiellngedpejjkmapei [2020-07-22]
Edge Extension: (Pay by Privacy.com) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hmgpakheknboplhmlicfkkgjipfabmhp [2020-07-22]
Edge Extension: (Don't Pay Trump) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hnabeofjicpfonofmomeehhaecnfnnhg [2020-07-22]
Edge Extension: (IMG inspector) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hpogobkggapdhmfnamfnhmchcbmehokb [2020-07-22]
Edge Extension: (Market Ninja) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ianepdojanpgedooeellkppgoljdefoo [2020-07-22]
Edge Extension: (Crazy Shooting) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ifbhccdddhenjmeamogpjhicnoffdood [2020-07-22]
Edge Extension: (AutoPagerize) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\igiofjhpmpihnifddepnpngfjhkfenbp [2020-07-22]
Edge Extension: (Tampermonkey) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\iikmkjmpaadaobahmlepeloendndfphd [2020-11-13]
Edge Extension: (Coloring Pages) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ijhcehgkaccjiljllpejjekibagmonki [2020-07-22]
Edge Extension: (Imagus) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab [2020-07-22]
Edge Extension: (Clean IMDb) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ingodbhkemojiibhhbfhjaeaciikbiik [2020-07-22]
Edge Extension: (Chrome Remote Desktop) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2020-07-22]
Edge Extension: (iCheckNetflixPlus) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jeinanillnkehhekcipjggepagfdkpjb [2020-07-22]
Edge Extension: (Pinterest Save Button) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jfcjijcigimhjjdimpghneggnegiphhh [2020-07-22]
Edge Extension: (Earth View from Google Earth) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jflkdbmhlhonpbghiffjbjhmjbdjckhn [2020-07-22]
Edge Extension: (Chrome extension source viewer) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jifpbeccnghkjeaalbbjmodiffmgedin [2020-07-22]
Edge Extension: (Black Menu for Google™) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jjdlcdijobjclpmdhphkfmfflmlhhhgf [2021-04-08]
Edge Extension: (Bookmark All) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jjhpikpjjhlcmifagompgmhkjalhjopj [2020-07-22]
Edge Extension: (SwagButton) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jkdkbjmbppokkkjhedmhpmdjbckelnen [2021-02-16]
Edge Extension: (Reddit Enhancement Suite) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jlhgedjpndhblehblebhncfmkkpngiep [2021-04-08]
Edge Extension: (Unpartial Truthiness Analyzer (Fake News)) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jpdpghhjplgahhihongcbbmnnfolclld [2020-07-22]
Edge Extension: (Shareaholic for Google Chrome™) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kbmipnjdeifmobkhgogdnomkihhgojep [2020-07-22]
Edge Extension: (Google Voice (by Google)) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo [2020-07-22]
Edge Extension: (PocketTube: Youtube Subscription Manager) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kdmnjgijlmjgmimahnillepgcgeemffb [2021-04-08]
Edge Extension: (Simple Notepad) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kfjclcfpbfhdmikhohhjacgdmndneckj [2020-07-22]
Edge Extension: (eBay for Chrome) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck [2020-07-22]
Edge Extension: (Make America Kittens Again) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\klchnmggepghlcolikgaekpibclpmgcm [2020-07-22]
Edge Extension: (IP Whois & Flags Chrome & Websites Rating) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kmdfbacgombndnllogoijhnggalgmkon [2020-07-22]
Edge Extension: (SimpleExtManager) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kniehgiejgnnpgojkdhhjbgbllnfkfdk [2020-12-02]
Edge Extension: (Magic Enhancer For YouTube™) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2020-07-22]
Edge Extension: (Mercury Reader) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kpldbdfpngbdadafgaccakmeaoeligcl [2020-07-22]
Edge Extension: (Instapaper) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ldjkgaaoikpmhmkelcgkgacicjfbofhh [2020-07-22]
Edge Extension: (Racing Car Game : Bomb) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lfgegdofhghiobhllaniipmplkbligpi [2020-07-22]
Edge Extension: (Linkclump) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lfpjkncokllnfokkgpkobnkbkmelfefj [2020-07-30]
Edge Extension: (InvisibleHand) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lghjfnfolmcikomdjmoiemllfnlmmoko [2021-04-08]
Edge Extension: (Lyrics Here by Rob W) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lifkpflabnobkgbjpcmocmgcajlecbcp [2020-07-22]
Edge Extension: (Privacy Cleaner) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\liiikhhbkpmpomjmdofandjmdgapiahi [2020-08-11]
Edge Extension: (Behind The Overlay) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ljipkdpcjbmhkdjjmbbaggebcednbbme [2021-01-06]
Edge Extension: (Scener – Virtual Movie Theater) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lkhjgdkpibcepflmlgahofcmeagjmecc [2021-04-08]
Edge Extension: (Better YouTube Watch History) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lleajdkalfbohpinoaekajagdefaeckd [2020-07-22]
Edge Extension: (Dark Theme for YouTube) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lnfaaiohofiechamjlpapjnebambioll [2020-07-22]
Edge Extension: (TL;DR - Read less junk, Save time, Learn more) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lohgmjbkklfejjkldkagdghdcdlhcolo [2020-07-22]
Edge Extension: (YouTube Ad Auto-skipper) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lokpenepehfdekijkebhpnpcjjpngpnd [2020-07-22]
Edge Extension: (YouTube Auto Like) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\loodalcnddclgnfekfomcoiipiohcdim [2020-07-22]
Edge Extension: (Google Keep Chrome Extension) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2021-04-08]
Edge Extension: (Trim: IMDB Ratings on Netflix) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lpgajkhkagnpdjklmpgjeplmgffnhhjj [2021-02-24]
Edge Extension: (Extensions Manager (aka Switcher)) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc [2020-07-22]
Edge Extension: (All Video Downloader professional) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mbpnbnogejaolbhfpfgagldkeahefbhd [2020-08-18]
Edge Extension: (Conversationally) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mcfbbglcjhnmhfghdhcidhpfgdcfjnaj [2020-07-22]
Edge Extension: (Chrono Download Manager) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2021-02-16]
Edge Extension: (Validately Unmoderated Testing) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\melllclmaeifhnkdognllnifjhjcbila [2021-01-06]
Edge Extension: (Flashcontrol) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mfidmkgnfgnkihnjeklbekckimkipmoe [2020-07-22]
Edge Extension: (Fake news debunker by InVID & WeVerify) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mhccpoafgdgbhnjfhkcmgknndkeenfhe [2020-11-03]
Edge Extension: (Screencastify - Screen Video Recorder) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mmeijimgabbpbgpdklnllpncmdofkcpn [2021-04-08]
Edge Extension: (Time Tracker) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mokmnbikneoaenmckfmgjgjimphfojkd [2020-07-22]
Edge Extension: (Popup my Bookmarks) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mppflflkbbafeopeoeigkbbdjdbeifni [2020-12-02]
Edge Extension: (Google Hangouts) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2020-08-18]
Edge Extension: (Checker Plus for Google Drive™) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcbbjeihlogjndoheabejedggehfbei [2021-03-19]
Edge Extension: (My IMDb) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ngicopfkgbodejbbfalbmobdpjebhhmb [2020-07-22]
Edge Extension: (Forever pinned) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nigigpmchbpkjjgncmpiggfnikllldlh [2020-07-22]
Edge Extension: (Watch Next: YouTube) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\niibinkldkaebmhbgigaadpoooonlagb [2020-07-22]
Edge Extension: (RSS Subscription Extension (by Google)) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2020-07-22]
Edge Extension: (Read Aloud: A Text to Speech Voice Reader) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nmpoeeoiinfjbokhiglialghhgphffah [2020-07-22]
Edge Extension: (ezLinkPreview) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nnkcfbiefgdaceeplickkkmifpicbpcc [2020-07-22]
Edge Extension: (Personal Blocklist (by Google)) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nolijncfnkgaikbjbdaogikpmpbdcdef [2020-07-22]
Edge Extension: (Hover Zoom) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2020-07-22]
Edge Extension: (Terms of Service; Didn’t Read) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oaaecoiolcpocebdnakfpfjegbmmpkjn [2020-07-22]
Edge Extension: (AdFly Skipper) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\obnfifcganohemahpomajbhocfkdgmjb [2020-10-20]
Edge Extension: (Prolific Assistant) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ocfncbnofopjedoepmekajbgdenadepp [2021-03-24]
Edge Extension: (Context Menu Search) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ocpcmghnefmdhljkoiapafejjohldoga [2020-07-22]
Edge Extension: (Real-Debrid extension) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oefkkgfcahbeccgckjgbnfclcmnjgidg [2020-07-22]
Edge Extension: (ScriptSafe) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2020-07-22]
Edge Extension: (EarnHoney OPTin meter) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\okgdnknbephdpcpdmhdoipbimihfnccm [2020-07-22]
Edge Extension: (Better Browse for Netflix) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\olciafpppkdhlcjfmaibelnopafmhmdd [2020-07-22]
Edge Extension: (Rain Alarm Extension) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\olnconaknblgbkfgknkfmmfhhbebkekd [2020-07-22]
Edge Extension: (Recent Bookmarks) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\olndffocioplakeilhkgenfgdincjlpn [2020-07-22]
Edge Extension: (Spotify Playlist Extractor) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\onglffcjldphmpfnpdfmngfenhmjlnnn [2020-07-22]
Edge Extension: (Netflix Party is now Teleparty) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2021-03-19]
Edge Extension: (AlienTube for YouTube™) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opgodjgjgojjkhlmmhdlojfehcemknnp [2020-07-22]
Edge Extension: (tumbyPageGetter + tumbyHover) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\palcdpnojkmdjpkdcldniiefhdokbojb [2020-07-22]
Edge Extension: (One Click Extensions Manager) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pbgjpgbpljobkekbhnnmlikbbfhbhmem [2021-01-06]
Edge Extension: (Visualping) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pemhgklkefakciniebenbfclihhmmfcd [2020-07-22]
Edge Extension: (Send from Gmail (by Google)) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2020-07-22]
Edge Extension: (Weather Forecast) - C:\Users\Mike\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\phklfmbdnakdekionmpfdiihnmijfpnl [2020-07-22]
Edge HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-21-3967705999-1235421771-3941837385-1003\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
StartMenuInternet: Microsoft Edge Beta - C:\Program Files (x86)\Microsoft\Edge Beta\Application\msedge.exe
StartMenuInternet: Microsoft Edge Dev - C:\Program Files (x86)\Microsoft\Edge Dev\Application\msedge.exe
 
FireFox:
========
FF DefaultProfile: h2trk13v.default
FF DefaultProfile: asqwbru5.default
FF ProfilePath: C:\Users\Mike\AppData\Roaming\Waterfox\Profiles\qgje1zxw.68-edition-default-1 [2021-05-17]
FF ProfilePath: C:\Users\Mike\AppData\Roaming\Waterfox\Profiles\h2trk13v.default [2020-06-05]
FF ProfilePath: C:\Users\Mike\AppData\Roaming\Waterfox\Profiles\4du2n46n.68-edition-default [2021-02-14]
FF Extension: (uBlock Origin) - C:\Users\Mike\AppData\Roaming\Waterfox\Profiles\4du2n46n.68-edition-default\Extensions\[email protected] [2020-10-28]
FF ProfilePath: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\asqwbru5.default [2021-06-07]
FF Extension: (OneTab) - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\asqwbru5.default\Extensions\[email protected] [2020-10-28]
FF Extension: (uBlock Origin) - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\asqwbru5.default\Extensions\[email protected] [2020-12-13]
FF Extension: (Imagus) - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\asqwbru5.default\Extensions\{00000f2a-7cde-4f20-83ed-434fcb420d71}.xpi [2020-04-19] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Extension: (YouTube High Definition) - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\asqwbru5.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2020-10-28]
FF Extension: (Unpaywall) - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\asqwbru5.default\Extensions\{f209234a-76f0-4735-9920-eb62507a54cd}.xpi [2020-11-19]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitReaderPlugin.dll [2021-05-19] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitReaderPlugin.dll [2021-05-19] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitReaderPlugin.dll [2021-05-19] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitReaderPlugin.dll [2021-05-19] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitReaderPlugin.dll [2021-05-19] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2012-06-26] (Google Inc. -> Google, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll [No File]
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2020-04-25] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2020-04-25] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.13 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.14 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3967705999-1235421771-3941837385-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\Mike\AppData\Local\Epic Privacy Browser\Installer\1.3.29.13\npEpicUpdate3.dll [2021-01-20] (Google Inc (TEST) -> Epic Privacy Browser) [File not signed]
FF Plugin HKU\S-1-5-21-3967705999-1235421771-3941837385-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\Mike\AppData\Local\Epic Privacy Browser\Installer\1.3.29.13\npEpicUpdate3.dll [2021-01-20] (Google Inc (TEST) -> Epic Privacy Browser) [File not signed]
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default [2021-06-05]
CHR DownloadDir: D:\My Downloads
CHR Notifications: Default -> hxxp://127.0.0.1; hxxps://app.houseparty.com; hxxps://calendar.google.com; hxxps://greatist.com; hxxps://onlinemovies.watch; hxxps://pa.zzzpush.icu; hxxps://paidviewpoint.com; hxxps://postmates.com; hxxps://rp.zzzpush.icu; hxxps://us-foodfc.yousweeps.com; hxxps://us.letgo.com; hxxps://voice.google.com; hxxps://www.6pm.com; hxxps://www.aliexpress.com; hxxps://www.androidcentral.com; hxxps://www.comicbookmovie.com; hxxps://www.consumeraffairs.com; hxxps://www.courier-journal.com; hxxps://www.duolingo.com; hxxps://www.ebtcardbalance.com; hxxps://www.game-debate.com; hxxps://www.lawenforcementtoday.com; hxxps://www.netflix.com; hxxps://www.newsweek.com; hxxps://www.orthofeet.com; hxxps://www.tellwut.com; hxxps://www.tennessean.com; hxxps://www.watchcartoononline.io; hxxps://www.watchonline.guide; hxxps://www.windowscentral.com
CHR HomePage: Default -> hxxps://start.me/p/3g5GJZ/home
CHR StartupUrls: Default -> "hxxps://start.me/p/3g5GJZ/home"
CHR NewTab: Default ->  Active:"chrome-extension://cfmnkhhioonhiehehedmnjibmampjiab/newtab.html"
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Extension: (Cluster - Window & Tab Manager) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aadahadfdmiibmdhfmpbeeebejmjnkef [2019-12-17]
CHR Extension: (Context) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aalnjolghjkkogicompabhhbbkljnlka [2019-01-06]
CHR Extension: (Google Translate) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-19]
CHR Extension: (Slides) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-06]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2021-05-05]
CHR Extension: (Duolingo on the Web) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2019-01-06]
CHR Extension: (Universal Bypass) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aihomhdbhpnpmcnnbckjjcebjoikpihj [2020-05-07]
CHR Extension: (Word Search Puzzle) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\alcobafdkcddhiabfgnongafffchimnl [2019-01-06]
CHR Extension: (Dr.Web Link Checker) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aleggpabliehgbeagmfhnodcijcmbonb [2020-05-28]
CHR Extension: (TooManyTabs for Chrome) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp [2020-05-28]
CHR Extension: (WikiTube) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aneddidibfifdpbeppmpoackniodpekj [2019-01-06]
CHR Extension: (Tools for Amazon's Mechanical Turk) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoffgjejcepnijgahpckhajchahfpojo [2019-01-06]
CHR Extension: (Docs) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-06]
CHR Extension: (PriceBlink Coupons and Price Comparison) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoiidodopnnhiflaflbfeblnojefhigh [2020-11-05]
CHR Extension: (Google Drive) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (Directory Index Media Player) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcanaaidccjjjigbdiegafllllpbgkdg [2019-01-06]
CHR Extension: (Sexy Undo Close Tab) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcennaiejdjpomgmmohhpgnjlmpcjmbg [2019-01-06]
CHR Extension: (Turn Off the Lights) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2021-04-17]
CHR Extension: (HoverReader) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgchppjofckmmlfpegeinpegcjmejnlk [2019-01-06]
CHR Extension: (Earth View from Google Earth) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhloflhklmhfpedakmangadcdofhnnoh [2020-09-18]
CHR Extension: (Auto Copy) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\bijpdibkloghppkbmhcklkogpjaenfkg [2020-05-28]
CHR Extension: (DuckDuckGo) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2021-06-04]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2020-10-16]
CHR Extension: (YouTube) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-06]
CHR Extension: (Honey) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2021-05-20]
CHR Extension: (JunkFill) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\cajejbcjfkhgmfbapmhopccephhjedeb [2019-01-06]
CHR Extension: (Link Grabber) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\caodelkhipncidmoebgbbeemedohcdma [2019-01-06]
CHR Extension: (DuckieTV - 'Browser Action' mode) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdfkaloficjmdjbgmckaddgfcghgidei [2019-01-06]
CHR Extension: (Random Select Radio Buttons) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdhihojoekiijkcmfdejobiodnlgijmb [2019-01-06]
CHR Extension: (8-Ball Pool) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\cedbddnnmhgnedpamoenmdkhnpnfbpjb [2019-01-06]
CHR Extension: (New tab page by start.me) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfmnkhhioonhiehehedmnjibmampjiab [2021-03-18]
CHR Extension: (DownAlbum) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgjnhhjpfcdhbhlcmmjppicjmgfkppok [2020-08-02]
CHR Extension: (OneTab) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2021-03-16]
CHR Extension: (Add to Amazon Wish List) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2019-01-06]
CHR Extension: (TwoSeven Extension) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjdnfmjmdligcpfcekfmenlhiopehjkd [2021-05-25]
CHR Extension: (uBlock Origin) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-05-16]
CHR Extension: (Do Not Track) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckdcpbflcbeillmamogkpmdhnbeggfja [2019-01-06]
CHR Extension: (TypingWeb Typing Tutor) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\clcgempicojkfhpnepfecmklndooebjk [2019-01-06]
CHR Extension: (QueueTube for YouTube!) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmgmibjndnhopdjednaoapagmpchagmg [2019-09-13]
CHR Extension: (Spotify - Music for every moment) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2019-01-06]
CHR Extension: (Netfix) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpgbdfpoaalclikhghccccakifaoboam [2019-01-06]
CHR Extension: (IMDB Ratings Viewer) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\daaoegihbflfijkdhalidlmochdbobgb [2020-08-12]
CHR Extension: (Outline: Read & annotate without distractions) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\daoolpmoieinofbnddaofhkhmbagfmnj [2019-01-06]
CHR Extension: (Enhancer for Netflix, Crunchyroll, etc) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbpjfmehfpcgmlpfnfilcnhbckmecmca [2021-01-06]
CHR Extension: (Quick Search for Google Drive™) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddebdlfmldojeofgkeocjdkloocegmae [2019-01-06]
CHR Extension: (Tampermonkey) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2021-06-01]
CHR Extension: (Chrome Speak) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\diagnfimeecdcecjpnkjgbnlelkclcpj [2019-01-06]
CHR Extension: (Give Up) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\diippoclinjdbklinhchgedilfncehbi [2019-01-06]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2021-03-18]
CHR Extension: (MightyText - SMS from PC & Text from Computer) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi [2019-11-04]
CHR Extension: (PocketSmith - Personal Cashflow Forecasting) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpacaoamfanlmkfcalnbbcdbmfcmclf [2019-01-06]
CHR Extension: (Mapnificent) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\dljjdghcikmaacogeloeooafjopponic [2019-01-06]
CHR Extension: (Yet another flags) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmchcmgddbhmbkakammmklpoonoiiomk [2019-01-06]
CHR Extension: (Hover Hound) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\dogmhlelnjpjgahofccgbfnmojkmlfep [2021-04-16]
CHR Extension: (Session Buddy) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2020-05-12]
CHR Extension: (Simkl Lists: TV, Anime, Movies - TV Tracker) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaenoibdddpeghadhjgeblidofnhmem [2020-03-19]
CHR Extension: (VT4Browsers) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\efbjojhplkelaegfbieplglfidafgoka [2021-03-16]
CHR Extension: (Nitro Type) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\efjibpecmniclffkmjlmboheacepckmf [2019-01-06]
CHR Extension: (Tabs Outliner) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\eggkanocgddhmamlbiijnphhppkpkmkl [2021-04-16]
CHR Extension: (Floating Video - Picture in Picture) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\egncdnniomonjgpjbapalkckojhkfddk [2021-03-16]
CHR Extension: (Black Menu for Google™) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\eignhdfgaldabilaaegmdfbajngjmoke [2021-06-04]
CHR Extension: (AutoplayStopper) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejddcgojdblidajhngkogefpkknnebdh [2021-06-04]
CHR Extension: (Reditr Web App - The Best Reddit Client) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejmiceoebcclihjdpnmmkdcmcboekibc [2019-01-06]
CHR Extension: (Floating Player) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekajjllcmeckibblgckgoceinmmgnfop [2019-01-06]
CHR Extension: (streamkeys) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekpipjofdicppbepocohdlgenahaneen [2021-02-26]
CHR Extension: (Video Downloader professional) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2020-07-24]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2019-01-06]
CHR Extension: (MediaPlus) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\emaamodndfmmmcjepfigalbjjjemadom [2021-03-18]
CHR Extension: (Free Rider HD) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\emikpifndnjfkgofoglceekhkbaicbde [2019-01-06]
CHR Extension: (Disable Youtube™ HTML5 Player) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\enmofgaijnbjpblfljopnpdogpldapoc [2019-01-06]
CHR Extension: (Polycraft) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\eopfmbpfhhfnklgmjpoehcjaajhpbhbl [2019-01-06]
CHR Extension: (Hulu) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\epffkfffophpagfbbklffindaiconkmc [2020-02-24]
CHR Extension: (Link Klipper - Extract all links) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahollcgofmpnehocdgofnhkkchiekoo [2019-01-06]
CHR Extension: (Sprucemarks) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\fakeocdnmmmnokabaiflppclocckihoj [2021-03-18]
CHR Extension: (PageZipper) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbbmnbomimdgmecfpbilhoafgmmeagef [2019-12-27]
CHR Extension: (Flix Plus by Lifehacker) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcjjgdnadfneaamhipplgpfkdnbfagla [2019-01-06]
CHR Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2021-05-25]
CHR Extension: (Typing Scout - Better Typing! :)) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\fedokkaolmkkoeedicihicdeppjjeamj [2019-01-06]
CHR Extension: (Sheets) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-06]
CHR Extension: (AddToAny: Share Anywhere) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffpgijchhhkhnokafdeklpllijgnbche [2021-04-24]
CHR Extension: (TV Time) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhcbbglcdkbmpdgjdjijeffldkboolmf [2019-01-06]
CHR Extension: (Popup for Keep™) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhcmhglnohogibbbpbodmjeggpdlboop [2020-08-05]
CHR Extension: (Tab Suspender) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiabciakcmgepblmdkmemdbbkilneeeh [2021-05-25]
CHR Extension: (netflixQ) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbfidbblfnfbgniilajdlnfdoefbabj [2019-01-06]
CHR Extension: (ReviewMeta.com Review Analyzer) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjifglfkcaipnmhngbigdebkoikioend [2019-01-06]
CHR Extension: (Pluto TV: TV for the Internet) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjimjcdcjpelckcneochchfmnojdhdkh [2019-01-06]
CHR Extension: (Stylish - Custom themes for any website) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2019-01-06]
CHR Extension: (All Netflix Categories) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkjmbiakdlohkehbmcoalflelnbhpkpl [2021-04-16]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-08-10]
CHR Extension: (appchan x) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfibffekgcmgabbfaibbbcapgnfobnoi [2019-01-06]
CHR Extension: (Run Pixie Run) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfkmokjholoinfcnlolbjfaokmoegeoh [2019-01-06]
CHR Extension: (Google Docs Offline) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-20]
CHR Extension: (Christmas Mahjong) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghmebaamjdfjkhaaifophgklodieiflm [2019-01-06]
CHR Extension: (Vysor) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2020-09-05]
CHR Extension: (TLDR: Summarize Anything) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\giepilabiomhlcmlefmbfkgeoccfhhhc [2019-01-06]
CHR Extension: (FBS II : Fast Bookmark Scanner II) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjcmklpilmpfhfjpebhnapnglcppdbic [2019-01-06]
CHR Extension: (Google Calendar) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2021-01-11]
CHR Extension: (SwagButton) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngocbkfmikdgphklgmmehbjjlfgdemm [2021-04-23]
CHR Extension: (Pinterest Save Button) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2021-06-04]
CHR Extension: (Surfkollen) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\gppknicflbmnbafhkkioomiflihfcplh [2019-01-06]
CHR Extension: (trakt.tv Everywhere) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\haogccejmloicihdocopcddefdcphfei [2019-01-06]
CHR Extension: (SurfSafe - join the fight against fake news) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbpagabeiphkfhbboacggckhkkipgdmh [2019-01-06]
CHR Extension: (Drumpfinator) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcimhbfpiofdihhdnofbdlhjcmjopilp [2019-01-06]
CHR Extension: (Read Aloud: A Text to Speech Voice Reader) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhinadidafjejdhmfkjgnolgimiaplp [2021-05-20]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2021-05-25]
CHR Extension: (Kickoff) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\heelhmibbjlnankkkmcdgbmcepajmddl [2019-01-06]
CHR Extension: (LinkedIn Sales Navigator) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\hihakjfhbmlmjdnnhegiciffjplmdhin [2019-03-21]
CHR Extension: (Sync Video) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\hilcpphmhldjdgdhfkbmdeobjmpecmih [2019-01-06]
CHR Extension: (feedly) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2019-01-06]
CHR Extension: (ToS;DR Search) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjdoplcnndgiblooccencgcggcoihigg [2021-05-25]
CHR Extension: (SuperSorter) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjebfgojnlefhdgmomncgjglmdckngij [2021-05-11]
CHR Extension: (Silent Site Sound Blocker) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkbdhiphllimobjnfeeekaogfibmdgfe [2019-01-06]
CHR Extension: (AirDroid) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgndiocipalkpejnpafdbdlfdjihomd [2019-01-06]
CHR Extension: (Sure Or Not - News Date Validator) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkiapjaidokhcajjnpldhioambcjbbhp [2019-01-06]
CHR Extension: (Break Timer) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\hklkdbpicdmlpoiellngedpejjkmapei [2020-06-26]
CHR Extension: (Video Bookmarks) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkpgpmmooejhfhojndincjeonokodggj [2019-01-06]
CHR Extension: (Pay by Privacy.com) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmgpakheknboplhmlicfkkgjipfabmhp [2020-04-01]
CHR Extension: (Google Keep - Notes and Lists) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2021-06-04]
CHR Extension: (Don't Pay Trump) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnabeofjicpfonofmomeehhaecnfnnhg [2019-01-06]
CHR Extension: (IMG inspector) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpogobkggapdhmfnamfnhmchcbmehokb [2019-01-06]
CHR Extension: (Market Ninja) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ianepdojanpgedooeellkppgoljdefoo [2019-10-13]
CHR Extension: (Arcane Legends) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibmlkgieigeddcedpbijnpojheoddido [2019-01-06]
CHR Extension: (Pixlr Editor) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2019-01-06]
CHR Extension: (Crazy Shooting) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbhccdddhenjmeamogpjhicnoffdood [2019-01-06]
CHR Extension: (Social Fixer for Facebook) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2021-04-17]
CHR Extension: (AutoPagerize) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiofjhpmpihnifddepnpngfjhkfenbp [2019-01-06]
CHR Extension: (The Roku Channel) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\igmabefcbafcdmlnijleipocglddpnbn [2020-09-27]
CHR Extension: (Coloring Pages) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijhcehgkaccjiljllpejjekibagmonki [2019-01-06]
CHR Extension: (Imagus) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab [2020-04-17]
CHR Extension: (redditery) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\imooeldfapggncchoebfnidcgeiimojb [2019-01-06]
CHR Extension: (Clean IMDb) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ingodbhkemojiibhhbfhjaeaciikbiik [2020-06-18]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2020-05-05]
CHR Extension: (iCheckNetflixPlus) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeinanillnkehhekcipjggepagfdkpjb [2019-01-06]
CHR Extension: (Volume Master) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\jghecgabfgfdldnmbfkhmffcabddioke [2020-10-25]
CHR Extension: (Chrome extension source viewer) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifpbeccnghkjeaalbbjmodiffmgedin [2019-08-13]
CHR Extension: (Pocket Website) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\jijgclgmgjipgefcnnnibgllfonlfdap [2019-01-06]
CHR Extension: (RetailMeNot Deal Finder™️) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjfblogammkiefalfpafidabbnamoknm [2021-05-30]
CHR Extension: (Bookmark All) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjhpikpjjhlcmifagompgmhkjalhjopj [2019-01-06]
CHR Extension: (Floating for YouTube™) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjphmlaoffndcnecccgemfdaaoighkel [2019-01-06]
CHR Extension: (Typing Test - KeyHero) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcieoaeooeidmpaopkpjpjfakidlabm [2019-01-06]
CHR Extension: (Skyrama) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlehaidnnmjjkhgbbiombcdifogolhap [2019-01-06]
CHR Extension: (Unpartial Truthiness Analyzer (Fake News)) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpdpghhjplgahhihongcbbmnnfolclld [2019-01-06]
CHR Extension: (Grammarly for Chrome) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2021-06-04]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2021-06-01]
CHR Extension: (Shareaholic for Google Chrome™) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmipnjdeifmobkhgogdnomkihhgojep [2021-05-16]
CHR Extension: (Google Voice (by Google)) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo [2021-04-17]
CHR Extension: (PocketTube: Youtube Subscription Manager) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmnjgijlmjgmimahnillepgcgeemffb [2021-06-04]
CHR Extension: (Simple Notepad) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfjclcfpbfhdmikhohhjacgdmndneckj [2019-01-06]
CHR Extension: (eBay for Chrome) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck [2019-12-27]
CHR Extension: (Make America Kittens Again) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\klchnmggepghlcolikgaekpibclpmgcm [2019-10-13]
CHR Extension: (IP Whois & Flags Chrome & Websites Rating) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmdfbacgombndnllogoijhnggalgmkon [2019-01-06]
CHR Extension: (SimpleExtManager) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\kniehgiejgnnpgojkdhhjbgbllnfkfdk [2020-11-17]
CHR Extension: (Google Hangouts) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2019-05-23]
CHR Extension: (Magic Enhancer For YouTube™) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2020-02-10]
CHR Extension: (Instapaper) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldjkgaaoikpmhmkelcgkgacicjfbofhh [2021-03-18]
CHR Extension: (Racing Car Game : Bomb) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfgegdofhghiobhllaniipmplkbligpi [2019-09-13]
CHR Extension: (Linkclump) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfpjkncokllnfokkgpkobnkbkmelfefj [2020-08-02]
CHR Extension: (InvisibleHand) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\lghjfnfolmcikomdjmoiemllfnlmmoko [2021-05-25]
CHR Extension: (Lyrics Here by Rob W) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifkpflabnobkgbjpcmocmgcajlecbcp [2019-02-12]
CHR Extension: (Privacy Cleaner) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\liiikhhbkpmpomjmdofandjmdgapiahi [2020-08-12]
CHR Extension: (Behind The Overlay) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljipkdpcjbmhkdjjmbbaggebcednbbme [2021-05-05]
CHR Extension: (Scener – Virtual Movie Theater) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkhjgdkpibcepflmlgahofcmeagjmecc [2021-05-20]
CHR Extension: (Better YouTube Watch History) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\lleajdkalfbohpinoaekajagdefaeckd [2019-01-06]
CHR Extension: (Dark Theme for YouTube) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnfaaiohofiechamjlpapjnebambioll [2019-04-10]
CHR Extension: (Amazon Music Hotkeys, Controls, Notifications) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnkimoaahjmlmbiafbfjdjdnmmoeecoo [2020-10-16]
CHR Extension: (TL;DR - Read less junk, Save time, Learn more) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\lohgmjbkklfejjkldkagdghdcdlhcolo [2019-01-06]
CHR Extension: (YouTube Ad Auto-skipper) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\lokpenepehfdekijkebhpnpcjjpngpnd [2020-04-04]
CHR Extension: (YouTube Auto Like) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\loodalcnddclgnfekfomcoiipiohcdim [2019-12-28]
CHR Extension: (Google Keep Chrome Extension) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2021-06-04]
CHR Extension: (Extensions Manager (aka Switcher)) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc [2019-01-06]
CHR Extension: (Poppit!) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2019-01-06]
CHR Extension: (Conversationally) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcfbbglcjhnmhfghdhcidhpfgdcfjnaj [2020-04-30]
CHR Extension: (Chrono Download Manager) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2021-02-26]
CHR Extension: (Validately Unmoderated Testing) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\melllclmaeifhnkdognllnifjhjcbila [2021-01-06]
CHR Extension: (Flashcontrol) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidmkgnfgnkihnjeklbekckimkipmoe [2019-01-06]
CHR Extension: (Fake news debunker by InVID & WeVerify) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhccpoafgdgbhnjfhkcmgknndkeenfhe [2020-11-05]
CHR Extension: (Screencastify - Screen Video Recorder) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmeijimgabbpbgpdklnllpncmdofkcpn [2021-06-04]
CHR Extension: (Time Tracker) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\mokmnbikneoaenmckfmgjgjimphfojkd [2019-01-06]
CHR Extension: (Project Naptha) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\molncoemjfmpgdkbdlbjmhlcgniigdnf [2020-05-12]
CHR Extension: (Buster: Captcha Solver for Humans) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpbjkejclgfgadiemmefgebjfooflfhl [2021-05-11]
CHR Extension: (Popup my Bookmarks) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppflflkbbafeopeoeigkbbdjdbeifni [2020-11-28]
CHR Extension: (Create a Google Keep Note) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\namfonbpnlhhgnloflgokoekoonmbpbj [2020-08-05]
CHR Extension: (Google Hangouts) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2020-08-12]
CHR Extension: (Do It (Tomorrow)) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfagjoblnoeagfhfhohcdklnddjaiglo [2019-01-06]
CHR Extension: (Christmas Word Search) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfefekolkgdbceballcbedeggbkhphbi [2019-01-06]
CHR Extension: (My IMDb) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngicopfkgbodejbbfalbmobdpjebhhmb [2020-06-18]
CHR Extension: (Forever pinned) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nigigpmchbpkjjgncmpiggfnikllldlh [2020-02-13]
CHR Extension: (Watch Next: YouTube) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\niibinkldkaebmhbgigaadpoooonlagb [2021-05-11]
CHR Extension: (RSS Subscription Extension (by Google)) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2020-07-24]
CHR Extension: (F.B.(FluffBusting)Purity) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkinhboiljjkhaknpaeaicmdjhagpep [2021-05-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-26]
CHR Extension: (ezLinkPreview) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnkcfbiefgdaceeplickkkmifpicbpcc [2019-09-13]
CHR Extension: (Personal Blocklist (by Google)) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nolijncfnkgaikbjbdaogikpmpbdcdef [2019-01-06]
CHR Extension: (TypingClub) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\obdbgibnhfcjmmpfijkpcihjieedpfah [2019-01-06]
CHR Extension: (AdFly Skipper) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\obnfifcganohemahpomajbhocfkdgmjb [2020-10-22]
CHR Extension: (Prolific Assistant) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocfncbnofopjedoepmekajbgdenadepp [2021-04-17]
CHR Extension: (Context Menu Search) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocpcmghnefmdhljkoiapafejjohldoga [2019-01-06]
CHR Extension: (Real-Debrid extension) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\oefkkgfcahbeccgckjgbnfclcmnjgidg [2019-06-28]
CHR Extension: (Scribble - stickies on steroids) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\offpaifnchmpbnjhjbhpdffahlofdkfb [2019-01-06]
CHR Extension: (Weather Forecast) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofobaelkgcpicbdoabokjlnmdcbjellg [2021-05-20]
CHR Extension: (Custom Cursor for Chrome™) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogdlpmhglpejoiomcodnpjnfgcpmgale [2021-05-11]
CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2019-01-06]
CHR Extension: (ScriptSafe) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2019-01-06]
CHR Extension: (EarnHoney OPTin meter) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\okgdnknbephdpcpdmhdoipbimihfnccm [2019-01-06]
CHR Extension: (Mercury Reader) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\oknpjjbmpnndlpmnhmekjpocelpnlfdi [2019-12-09]
CHR Extension: (Better Browse for Netflix) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\olciafpppkdhlcjfmaibelnopafmhmdd [2020-04-07]
CHR Extension: (Rain Alarm Extension) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnconaknblgbkfgknkfmmfhhbebkekd [2020-02-13]
CHR Extension: (Recent Bookmarks) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\olndffocioplakeilhkgenfgdincjlpn [2019-01-06]
CHR Extension: (Spotify Playlist Extractor) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\onglffcjldphmpfnpdfmngfenhmjlnnn [2019-01-06]
CHR Extension: (Netflix Party is now Teleparty) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2021-06-04]
CHR Extension: (AlienTube for YouTube™) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\opgodjgjgojjkhlmmhdlojfehcemknnp [2019-01-06]
CHR Extension: (tumbyPageGetter + tumbyHover) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\palcdpnojkmdjpkdcldniiefhdokbojb [2019-01-06]
CHR Extension: (One Click Extensions Manager) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbgjpgbpljobkekbhnnmlikbbfhbhmem [2021-04-17]
CHR Extension: (Visualping) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pemhgklkefakciniebenbfclihhmmfcd [2021-04-17]
CHR Extension: (Viewster - Watch Free Movies Online) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfiekkcjcnhbjofcjcfblhcccjkpkheh [2019-01-06]
CHR Extension: (Psykopaint) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2019-01-06]
CHR Extension: (Send from Gmail (by Google)) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2019-01-06]
CHR Extension: (Gmail) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-30]
CHR Extension: (Learn Spanish - Qué Onda) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmcdjmebmeoobmdghjbjhbifoocbcmaj [2019-01-06]
CHR Extension: (Reditr - The Best Reddit Client) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmfcbbijgnhoebddbjpmlikabnbnddgb [2019-01-06]
CHR Extension: (Type Fu) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pofoighmmpljaikjiidkkfhldjndfdbk [2021-02-26]
CHR Extension: (Canvas Rider) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk [2019-01-06]
CHR Extension: (Checker Plus for Google Drive™) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Default\Extensions\pppfmbnpgflleackdcojndfgpiboghga [2021-05-20]
CHR Extension: (Bypass Paywalls) - C:\Users\Mike\Desktop [2021-06-09] [UpdateUrl:hxxps://raw.githubusercontent.com/iamadamdev/bypass-paywalls-chrome/master/updates.xml] <==== ATTENTION
CHR Profile: C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-05-20]
CHR Notifications: Profile 1 -> hxxps://paidviewpoint.com; hxxps://www.tellwut.com
CHR Extension: (Slides) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-01-01]
CHR Extension: (Docs) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-01-01]
CHR Extension: (Google Drive) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-01-01]
CHR Extension: (YouTube) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-01]
CHR Extension: (TwoSeven Extension) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjdnfmjmdligcpfcekfmenlhiopehjkd [2020-05-13]
CHR Extension: (Sheets) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-01-01]
CHR Extension: (Google Docs Offline) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-18]
CHR Extension: (SwagButton) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gngocbkfmikdgphklgmmehbjjlfgdemm [2020-01-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-01]
CHR Extension: (Gmail) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-01-01]
CHR Extension: (Chrome Media Router) - C:\Users\Mike\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-19]
CHR Profile: C:\Users\Mike\AppData\Local\Google\Chrome\User Data\System Profile [2020-01-11]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
 
Opera: 
=======
OPR Profile: C:\Users\Mike\AppData\Roaming\Opera Software\Opera Stable [2021-06-03]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (uBlock Origin) - C:\Users\Mike\AppData\Roaming\Opera Software\Opera Stable\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-06-03]
OPR Extension: (Rich Hints Agent) - C:\Users\Mike\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-06-03]
OPR Extension: (LastPass: Free Password Manager) - C:\Users\Mike\AppData\Roaming\Opera Software\Opera Stable\Extensions\hnjalnkldgigidggphhmacmimbdlafdo [2021-06-03]
OPR Extension: (Install Chrome Extensions) - C:\Users\Mike\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2020-01-01]
OPR Extension: (RoboForm Password Manager) - C:\Users\Mike\AppData\Roaming\Opera Software\Opera Stable\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2021-06-03]
StartMenuInternet: (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001) Opera GXStable - "C:\Users\Mike\AppData\Local\Programs\Opera GX\Launcher.exe"
StartMenuInternet: (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001) Opera Neon.QELK44ZOCMYDWRI6E5V7QPLOWQ - "C:\Users\Mike\AppData\Local\Opera Software\Opera Neon\Application\neon.exe"
StartMenuInternet: (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001) OperaStable - "C:\Users\Mike\Launcher.exe"
 
Brave: 
=======
BRA Profile: C:\Users\Mike\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-05-17]
BRA Extension: (uBlock Origin) - C:\Users\Mike\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-05-17]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Mike\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-03-07]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Mike\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-05-17]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\Mike\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2020-04-25]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Mike\AppData\Local\BraveSoftware\Brave-Browser\User Data\gccbbckogglekeggclmmekihdgdpdgoe [2021-05-17]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\Mike\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-05-17]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Mike\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-05-17]
StartMenuInternet: Brave - C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe
 
Vivaldi: 
=======
VIV DefaultProfile: Default
VIV Profile: C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default [2021-06-09]
VIV DownloadDir: C:\Users\Mike\Desktop
VIV Notifications: Default -> hxxps://calendar.google.com; hxxps://duo.google.com; hxxps://epicstream.com; hxxps://meet.google.com; hxxps://music.amazon.com; hxxps://old.reddit.com; hxxps://voice.google.com; hxxps://w.kast.live; hxxps://web.telegram.org; hxxps://www.cbssports.com; hxxps://www.game-debate.com; hxxps://www.indiegala.com; hxxps://www.quora.com; hxxps://www.vidangel.com; hxxps://www.wish.com
VIV Custom_url: Default -> hxxps://start.me/p/3g5GJZ/home
VIV HomePage: Default -> hxxps://start.me/p/3g5GJZ/home
VIV DefaultSearchURL: Default -> hxxps://hubs.mozilla.com/app-icon.png
VIV Extension: (Google Translate) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-06-29]
VIV Extension: (Magic Actions for YouTube™) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2021-05-09]
VIV Extension: (Kaspersky Protection) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-06-07]
VIV Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2021-01-11]
VIV Extension: (Honey) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2021-05-20]
VIV Extension: (OneTab) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2021-03-07]
VIV Extension: (uBlock Origin) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-05-09]
VIV Extension: (Enhancer for Netflix, Crunchyroll, etc) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\dbpjfmehfpcgmlpfnfilcnhbckmecmca [2020-12-13]
VIV Extension: (Tampermonkey) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2021-05-30]
VIV Extension: (Spoiler Protection 2.0) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\eelacikjiplnmdingehjfdjcfegclmkg [2020-05-01]
VIV Extension: (Simkl Lists: TV, Anime, Movies - TV Tracker) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\efaenoibdddpeghadhjgeblidofnhmem [2020-03-19]
VIV Extension: (traktflix) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\ehlckfimahifadnbecobagimllmbdmde [2020-01-11]
VIV Extension: (AutoplayStopper) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\ejddcgojdblidajhngkogefpkknnebdh [2021-06-03]
VIV Extension: (MediaPlus) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\emaamodndfmmmcjepfigalbjjjemadom [2019-09-13]
VIV Extension: (Popup for Keep™) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\fhcmhglnohogibbbpbodmjeggpdlboop [2020-11-29]
VIV Extension: (Tab Suspender) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\fiabciakcmgepblmdkmemdbbkilneeeh [2021-05-30]
VIV Extension: (Stylish - Custom themes for any website) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2020-06-29]
VIV Extension: (All Netflix Categories) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\fkjmbiakdlohkehbmcoalflelnbhpkpl [2021-03-28]
VIV Extension: (Tune (experimental)) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\gdfknffdmmjakmlikbpdngpcpbbfhbnp [2019-12-18]
VIV Extension: (Hubs) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\gecpjahfmjincflnieigcbkjhmeanjej [2021-01-10]
VIV Extension: (Avast Online Security) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-02-18]
VIV Extension: (Read Aloud: A Text to Speech Voice Reader) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\hdhinadidafjejdhmfkjgnolgimiaplp [2021-05-19]
VIV Extension: (LastPass: Free Password Manager) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2021-06-06]
VIV Extension: (Detrumpify) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\hfhaalldkgmfbjjehkiddheghljjdjln [2021-01-21]
VIV Extension: (Unpaywall) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\iplffkdpngmdjhlpjmppncnlhomiipha [2021-02-18]
VIV Extension: (When was this website published?) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\ippcpkdkcjdghdnodahajpjdolfibjon [2019-06-11]
VIV Extension: (RetailMeNot Deal Finder™️) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\jjfblogammkiefalfpafidabbnamoknm [2021-05-30]
VIV Extension: (Linkclump) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\lfpjkncokllnfokkgpkobnkbkmelfefj [2020-08-02]
VIV Extension: (Lyrics Here by Rob W) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\lifkpflabnobkgbjpcmocmgcajlecbcp [2021-01-11]
VIV Extension: (YouTube Auto Like) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\loodalcnddclgnfekfomcoiipiohcdim [2019-12-02]
VIV Extension: (Trim: IMDB Ratings on Netflix) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\lpgajkhkagnpdjklmpgjeplmgffnhhjj [2021-02-22]
VIV Extension: (Extensions Manager (aka Switcher)) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\lpleipinonnoibneeejgjnoeekmbopbc [2019-02-20]
VIV Extension: (Simkl Search - select and search) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\mdofghopgfobjkgepojjmcfljnocaaff [2019-05-29]
VIV Extension: (Fakespot Fake Amazon Reviews and eBay Sellers) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\nakplnnackehceedgkgkokbgbmfghain [2021-05-20]
VIV Extension: (UV Weather) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\ngeokhpbgoadbpdpnplcminbjhdecjeb [2021-06-09]
VIV Extension: (Watch Next: YouTube) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\niibinkldkaebmhbgigaadpoooonlagb [2021-05-09]
VIV Extension: (F.B.(FluffBusting)Purity) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\nmkinhboiljjkhaknpaeaicmdjhagpep [2021-05-19]
VIV Extension: (Prolific Assistant) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\ocfncbnofopjedoepmekajbgdenadepp [2021-05-05]
VIV Extension: (Context Menu Search) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\ocpcmghnefmdhljkoiapafejjohldoga [2019-11-03]
VIV Extension: (Real-Debrid extension) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\oefkkgfcahbeccgckjgbnfclcmnjgidg [2019-06-28]
VIV Extension: (Auto Refresh Plus) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\oilipfekkmncanaajkapbpancpelijih [2019-02-16]
VIV Extension: (Rain Alarm Extension) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\olnconaknblgbkfgknkfmmfhhbebkekd [2020-02-01]
VIV Extension: (Netflix Party is now Teleparty) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2021-06-05]
VIV Extension: (Chrome Media Router) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-09]
VIV Extension: (Privacy Badger) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2021-06-09]
VIV Profile: C:\Users\Mike\AppData\Local\Vivaldi\User Data\Profile 1 [2021-01-11]
VIV Extension: (OneTab) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Profile 1\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2021-01-08]
VIV Extension: (Nano Adblocker) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Profile 1\Extensions\gabbbocakeomblphkmmnoamkioajlkfo [2021-01-08]
VIV Extension: (Nano Defender) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Profile 1\Extensions\ggolfgbegefeeoocgjbmkembbncoadlb [2021-01-08]
VIV Extension: (Avast Online Security) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-01-08]
VIV Extension: (LastPass: Free Password Manager) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2021-01-08]
VIV Extension: (Extensions Manager (aka Switcher)) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Profile 1\Extensions\lpleipinonnoibneeejgjnoeekmbopbc [2019-03-27]
VIV Extension: (Chrome Media Router) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-11]
VIV Profile: C:\Users\Mike\AppData\Local\Vivaldi\User Data\Profile 3 [2021-01-11]
VIV Extension: (Avast Online Security) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-01-08]
VIV Extension: (Chrome Media Router) - C:\Users\Mike\AppData\Local\Vivaldi\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-08]
VIV Profile: C:\Users\Mike\AppData\Local\Vivaldi\User Data\System Profile [2019-06-21]
StartMenuInternet: (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001) Vivaldi - "C:\Program Files\Vivaldi\Application\vivaldi.exe"
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [125488 2020-05-26] (Perfect World Entertainment -> Perfect World Entertainment Inc)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe [384280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8808480 2021-01-11] (BattlEye Innovations e.K. -> )
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-04-25] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [157320 2020-04-25] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\91.0.4472.10\remoting_host.exe [71280 2021-04-14] (Google LLC -> Google LLC)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4993344 2021-03-16] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2019-01-01] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [439880 2021-01-05] (Epic Games Inc. -> Epic Games, Inc.)
R2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [163840 2013-02-13] (Brio) [File not signed]
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2357880 2021-05-18] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1741384 2020-12-23] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-12-23] (GOG Sp. z o.o. -> GOG.com)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [151496 2021-06-01] (SurfRight B.V. -> SurfRight B.V.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [646520 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-05-12] (Malwarebytes Inc -> Malwarebytes)
S3 MicrosoftEdgeBetaElevationService; C:\Program Files (x86)\Microsoft\Edge Beta\Application\92.0.902.9\elevation_service.exe [1653152 2021-06-08] (Microsoft Corporation -> Microsoft Corporation)
S3 MicrosoftEdgeDevElevationService1d52bd51274d3e6; C:\Program Files (x86)\Microsoft\Edge Dev\Application\93.0.910.5\elevation_service.exe [1653136 2021-06-09] (Microsoft Corporation -> Microsoft Corporation)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [9608504 2020-09-06] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 NzbDrone; C:\ProgramData\NzbDrone\bin\nzbdrone.console.exe [25600 2020-03-13] (sonarr.tv) [File not signed]
R3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2547344 2021-05-20] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3487384 2021-05-20] (Electronic Arts, Inc. -> Electronic Arts)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [1439344 2021-04-19] (Plex, Inc. -> Plex, Inc.)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2021-01-06] (Realtek Semiconductor Corp -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393304 2021-06-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 TDDService; C:\Program Files\Tangentix\Runtime\x64\TDDService.exe [14736 2019-02-18] (Tangentix Ltd -> Tangentix Ltd)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13261608 2021-05-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 UCBrowserSvc; C:\Program Files (x86)\UCBrowser\Application\UCService.exe [656784 2018-01-02] (TAOBAO (CHINA) SOFTWARE CO.,LTD. -> ) <==== ATTENTION
R2 unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2020-03-30] (Reason Software Company Inc. -> Reason Software Company Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\NisSrv.exe [2644760 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MsMpEng.exe [136656 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1108979a670abe46\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1108979a670abe46\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S2 RTLDHCPService; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [X]
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 DFX11_1; C:\WINDOWS\system32\drivers\dfx11_1x64.sys [28008 2018-03-08] (Power Technology -> Windows ® Win 7 DDK provider)
S3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [39048 2018-03-08] (Power Technology -> Windows ® Win 7 DDK provider)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-12-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-12-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-04-02] (Malwarebytes Inc -> Malwarebytes)
S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [66824 2017-06-16] (IObit Information Technology -> IObit)
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [657696 2021-05-08] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1439456 2021-05-08] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [253736 2021-06-06] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [96008 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [263888 2021-06-06] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [309104 2021-06-06] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [115744 2021-06-06] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [224880 2021-06-06] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-06-08] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-06-08] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-06-08] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-08] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156880 2021-06-08] (Malwarebytes Inc -> Malwarebytes)
R3 TrackerInfo; C:\Windows\SysWow64\drivers\TFilter.sys [21432 2020-02-01] (Andrew Masyk -> )
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R3 VBAudioVMAUXVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmauxvaio64_win10.sys [71920 2020-04-01] (Vincent Burel -> Windows ® Win 7 DDK provider)
R3 VBAudioVMVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2020-04-01] (Vincent Burel -> Windows ® Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [425208 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [340880 2020-09-30] (Nox Limited -> Nox Limited Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-06-09 16:19 - 2021-06-09 16:21 - 000127781 ____C C:\Users\Mike\Desktop\FRST.txt
2021-06-09 16:18 - 2021-06-09 16:18 - 000000000 ___DC C:\Users\Mike\Desktop\FRST-OlderVersion
2021-06-09 16:17 - 2021-06-09 16:20 - 000000000 ___DC C:\FRST
2021-06-09 16:16 - 2021-06-09 16:18 - 002300416 ____C (Farbar) C:\Users\Mike\Desktop\FRST64.exe
2021-06-09 16:00 - 2021-06-09 16:01 - 000000000 ____D C:\Users\Mike\AppData\Local\Discord
2021-06-09 15:58 - 2021-06-09 16:00 - 070858912 ____C (Discord Inc.) C:\Users\Mike\Desktop\DiscordSetup.exe
2021-06-08 22:28 - 2021-06-08 22:28 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-06-08 22:28 - 2021-06-08 22:28 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-06-08 22:28 - 2021-06-08 22:28 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-06-08 22:28 - 2021-06-08 22:28 - 000156880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-06-08 22:28 - 2021-06-08 22:28 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-06-06 22:48 - 2021-06-06 22:48 - 000309104 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2021-06-06 22:42 - 2021-06-06 22:42 - 000263888 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2021-06-06 22:42 - 2021-06-06 22:42 - 000224880 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2021-06-06 22:42 - 2021-06-06 22:42 - 000115744 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2021-06-06 22:42 - 2021-06-06 22:42 - 000003392 _____ C:\WINDOWS\system32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2021-06-06 22:42 - 2021-06-06 22:42 - 000001170 ____C C:\Users\Public\Desktop\Kaspersky VPN.lnk
2021-06-06 22:42 - 2021-06-06 22:42 - 000001170 ____C C:\ProgramData\Desktop\Kaspersky VPN.lnk
2021-06-06 22:42 - 2021-06-06 22:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN
2021-06-06 22:42 - 2021-06-06 22:42 - 000000000 ____D C:\Program Files\Common Files\AV
2021-06-06 22:41 - 2021-06-06 22:41 - 000002185 ____C C:\Users\Public\Desktop\Kaspersky Security Cloud.lnk
2021-06-06 22:41 - 2021-06-06 22:41 - 000002185 ____C C:\ProgramData\Desktop\Kaspersky Security Cloud.lnk
2021-06-06 22:41 - 2021-06-06 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Cloud
2021-06-06 22:41 - 2021-06-06 22:41 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2021-06-06 22:41 - 2021-06-06 22:41 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2021-06-06 22:41 - 2021-02-19 21:09 - 000110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2021-06-06 22:41 - 2021-02-19 21:08 - 001042712 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2021-06-06 22:41 - 2021-02-19 21:08 - 000514840 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2021-06-06 22:35 - 2021-06-06 22:35 - 002760536 ____C (Kaspersky) C:\Users\Mike\Desktop\ks4.021.3.10.391en_25092.exe
2021-06-06 22:32 - 2021-06-06 22:32 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-06-06 22:27 - 2021-05-31 12:11 - 000626960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-06-06 22:26 - 2021-05-31 12:15 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-06-06 22:26 - 2021-05-31 12:15 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-06-06 22:26 - 2021-05-31 12:15 - 001453360 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-06-06 22:26 - 2021-05-31 12:15 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-06-06 22:26 - 2021-05-31 12:15 - 001435864 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-06-06 22:26 - 2021-05-31 12:15 - 001192752 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-06-06 22:26 - 2021-05-31 12:15 - 001094864 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-06-06 22:26 - 2021-05-31 12:15 - 001094864 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-06-06 22:26 - 2021-05-31 12:15 - 000948936 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-06-06 22:26 - 2021-05-31 12:15 - 000948936 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-06-06 22:26 - 2021-05-31 12:11 - 001514784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-06-06 22:26 - 2021-05-31 12:11 - 001166096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-06-06 22:26 - 2021-05-31 12:11 - 000715536 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-06-06 22:26 - 2021-05-31 12:11 - 000689952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-06-06 22:26 - 2021-05-31 12:11 - 000675104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-06-06 22:26 - 2021-05-31 12:11 - 000575760 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-06-06 22:26 - 2021-05-31 12:11 - 000563984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-06-06 22:26 - 2021-05-31 12:10 - 008317200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-06-06 22:26 - 2021-05-31 12:10 - 007434032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-06-06 22:26 - 2021-05-31 12:10 - 002823472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-06-06 22:26 - 2021-05-31 12:10 - 002106160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-06-06 22:26 - 2021-05-31 12:10 - 001590576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-06-06 22:26 - 2021-05-31 12:10 - 000445744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-06-06 22:26 - 2021-05-31 12:09 - 004795152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-06-06 22:26 - 2021-05-31 12:09 - 000848688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-06-06 22:26 - 2021-05-31 12:08 - 006159160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-06-06 22:26 - 2021-05-27 19:01 - 000087164 _____ C:\WINDOWS\system32\nvinfo.pb
2021-06-06 16:03 - 2021-06-06 22:17 - 000000000 ____D C:\Users\Mike\AppData\Roaming\Kast
2021-06-03 04:43 - 2021-06-03 04:43 - 014178840 ____C (Malwarebytes Corp.) C:\Users\Mike\Desktop\mbar-1.10.3.1001.exe
2021-06-03 04:43 - 2021-06-03 04:43 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\1277C55F.sys
2021-06-03 04:30 - 2021-06-03 04:30 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-03 04:29 - 2021-06-03 04:29 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-03 04:29 - 2021-06-03 04:29 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-03 04:29 - 2021-06-03 04:29 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-03 04:29 - 2021-06-03 04:29 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-03 04:29 - 2021-06-03 04:29 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-06-03 04:29 - 2021-06-03 04:29 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-06-03 04:29 - 2021-06-03 04:29 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-03 04:29 - 2021-06-03 04:29 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-03 04:29 - 2021-06-03 04:29 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-03 04:29 - 2021-06-03 04:29 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-03 04:29 - 2021-06-03 04:29 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-03 04:29 - 2021-06-03 04:29 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-03 04:29 - 2021-06-03 04:29 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-03 04:29 - 2021-06-03 04:29 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-03 04:29 - 2021-06-03 04:29 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-03 04:29 - 2021-06-03 04:29 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-06-03 04:29 - 2021-06-03 04:29 - 000011327 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-03 04:22 - 2021-06-03 04:22 - 000000000 ____D C:\Users\Mike\old_status
2021-06-03 04:22 - 2021-06-03 04:22 - 000000000 ____D C:\Users\Mike\76.0.4017.177
2021-06-01 03:21 - 2021-06-01 03:21 - 000000000 ____D C:\WINDOWS\Panther
2021-06-01 03:11 - 2021-06-01 03:11 - 000001073 ____C C:\Users\Mike\Desktop\PHANTASY STAR ONLINE 2 NEW GENESIS Character Creator.lnk
2021-06-01 03:11 - 2021-06-01 03:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PHANTASY STAR ONLINE 2 NEW GENESIS Character Creator
2021-06-01 03:01 - 2021-06-01 03:04 - 2944149370 ____C C:\Users\Mike\Desktop\PSO2NGSCHARACTERCREATOR_SETUP_NA.zip
2021-05-31 22:07 - 2021-06-01 03:21 - 000000432 ____C C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job
2021-05-31 22:07 - 2021-05-31 22:07 - 000003902 _____ C:\WINDOWS\system32\Tasks\Driver Easy Scheduled Scan
2021-05-31 22:07 - 2021-05-31 22:07 - 000001027 ____C C:\Users\Public\Desktop\Driver Easy.lnk
2021-05-31 22:07 - 2021-05-31 22:07 - 000001027 ____C C:\ProgramData\Desktop\Driver Easy.lnk
2021-05-31 22:07 - 2021-05-31 22:07 - 000000000 ____D C:\Users\Mike\AppData\Roaming\Easeware
2021-05-31 22:07 - 2021-05-31 22:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2021-05-31 22:07 - 2021-05-31 22:07 - 000000000 ____D C:\Program Files\Easeware
2021-05-31 22:06 - 2021-05-31 22:06 - 005195888 ____C (Easeware ) C:\Users\Mike\Desktop\DriverEasy_Setup.exe
2021-05-28 23:07 - 2021-05-28 23:07 - 000000000 ____D C:\Users\Mike\76.0.4017.154
2021-05-26 03:22 - 2021-06-09 03:10 - 000001424 ____C C:\Users\Public\Desktop\Foxit PDF Reader.lnk
2021-05-26 03:22 - 2021-06-09 03:10 - 000001424 ____C C:\ProgramData\Desktop\Foxit PDF Reader.lnk
2021-05-26 03:22 - 2021-06-09 03:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PDF Reader
2021-05-26 00:28 - 2021-05-26 00:35 - 119477818 ____C C:\Users\Mike\Desktop\videoplayback.mp4
2021-05-26 00:27 - 2021-05-26 00:27 - 063883162 ____C C:\Users\Mike\Desktop\10000000_2874460652816891_4609306481839537266_n.mp4
2021-05-26 00:27 - 2021-05-26 00:27 - 024957842 ____C C:\Users\Mike\Desktop\10000000_456574585592240_4580206046658232853_n.mp4
2021-05-25 16:51 - 2021-05-25 16:51 - 000000218 _____ C:\Users\Mike\AppData\Local\recently-used.xbel
2021-05-23 23:08 - 2021-06-07 11:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\PowerToys
2021-05-23 23:08 - 2021-05-23 23:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerToys (Preview)
2021-05-23 23:08 - 2021-05-23 23:08 - 000000000 ____D C:\Program Files\PowerToys
2021-05-23 23:07 - 2021-05-23 23:07 - 000000000 ____D C:\Program Files\dotnet
2021-05-23 16:00 - 2021-05-23 16:01 - 864579402 ____C C:\Users\Mike\Desktop\W.S.M.O.C.E.M-RAZOR.rar
2021-05-23 15:56 - 2021-05-23 16:00 - 1046771324 ____C C:\Users\Mike\Desktop\P.F.T.T.o.T.C.E.M-RAZOR.rar
2021-05-20 20:48 - 2015-11-05 03:00 - 000617896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.ocx
2021-05-20 20:48 - 2015-03-26 21:54 - 000163480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comDlg32.ocx
2021-05-20 20:48 - 2011-01-12 00:06 - 001054208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71u.dll
2021-05-20 20:48 - 2011-01-11 23:23 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll
2021-05-20 20:48 - 2007-02-01 08:43 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2021-05-20 20:26 - 2021-05-20 20:26 - 023871089 ____C (Igor Pavlov) C:\Users\Mike\Desktop\Visual C++ Redist Installer V56.exe
2021-05-20 20:19 - 2021-05-20 20:19 - 086906048 ____C (Logitech Inc.) C:\Users\Mike\Desktop\SetPoint6.70.55_64 (1).exe
2021-05-20 16:37 - 2021-05-13 06:38 - 000037656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2021-05-16 23:06 - 2021-06-03 04:22 - 000000000 ____D C:\Users\Mike\76.0.4017.123
2021-05-14 06:36 - 2021-05-14 06:36 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-14 06:36 - 2021-05-14 06:36 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-14 06:36 - 2021-05-14 06:36 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-05-14 06:36 - 2021-05-14 06:36 - 000153600 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2021-05-14 06:35 - 2021-05-14 06:35 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-14 06:35 - 2021-05-14 06:35 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-14 06:35 - 2021-05-14 06:35 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-14 06:35 - 2021-05-14 06:35 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-11 12:10 - 2021-05-11 12:10 - 000000000 ___DC C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-05-10 21:46 - 2021-05-10 21:46 - 000000000 ____D C:\Users\Mike\AppData\Roaming\NVIDIA
2021-05-10 21:45 - 2021-05-10 21:45 - 000000000 ____D C:\Users\Mike\AppData\Roaming\Emby-InstallLogs
2021-05-10 21:44 - 2021-05-10 21:45 - 000000000 ____D C:\Users\Mike\AppData\Local\Deployment
2021-05-10 21:44 - 2021-05-10 21:44 - 000812448 ____C () C:\Users\Mike\Desktop\setup.exe
2021-05-10 21:44 - 2021-05-10 21:44 - 000000000 ____D C:\Users\Mike\AppData\Local\Apps\2.0
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-06-09 16:23 - 2021-03-16 07:24 - 000000330 ____C C:\WINDOWS\Tasks\UCBrowserUpdaterCore.job
2021-06-09 16:23 - 2020-08-19 20:50 - 000000000 ____D C:\ProgramData\NzbDrone
2021-06-09 16:19 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-09 16:19 - 2019-05-30 00:25 - 000000000 ___DC C:\Users\Mike\AppData\Local\CrashDumps
2021-06-09 16:17 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-09 16:12 - 2020-02-01 21:55 - 000000000 ____D C:\Users\Mike\AppData\Roaming\Messenger
2021-06-09 16:10 - 2021-01-08 05:05 - 000000000 ____D C:\Program Files (x86)\Steam
2021-06-09 16:01 - 2020-08-26 07:01 - 000002287 ____C C:\Users\Mike\Desktop\Discord.lnk
2021-06-09 16:01 - 2020-08-26 07:01 - 000000000 ____D C:\Users\Mike\AppData\Local\SquirrelTemp
2021-06-09 16:01 - 2018-12-26 23:10 - 000000000 ___DC C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-06-09 16:01 - 2018-12-26 23:10 - 000000000 ___DC C:\Users\Mike\AppData\Roaming\discord
2021-06-09 15:30 - 2020-06-27 23:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-09 14:36 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-09 14:36 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-09 14:36 - 2019-11-04 21:56 - 000002607 ____C C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Edge Canary.lnk
2021-06-09 14:36 - 2019-11-04 21:56 - 000002570 ____C C:\Users\Mike\Desktop\Microsoft Edge Canary.lnk
2021-06-09 12:27 - 2020-01-18 12:36 - 000000000 ___DC C:\Users\Mike\AppData\LocalLow\IGDump
2021-06-09 12:25 - 2020-09-08 14:11 - 000000000 ____D C:\ProgramData\NVIDIA
2021-06-09 11:48 - 2019-02-08 08:45 - 000000000 ___DC C:\Program Files\Vivaldi
2021-06-09 09:51 - 2020-06-27 23:33 - 000840602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-09 04:21 - 2019-11-04 21:55 - 000002331 ____C C:\Users\Public\Desktop\Microsoft Edge Beta.lnk
2021-06-09 04:21 - 2019-11-04 21:55 - 000002331 ____C C:\ProgramData\Desktop\Microsoft Edge Beta.lnk
2021-06-08 22:11 - 2019-08-21 14:53 - 000000374 _____ C:\Users\Mike\.vivaldi_reporting_data
2021-06-08 19:00 - 2020-09-30 16:45 - 000002151 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-06-08 11:12 - 2018-12-24 20:52 - 000000000 ___DC C:\Users\Mike\AppData\Local\Packages
2021-06-08 03:44 - 2020-05-23 16:20 - 000000000 ____D C:\Program Files (x86)\Origin Games
2021-06-08 03:44 - 2020-05-23 16:18 - 000000000 ____D C:\Users\Mike\AppData\Roaming\Origin
2021-06-08 03:44 - 2020-05-23 16:18 - 000000000 ____D C:\ProgramData\Origin
2021-06-08 03:00 - 2020-12-18 03:00 - 000001304 ____C C:\Users\Public\Desktop\Wise Program Uninstaller.lnk
2021-06-08 03:00 - 2020-12-18 03:00 - 000001304 ____C C:\ProgramData\Desktop\Wise Program Uninstaller.lnk
2021-06-08 03:00 - 2020-06-05 01:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Program Uninstaller
2021-06-08 02:56 - 2020-07-07 15:45 - 000002569 ____C C:\Users\Mike\Desktop\Google Chrome Canary.lnk
2021-06-07 19:27 - 2020-10-01 01:31 - 000001483 ____C C:\Users\Mike\Desktop\Roblox Player.lnk
2021-06-07 19:27 - 2020-10-01 01:31 - 000001306 ____C C:\Users\Mike\Desktop\Roblox Studio.lnk
2021-06-07 19:27 - 2020-10-01 01:31 - 000000000 ___DC C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2021-06-07 11:23 - 2021-01-20 19:28 - 000004198 _____ C:\WINDOWS\system32\Tasks\Opera GX scheduled Autoupdate 1611185292
2021-06-07 11:23 - 2021-01-20 19:28 - 000001494 ____C C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera GX Browser.lnk
2021-06-07 11:16 - 2020-05-23 16:18 - 000000000 ____D C:\Users\Mike\AppData\Local\Origin
2021-06-07 05:46 - 2021-04-20 18:41 - 000001426 _____ C:\WINDOWS\system32\Drivers\etc\hosts.rollback
2021-06-07 04:23 - 2020-06-27 23:37 - 000000006 ___HC C:\WINDOWS\Tasks\SA.DAT
2021-06-07 04:23 - 2019-03-24 16:25 - 000000000 ___DC C:\Program Files (x86)\TeamViewer
2021-06-07 04:20 - 2019-12-07 05:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2021-06-07 04:19 - 2020-09-09 17:18 - 000034784 _____ C:\Users\Mike\AppData\Roaming\VoiceMeeterBananaDefault.xml
2021-06-07 04:19 - 2019-07-15 23:47 - 000000000 ___DC C:\Users\Mike\Documents\ShareX
2021-06-07 00:46 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-06-06 23:20 - 2021-03-28 20:37 - 000000000 ____D C:\Users\Mike\assistant
2021-06-06 23:20 - 2020-06-27 22:48 - 000000000 ____D C:\Users\Mike
2021-06-06 23:20 - 2019-02-02 22:13 - 000000901 ____C C:\Users\Mike\installer_prefs.json.backup
2021-06-06 23:20 - 2019-02-02 22:13 - 000000901 ____C C:\Users\Mike\installer_prefs.json
2021-06-06 23:12 - 2019-12-07 05:03 - 000131072 _____ C:\WINDOWS\system32\config\ELAM
2021-06-06 22:41 - 2019-12-07 05:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-06-06 22:27 - 2018-12-26 23:51 - 000000000 ___DC C:\Users\Mike\AppData\Local\ElevatedDiagnostics
2021-06-06 22:19 - 2018-12-24 20:53 - 000000000 ___DC C:\Users\Mike\AppData\Local\PlaceholderTileLogoFolder
2021-06-06 22:17 - 2020-08-26 19:46 - 000157413 _____ C:\Users\Mike\.babel.7.8.6.production.json
2021-06-06 17:50 - 2021-01-07 22:34 - 011697056 ____C (ESET) C:\Users\Mike\Desktop\esetonlinescanner.exe
2021-06-06 17:50 - 2021-01-07 22:34 - 000000830 ____C C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-06-06 15:53 - 2019-12-17 01:08 - 000000000 ____D C:\Users\Mike\AppData\Roaming\Foxit Software
2021-06-06 15:42 - 2019-07-03 02:22 - 000000486 ____C C:\WINDOWS\Tasks\UCBrowserUpdater.job
2021-06-05 16:38 - 2020-06-27 23:37 - 000003526 _____ C:\WINDOWS\system32\Tasks\UCBrowserUpdater
2021-06-05 04:48 - 2018-12-24 20:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-04 20:21 - 2020-07-22 16:00 - 000002291 ____C C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-06-04 20:21 - 2020-07-22 16:00 - 000002291 ____C C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-06-03 21:14 - 2020-01-18 13:07 - 000000000 ___DC C:\Users\Mike\Desktop\mbar
2021-06-03 21:14 - 2020-01-18 13:07 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2021-06-03 18:34 - 2020-04-25 23:26 - 000002392 ____C C:\Users\Public\Desktop\Brave.lnk
2021-06-03 18:34 - 2020-04-25 23:26 - 000002392 ____C C:\ProgramData\Desktop\Brave.lnk
2021-06-03 04:41 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-03 04:37 - 2020-06-27 23:25 - 000443688 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-03 04:33 - 2019-12-07 05:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-06-03 04:33 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-03 04:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-03 04:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-03 04:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-03 04:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-03 04:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-03 04:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-03 04:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-03 04:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-03 04:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-06-03 04:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-03 04:33 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-03 04:22 - 2021-03-28 20:37 - 000004326 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1616978256
2021-06-03 04:22 - 2020-06-27 23:37 - 000004132 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1549159975
2021-06-03 04:22 - 2019-02-02 22:13 - 000013905 _____ C:\Users\Mike\installation_status.json
2021-06-03 04:22 - 2019-02-02 22:13 - 000001018 ____C C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2021-06-03 04:22 - 2019-02-02 22:12 - 000000057 _____ C:\Users\Mike\pref_default_overrides
2021-06-03 04:22 - 2019-02-02 22:12 - 000000000 ___DC C:\Users\Mike\Assets
2021-06-02 13:08 - 2020-05-23 16:19 - 000000000 ____D C:\Program Files (x86)\Origin
2021-06-02 01:26 - 2019-02-02 22:12 - 002199760 _____ (Opera Software) C:\Users\Mike\launcher.exe
2021-06-01 03:21 - 2020-09-29 12:13 - 000000656 ____C C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3967705999-1235421771-3941837385-1001.job
2021-06-01 03:21 - 2020-09-29 12:13 - 000000560 ____C C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3967705999-1235421771-3941837385-1001.job
2021-06-01 03:21 - 2019-01-06 08:34 - 000000000 ___DC C:\Program Files (x86)\Mozilla Maintenance Service
2021-06-01 03:21 - 2018-12-27 23:42 - 000000000 ___DC C:\Users\Mike\AppData\Local\D3DSCache
2021-06-01 03:12 - 2018-12-24 20:49 - 000000000 ___DC C:\ProgramData\Package Cache
2021-06-01 03:08 - 2020-05-29 12:08 - 000000000 ___DC C:\Users\Mike\Documents\SEGA
2021-06-01 03:01 - 2021-01-25 03:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2021-06-01 03:01 - 2019-12-17 01:07 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2021-06-01 03:00 - 2021-01-26 03:00 - 000001020 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-06-01 03:00 - 2020-06-05 01:32 - 000001008 ____C C:\Users\Public\Desktop\Firefox.lnk
2021-06-01 03:00 - 2020-06-05 01:32 - 000001008 ____C C:\ProgramData\Desktop\Firefox.lnk
2021-06-01 03:00 - 2019-01-06 08:34 - 000000000 ___DC C:\Program Files\Mozilla Firefox
2021-05-31 12:08 - 2021-04-01 00:35 - 007212232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-05-31 00:41 - 2019-05-15 01:00 - 000000000 ___DC C:\Users\Mike\AppData\Roaming\deluge
2021-05-30 13:27 - 2020-05-25 07:45 - 000000000 ____D C:\Users\Mike\AppData\Roaming\Rambox
2021-05-29 09:09 - 2020-09-29 12:13 - 000003820 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-3967705999-1235421771-3941837385-1001
2021-05-29 09:09 - 2020-09-29 12:13 - 000003724 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-3967705999-1235421771-3941837385-1001
2021-05-29 09:09 - 2020-09-29 12:13 - 000000000 ____D C:\Users\Mike\AppData\Local\GoToMeeting
2021-05-28 20:52 - 2019-05-24 22:06 - 000000000 ___DC C:\Program Files (x86)\Microsoft Office
2021-05-28 13:37 - 2020-11-06 20:16 - 000304644 _____ C:\Users\Mike\Desktop\Map 116.pdf
2021-05-28 03:12 - 2020-07-05 12:17 - 000002048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-05-28 03:12 - 2020-01-18 12:35 - 000002036 ____C C:\Users\Public\Desktop\Malwarebytes.lnk
2021-05-28 03:12 - 2020-01-18 12:35 - 000002036 ____C C:\ProgramData\Desktop\Malwarebytes.lnk
2021-05-26 03:23 - 2020-01-18 08:17 - 000000000 ____D C:\ProgramData\Foxit Software
2021-05-26 03:22 - 2019-05-16 08:47 - 000000000 ___DC C:\Program Files (x86)\Foxit Software
2021-05-26 03:21 - 2019-05-16 08:47 - 000000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2021-05-21 22:01 - 2020-03-19 17:13 - 000002307 ____C C:\Users\Mike\Desktop\Kast.lnk
2021-05-20 22:02 - 2019-04-03 03:40 - 000000000 ___DC C:\ProgramData\Logishrd
2021-05-20 20:20 - 2019-04-03 03:40 - 000018960 ____C (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2021-05-20 09:42 - 2019-12-07 05:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-20 09:42 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-20 09:42 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-20 09:42 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-20 09:42 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-20 09:42 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-20 09:42 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-20 09:42 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-20 09:42 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-20 09:42 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-20 09:42 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-19 23:35 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2021-05-19 23:34 - 2020-05-29 10:48 - 001694672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2021-05-19 23:34 - 2020-05-29 10:48 - 000250304 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2021-05-19 23:34 - 2020-05-29 10:48 - 000192952 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2021-05-19 23:34 - 2020-05-29 10:48 - 000159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2021-05-19 23:34 - 2020-05-29 10:48 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2021-05-19 23:34 - 2020-05-29 10:48 - 000038328 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2021-05-18 03:00 - 2020-04-21 12:36 - 000001322 ____C C:\Users\Public\Desktop\Skype.lnk
2021-05-18 03:00 - 2020-04-21 12:36 - 000001322 ____C C:\ProgramData\Desktop\Skype.lnk
2021-05-18 03:00 - 2020-04-21 12:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-05-17 03:41 - 2021-01-07 12:36 - 000000000 ___DC C:\Users\Mike\AppData\LocalLow\Waterfox
2021-05-17 03:40 - 2021-01-07 12:36 - 000000000 ____D C:\Program Files\Waterfox
2021-05-17 03:40 - 2019-05-12 17:38 - 000000000 ___DC C:\ProgramData\Mozilla
2021-05-17 03:40 - 2018-12-28 18:31 - 000000000 ___DC C:\Users\Mike\AppData\LocalLow\Mozilla
2021-05-17 03:38 - 2021-01-20 19:30 - 000000000 ____D C:\Program Files (x86)\Slimjet
2021-05-16 23:06 - 2021-04-29 00:22 - 000000000 ____D C:\Users\Mike\76.0.4017.94
2021-05-16 23:06 - 2019-07-15 23:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShareX
2021-05-16 23:06 - 2019-07-15 23:47 - 000000000 ____D C:\Program Files\ShareX
2021-05-16 17:50 - 2021-01-08 02:34 - 000003792 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2021-05-16 17:50 - 2021-01-08 02:34 - 000003350 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2021-05-14 06:40 - 2019-12-07 05:54 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-14 06:21 - 2018-12-25 01:01 - 000000000 ___DC C:\WINDOWS\system32\MRT
2021-05-14 06:09 - 2018-12-25 01:01 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-13 20:17 - 2018-12-26 19:25 - 000000000 ___DC C:\Users\Mike\AppData\Roaming\vlc
2021-05-13 06:38 - 2021-04-01 00:35 - 000136472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2021-05-12 03:01 - 2020-09-30 16:45 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-05-12 03:00 - 2019-12-17 01:05 - 000001082 ____C C:\Users\Public\Desktop\VLC media player.lnk
2021-05-12 03:00 - 2019-12-17 01:05 - 000001082 ____C C:\ProgramData\Desktop\VLC media player.lnk
2021-05-11 12:10 - 2020-04-02 16:12 - 000000000 ____D C:\Users\Mike\AppData\Roaming\Zoom
 
==================== Files in the root of some directories ========
 
2019-02-02 22:12 - 2021-06-02 01:26 - 002199760 _____ (Opera Software) C:\Users\Mike\launcher.exe
2019-05-12 19:18 - 2017-11-19 13:51 - 000004286 ____C () C:\Program Files (x86)\FalcoGo.ico
2019-05-12 19:18 - 2017-11-19 13:53 - 000000044 ____C () C:\Program Files (x86)\FalcoGo.url
2019-05-12 19:18 - 2016-01-05 13:37 - 000004286 ____C () C:\Program Files (x86)\FalconLine.ico
2019-05-12 19:18 - 2016-01-05 13:25 - 000000047 ____C () C:\Program Files (x86)\FalconLine.url
2019-05-12 19:18 - 2016-12-21 01:39 - 000004286 ____C () C:\Program Files (x86)\FalcoSpace.ico
2019-05-12 19:18 - 2016-12-21 01:36 - 000000047 ____C () C:\Program Files (x86)\FalcoSpace.url
2019-09-13 00:29 - 2019-09-13 00:29 - 000000000 _____ () C:\Users\Mike\AppData\Roaming\Stardockfences_debug_snapshot.dat
2020-09-09 17:18 - 2021-06-07 04:19 - 000034784 _____ () C:\Users\Mike\AppData\Roaming\VoiceMeeterBananaDefault.xml
2020-06-18 21:25 - 2020-06-18 21:25 - 000004602 _____ () C:\Users\Mike\AppData\Roaming\VoiceMeeterDefault.xml
2019-02-03 02:51 - 2019-02-03 02:51 - 000000716 ___HC () C:\Users\Mike\AppData\Roaming\{4D0E646C-4852-629A-7791-6C5749949114}
2021-05-25 16:51 - 2021-05-25 16:51 - 000000218 _____ () C:\Users\Mike\AppData\Local\recently-used.xbel
2019-12-17 16:05 - 2019-12-17 16:05 - 000000000 _____ () C:\Users\Mike\AppData\Local\recently-used.xbel.4J8LC0
2019-12-17 16:05 - 2019-12-17 16:05 - 000000000 _____ () C:\Users\Mike\AppData\Local\recently-used.xbel.8Q7LC0
2019-12-17 16:05 - 2019-12-17 16:05 - 000000000 _____ () C:\Users\Mike\AppData\Local\recently-used.xbel.B30TC0
2019-12-17 16:04 - 2019-12-17 16:04 - 000000000 _____ () C:\Users\Mike\AppData\Local\recently-used.xbel.D9JMC0
2019-12-17 16:04 - 2019-12-17 16:04 - 000000000 _____ () C:\Users\Mike\AppData\Local\recently-used.xbel.J563C0
2019-12-17 16:04 - 2019-12-17 16:04 - 000000000 _____ () C:\Users\Mike\AppData\Local\recently-used.xbel.P4NMC0
2019-12-17 16:05 - 2019-12-17 16:05 - 000000000 _____ () C:\Users\Mike\AppData\Local\recently-used.xbel.S5WTC0
2019-12-17 16:04 - 2019-12-17 16:04 - 000000000 _____ () C:\Users\Mike\AppData\Local\recently-used.xbel.SD63C0
2019-02-27 19:09 - 2019-10-11 22:17 - 000007601 ____C () C:\Users\Mike\AppData\Local\Resmon.ResmonCfg
2019-03-05 22:48 - 2019-03-05 22:48 - 000000003 ____C () C:\Users\Mike\AppData\Local\updater.log
2020-05-01 21:46 - 2020-09-30 01:05 - 000000068 _____ () C:\Users\Mike\AppData\Local\update_progress.txt
2019-03-05 22:48 - 2019-03-05 22:48 - 000000425 ____C () C:\Users\Mike\AppData\Local\UserProducts.xml
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================

  • 0

Advertisements


#2
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,240 posts

Hello.

 

Can you please post the Addition.txt log too? It is also on your Desktop.


  • 0

#3
Maleboe

Maleboe

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 100 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-06-2021
Ran by Mike (09-06-2021 16:24:17)
Running from C:\Users\Mike\Desktop
Windows 10 Pro Version 21H1 19043.1023 (X64) (2020-06-28 03:37:25)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3967705999-1235421771-3941837385-500 - Administrator - Disabled)
Andrew (S-1-5-21-3967705999-1235421771-3941837385-1003 - Limited - Enabled) => C:\Users\Andrew
DefaultAccount (S-1-5-21-3967705999-1235421771-3941837385-503 - Limited - Disabled)
Guest (S-1-5-21-3967705999-1235421771-3941837385-501 - Limited - Disabled)
Mike (S-1-5-21-3967705999-1235421771-3941837385-1001 - Administrator - Enabled) => C:\Users\Mike
WDAGUtilityAccount (S-1-5-21-3967705999-1235421771-3941837385-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {EA21BCE8-A461-99C3-3A0D-4C964E75494E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Security Cloud (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Security Cloud (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
adbLink version 4.1 (HKLM-x32\...\{05CF1DD3-4A94-4219-B176-BB1796680A6C}_is1) (Version: 4.1 - jocala.com)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated)
Amazon Games (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\{4DD10B06-78A4-4E6F-AA39-25E9C38FA568}) (Version: 1.7.172.1 - Amazon.com Services, Inc.)
Amazon Kindle (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Amazon Kindle) (Version: 1.29.0.58059 - Amazon)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Audacity 3.0.2 (HKLM-x32\...\Audacity_is1) (Version: 3.0.2 - Audacity Team)
BCUninstaller (HKLM\...\{f4fef76c-1aa9-441c-af7e-d27f58d898d1}_is1) (Version: 4.16.0.38993 - Marcin Szeniak)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
BleachBit 4.2.0.1795 (HKLM-x32\...\BleachBit) (Version: 4.2.0.1795 - BleachBit)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 91.1.25.70 - Brave Software Inc)
Chrome Remote Desktop Host (HKLM-x32\...\{536BCB9B-9D3F-493F-9236-8D50A93B70F9}) (Version: 91.0.4472.10 - Google LLC)
ComicRack v0.9.154 (HKLM\...\ComicRack) (Version: v0.9.154 - cYo Soft)
CPUID CPU-Z 1.96 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.96 - CPUID, Inc.)
CrystalDiskInfo 8.12.1 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.12.1 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.14.0.1709 - Disc Soft Ltd)
Deluge 1.3.15 (HKLM-x32\...\Deluge) (Version:  - )
DeskPins (HKLM-x32\...\DeskPins) (Version: 1.32 - Elias Fotinis)
Discord (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Discord) (Version: 1.0.9002 - Discord Inc.)
DoNotSpy10 2020 (HKLM-x32\...\{32D066BD-F94C-4948-8FA8-84653EE9617E}_is1) (Version: 5.2.0.0 - pXc-coding.com)
Driver Easy 5.6.15 (HKLM\...\DriverEasy_is1) (Version: 5.6.15 - Easeware)
EmulationStation (HKLM-x32\...\EmulationStation) (Version:  - )
Epic Games Launcher (HKLM-x32\...\{0E63B233-DC24-442C-BD38-0B91D90FEC5B}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{6D70A161-C29B-441B-9AA5-2ABBAB3B4B4D}) (Version: 1.1.1.0 - Epic Games, Inc.)
Epic Privacy Browser (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Epic Privacy Browser) (Version: 87.0.4280.88 - Epic)
Eraser 6.2.0.2992 (HKLM\...\{6735C886-F5F0-446A-BB8C-03B92BA6775D}) (Version: 6.2.2992 - The Eraser Project)
Facebook Gameroom 1.23.7426.18586 (HKLM-x32\...\{58E3FB73-8B88-4807-A803-79B5ADA0136F}) (Version: 1.23.7426.18586 - Facebook)
FlashPeak Slimjet (HKLM-x32\...\Slimjet) (Version: 29.0.1.0 - FlashPeak Inc.)
Folder Size (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.6 - Brio)
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 11.0.0.49893 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader) (Version:  - )
Game Debate Hardware Scanner version 0.1.3 (HKLM-x32\...\{D81698E2-9F9C-4C66-BC9C-FC7F7FCFA55D}_is1) (Version: 0.1.3 - Social Webtech LTD)
GameInput Redistributable (HKLM-x32\...\{93B91052-9882-92F9-45E4-2EA38BC07D9E}) (Version: 10.1.19041.3357 - Microsoft Corporation)
GameSessions Data Delivery x86 (HKLM-x32\...\{8CFD5A0D-0810-4C17-B99F-FF6D83E0BC0E}) (Version: 2.0.11022.0 - Tangentix Ltd)
GameSessions Runtime x64 (HKLM\...\{23FA3862-F6FB-46C2-A536-071AEAF5949C}) (Version: 2.0.13036.0 - Tangentix Ltd)
Getleft v1.2 (HKLM-x32\...\Getleft_is1) (Version:  - )
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.77 - Google LLC)
Google Chrome Canary (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Google Chrome SxS) (Version: 93.0.4536.0 - Google LLC)
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Google Video Support Plugin (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 19.12.1000.0 - Google, LLC.)
GoTo Opener (HKLM-x32\...\{C2A61D74-BB65-42AD-B81F-AC25E1F7DE02}) (Version: 1.0.536 - LogMeIn, Inc.)
GoToMeeting 10.16.1.19709 (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\GoToMeeting) (Version: 10.16.1.19709 - LogMeIn, Inc.)
Grabber v7.1.1 (HKLM\...\{8C007AE6-3F7D-41CC-AB7C-75C08C276EC8}_is1) (Version: v7.1.1 - Bionus)
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.23.318 - SurfRight B.V.)
HUE HD Webcam (HKLM-x32\...\{75438C0E-9925-412E-AD85-D0E71C6CE2ED}) (Version: 5.7.19.121 - Clique)
Inquisit 4 Web Player (HKLM\...\{6D866A24-1844-4937-B718-35C694850FDA}) (Version: 4.0.10.0 - Millisecond Software)
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1.2.1 - IObit)
iPod Support (HKLM\...\{4B5933A1-A781-400E-B4A2-3ECC375375E4}) (Version: 120.7.3.55 - Apple Inc.)
IrfanView 4.58 (64-bit) (HKLM\...\IrfanView64) (Version: 4.58 - Irfan Skiljan)
Kaspersky Security Cloud (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Security Cloud (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Kaspersky VPN (HKLM-x32\...\{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{FF2A12B8-AEB7-48C0-95C8-E2E3D67DFCB2}) (Version: 21.3.10.391 - Kaspersky)
Kast 2.13.0 (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\d06bcc57-f338-548b-9321-2ecf1ddd47ff) (Version: 2.13.0 - Evasyst, Inc.)
KC Softwares DUMo (HKLM-x32\...\KC Softwares DUMo_is1) (Version: 2.23.4.114 - KC Softwares)
KC Softwares SUMo (HKLM-x32\...\KC Softwares SUMo_is1) (Version: 5.12.14.492 - KC Softwares)
Kingdom Hearts HD 1 5 and 2 5 ReMIX (HKLM-x32\...\Kingdom Hearts HD 1 5 and 2 5 ReMIX_is1) (Version:  - )
Kingston SSD Manager version 1.1.2.6 (HKLM-x32\...\{9A5DD901-0B98-4F2B-9421-B5975014184F}_is1) (Version: 1.1.2.6 - Kingston Digital, Inc)
Kirby: The Complete Collection (HKLM-x32\...\Kirby: The Complete Collection_is1) (Version:  - )
Kodi (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Kodi) (Version:  - XBMC Foundation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LEGO Star Wars (HKLM-x32\...\InstallShield_{E914A24F-2412-4374-B420-86D21D6D444A}) (Version: 1.00.0000 - Giant)
Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
Malwarebytes version 4.4.0.117 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.0.117 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.41 - Microsoft Corporation)
Microsoft Edge Beta (HKLM-x32\...\Microsoft Edge Beta) (Version: 92.0.902.9 - Microsoft Corporation)
Microsoft Edge Canary (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Microsoft Edge SxS) (Version: 93.0.915.0 - Microsoft Corporation)
Microsoft Edge Dev (HKLM-x32\...\Microsoft Edge Dev) (Version: 93.0.910.5 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 91.0.864.41 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.14026.20246 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3967705999-1235421771-3941837385-1003\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219.473 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219.473 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29112 (HKLM-x32\...\{0f770e99-3916-4b0c-8f9b-83822826bcbf}) (Version: 14.27.29112.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.13 (x64) (HKLM-x32\...\{df32638d-0722-47cb-b084-3dd851b1146e}) (Version: 3.1.13.29816 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 89.0 (x64 en-US) (HKLM\...\Mozilla Firefox 89.0 (x64 en-US)) (Version: 89.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 89.0 - Mozilla)
Newgrounds Player (HKLM-x32\...\{B9735123-2823-49F8-8264-372895D39702}) (Version: 1.0.0 - Newgrounds)
NVIDIA FrameView SDK 1.1.4923.29781331 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29781331 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.22.0.32 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.22.0.32 - NVIDIA Corporation)
NVIDIA GeForce NOW 2.0.25.119 (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.25.119 - NVIDIA Corporation)
NVIDIA Graphics Driver 466.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 466.63 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
OneClickdigital Media Manager (HKLM-x32\...\{D27E3096-E1C7-4BF1-923B-13E522646EBF}) (Version: 80.0.0.0 - Recorded Books)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenShot Video Editor version 2.5.1 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.5.1 - OpenShot Studios, LLC)
Opera GX Stable 75.0.3969.282 (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Opera GX 75.0.3969.282) (Version: 75.0.3969.282 - Opera Software)
Opera Neon (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Opera Neon) (Version: 1.0.2531.0 - Opera Software AS)
Opera Stable 68.0.3618.165 (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Opera 68.0.3618.165) (Version: 68.0.3618.165 - Opera Software)
Opera Stable 76.0.4017.177 (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Opera 76.0.4017.177) (Version: 76.0.4017.177 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.100.48178 - Electronic Arts, Inc.)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version:  - )
PHANTASY STAR ONLINE 2 NEW GENESIS Character Creator (HKLM-x32\...\{B8BEAA06-59FC-4A01-BABF-C0938CE06167}_is1) (Version:  - SEGA Co., Ltd.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.8 - Google, Inc.)
PlayStation™Now (HKLM-x32\...\{EE02E98B-D7D2-4778-B799-8C762294C619}) (Version: 11.0.2 - Sony Interactive Entertainment Network America LLC)
Plex Media Server (HKLM-x32\...\{99123347-4b8a-427c-9ca6-37ea6e1e5de2}) (Version: 1.22.3.4392 - Plex, Inc.)
Plex Media Server (HKLM-x32\...\{E7101C06-807C-403A-9E9F-F7E86C14E0A4}) (Version: 1.22.3392 - Plex, Inc.) Hidden
Port Forward Network Utilities version 3.3.0.0 (HKLM-x32\...\{532683E3-230C-49B0-9609-10A5228F1445}_is1) (Version: 3.3.0.0 - Portforward, LLC)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 210428 - Kakao Corp.)
PowerToys (Preview) (HKLM\...\{76C2F219-2C72-4DBD-BC9E-F6DAE909AAB6}) (Version: 0.37.2 - Microsoft Corporation)
PPSSPP (HKLM\...\PPSSPP_is1) (Version: 1.10.3.0 - PPSSPP Team)
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
Rambox 0.7.7 (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\{a96f5dae-a9ee-56cc-8ed9-dc244a5f7ff3}) (Version: 0.7.7 - Rambox LLC)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1015.1016.1016.191212 - REALTEK Semiconductor Corp.)
RetroArch 1.9.0 (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\RetroArch) (Version: 1.9.0 - libretro)
Revo Uninstaller Pro 4.1.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.1.0 - VS Revo Group, Ltd.)
Roblox Player for Mike (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\roblox-player) (Version:  - Roblox Corporation)
Room EQ Wizard 5.19 (HKLM-x32\...\4549-9647-2313-4375) (Version: 5.19 - John Mulcahy)
RuneScape Launcher 2.2.8 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.8 - Jagex Ltd)
Send Anywhere 20.12.230853 (HKLM-x32\...\20db1975-fda0-5740-b262-81be26ba22ab) (Version: 20.12.230853 - Estmob Inc.)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 13.5.0 - ShareX Team)
Sidekick (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Sidekick) (Version: 80.5.29.4010 - The Sidekick Authors)
Simkl Tracker (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\SimklTracker) (Version:  - Simkl)
Skype version 8.72 (HKLM-x32\...\Skype_is1) (Version: 8.72 - Skype Technologies S.A.)
SmartClose 1.3 (HKLM-x32\...\SmartClose.{7F22CBCB-92B5-4F5D-9A34-BB690215BEF2}_is1) (Version: 1.3 - BM-productions)
Sonarr version 2.0 (HKLM-x32\...\{56C1065D-3523-4025-B76D-6F73F67F7F71}_is1) (Version: 2.0 - Team Sonarr)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SRWare Iron (64-Bit) version 88.0.4500.0 (HKLM\...\{BA85A29D-B48E-4826-BAEE-817024E52E29}_is1) (Version: 88.0.4500.0 - SRWare)
Stardock Fences 3 (HKLM-x32\...\Stardock Fences 3) (Version: 3.05 - Stardock Software, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stopping Plex (HKLM-x32\...\{421070D8-E564-4930-87F0-3F1010923FDF}) (Version: 1.22.3392 - Plex, Inc.) Hidden
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.18.5 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version:  - TechPowerUp)
TinyTake (HKLM-x32\...\{7024F0F8-5C9F-4FBA-A9B9-3408A6E4A8D5}) (Version: 5.2.16.0 - MangoApps) Hidden
TinyTake by MangoApps (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\{6251654b-2b4e-4f33-85ef-16541aa1020a}) (Version: 5.2.16.0 - MangoApps)
TinyTake Filter 1.0.0 (HKLM\...\TinyTake Filter_is1) (Version: 1.0.0 - )
TreeSize Free V4.4.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.4.2 - JAM Software)
TurboTop 2.8 (HKLM-x32\...\TurboTop_is1) (Version: 2.8.0.21 - Savard Software)
Twitch (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 119.0.10382 - Ubisoft)
Unchecky v1.2 (HKLM-x32\...\Unchecky) (Version: 1.2 - Reason Software Company Inc.)
Unlocker (HKLM\...\{5993C960-4E90-4A00-A2F3-D0C4020A6992}) (Version: 1.9.2 - ajua Custom Installers)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation)
Vivaldi (HKLM-x32\...\Vivaldi) (Version: 4.0.2312.24 - Vivaldi Technologies AS.)
Vivaldi (HKU\.DEFAULT\...\Vivaldi) (Version: 3.6.2165.40 - Vivaldi Technologies AS.)
Vivaldi (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Vivaldi) (Version: 3.6.2165.36 - Vivaldi Technologies AS.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.14 - VideoLAN)
Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version:  - VB-Audio Software)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
Waterfox Classic 56.5 (x64 en-US) (HKLM\...\Waterfox Classic 56.5 (x64 en-US)) (Version: 56.5 - Waterfox Ltd)
Waterfox G3.1.0 (x64 en-US) (HKLM\...\Waterfox G3.1.0 (x64 en-US)) (Version: G3.1.0 - Waterfox)
Waterfox G3.2.1 (x64 en-US) (HKLM\...\Waterfox G3.2.1 (x64 en-US)) (Version: G3.2.1 - Waterfox)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
WinDirStat 1.1.2 (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\WinDirStat) (Version:  - )
Windows Driver Package - Sony Computer Entertainment Inc. Wireless controller for PLAYSTATION®3 Driver Package (01/20/2012 1.4.0.0) (HKLM\...\D5410AE5FA467EF0F19558D5F60C991A79E11B51) (Version: 01/20/2012 1.4.0.0 - Sony Computer Entertainment Inc.)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinRAR 6.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.01.0 - win.rar GmbH)
Wise Program Uninstaller 2.5.1 (HKLM-x32\...\Wise Program Uninstaller_is1) (Version: 2.5.1 - WiseCleaner.com, Inc.)
Y8 Browser 1.0.7 (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\a6611861-70b4-5ed8-b9ef-d6448267637c) (Version: 1.0.7 - Y8 Games)
Youtube-DLG version 0.4 (HKLM-x32\...\{3C455028-FC99-4846-8E04-4FCD87D85613}_is1) (Version: 0.4 - Sotiris Papadopoulos)
Zoom (HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\ZoomUMX) (Version: 5.6.5 (823) - Zoom Video Communications, Inc.)
ZorA (HKLM-x32\...\{B8DFADE5-CDE8-4453-8D05-7EB5533FFD3E}) (Version: 1.10.0000 - EpicGear) Hidden
ZorA (HKLM-x32\...\InstallShield_{B8DFADE5-CDE8-4453-8D05-7EB5533FFD3E}) (Version: 1.10.0000 - EpicGear)
 
Packages:
=========
AccuWeather - Weather for Life -> C:\Program Files\WindowsApps\AccuWeather.AccuWeatherforWindows8_10.0.348.1000_x64__8zz2pj9h1h1d8 [2021-06-03] (AccuWeather) [MS Ad]
Amazon Music -> C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_8.5.0.0_x86__kc6t79cpj4tp0 [2021-06-03] (AMZN Mobile LLC)
Amazon Prime Video for Windows -> C:\Program Files\WindowsApps\AmazonVideo.PrimeVideo_1.0.62.0_x64__pwbj9vvecjh7j [2021-06-03] (Amazon Development Centre (London) Ltd)
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.41301.0_x64__8wekyb3d8bbwe [2021-06-03] (Microsoft Corporation)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.5.37.0_x86__kgqvnymyfvs32 [2021-06-07] (king.com)
CoManga -> C:\Program Files\WindowsApps\27942Xonshiz.CoManga_1.1.0.0_x64__w8j6akv5bsxee [2021-06-03] (Xonshiz) [MS Ad]
Cover - Comic reader -> C:\Program Files\WindowsApps\FrenchFry.Cover_3.7.2.0_x64__a3mvwcjazefp4 [2021-06-03] (French Fry)
CPlus for Craigslist -> C:\Program Files\WindowsApps\YanFlex.Craigslist_1.5.3.6_x64__xqdm6kn4nxgd2 [2021-06-03] (YanFlex)
Crunchyroll -> C:\Program Files\WindowsApps\15EF7777.Crunchyroll_1.3.1.0_x64__mgdgtskya6f22 [2021-06-03] (Ellation, Inc.)
Delight Media Player -> C:\Program Files\WindowsApps\2504AtefShehata.DuplexMediaPlayer_1.23.0.0_x64__yf78sj3bsdbta [2021-06-03] (Atef Shehata)
Dice Shaker -> C:\Program Files\WindowsApps\8781NickWhaleyProductions.DiceSack_1.0.0.8_neutral__1cn8t67p2st3g [2021-06-03] (Nick Whaley Productions)
EasyNotes for Keep -> C:\Program Files\WindowsApps\61545TimGrabinat.wAPPerforGKeep_1.1.36.0_x64__rcb0qdgx4z9ca [2021-06-03] (Tim Grabinat) [MS Ad]
f.lux -> C:\Program Files\WindowsApps\F.luxSoftwareLLC.f.lux_4.118.0.0_x86__sw1dyjdkns7gt [2021-06-03] (F.lux Software LLC) [Startup Task]
Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2021.312.1.0_neutral__8xx8rvfyw5nnt [2021-06-03] (Facebook Inc)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2021-06-03] (Flipboard)
Grover Podcast -> C:\Program Files\WindowsApps\14610MatheusI.M.GroovePodcast_3.2.9.0_x64__jx8kt06yv8vw6 [2021-06-09] (Matheus Inácio)
Hill Climb Racing -> C:\Program Files\WindowsApps\FINGERSOFT.HILLCLIMBRACING_1.41.1.0_x86__r6rtpscs7gwyg [2021-06-08] (Fingersoft) [MS Ad]
Hulu -> C:\Program Files\WindowsApps\HULULLC.HULUPLUS_3.1.0.0_neutral__fphbd361v8tya [2021-06-03] (Hulu.)
iHeartRadio -> C:\Program Files\WindowsApps\ClearChannelRadioDigital.iHeartRadio_7.1.0.0_x64__a76a11dkgb644 [2021-06-09] (iHeartMedia.)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.13.0_neutral__8xx8rvfyw5nnt [2021-06-03] (Instagram)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa [2021-06-03] (Apple Inc.) [Startup Task]
Magic Jigsaw Puzzles -> C:\Program Files\WindowsApps\XIMADINC.MagicPuzzles_4.7.7.0_x64__np8fj6akx2czy [2021-06-06] (ZiMAD)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt [2021-06-03] (Facebook Inc) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-06-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-06-03] (Microsoft Corporation) [MS Ad]
Microsoft Bingo -> C:\Program Files\WindowsApps\Microsoft.MicrosoftBingo_2.6.10262.0_x86__8wekyb3d8bbwe [2021-06-03] (Microsoft Studios) [MS Ad]
Microsoft Edge Beta -> C:\Program Files (x86)\Microsoft\Edge Beta\Application [2021-06-09] (0)
Microsoft Edge Canary -> C:\Users\Mike\AppData\Local\Microsoft\Edge SxS\Application [2021-06-09] (0)
Microsoft Edge Dev -> C:\Program Files (x86)\Microsoft\Edge Dev\Application [2021-06-09] (0)
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_2.1.7200.0_x86__8wekyb3d8bbwe [2021-06-06] (Microsoft Studios) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.0.11030.0_x64__8wekyb3d8bbwe [2021-06-03] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5310.0_x64__8wekyb3d8bbwe [2021-06-06] (Microsoft Studios) [MS Ad]
Microsoft Treasure Hunt -> C:\Program Files\WindowsApps\Microsoft.MicrosoftTreasureHunt_2.2.5200.0_x86__8wekyb3d8bbwe [2021-06-06] (Microsoft Studios) [MS Ad]
Microsoft Ultimate Word Games -> C:\Program Files\WindowsApps\Microsoft.Studios.Wordament_3.8.904.0_x64__8wekyb3d8bbwe [2021-06-03] (Microsoft Studios) [MS Ad]
Mr. Pillster - pill reminder & medication tracker -> C:\Program Files\WindowsApps\3736WhisperArts.Mr.Pillster-pillsremindermedicinet_1.5.2.0_x86__f9ztg08dw3act [2021-06-03] (WhisperArts) [MS Ad]
MusicBee -> C:\Program Files\WindowsApps\50072StevenMayall.MusicBee_3.4.1.0_x86__kcr266et74avj [2021-06-03] (Steven Mayall)
Musixmatch Lyrics - Sing along Spotify, iTunes, Windows Media Player -> C:\Program Files\WindowsApps\MUSIXMATCH.LYRICS_3.14.4564.0_x86__7gejyv32yt3te [2021-06-03] (Musixmatch) [Startup Task]
myTube Beta -> C:\Program Files\WindowsApps\59750RykenApps.myTubeBeta_4.0.2.0_x64__zd92nzxdcatqw [2021-06-03] (Ryken Studio)
myTube! -> C:\Program Files\WindowsApps\59750RYKENAPPS.435307C335C44_4.0.2.0_x64__zd92nzxdcatqw [2021-06-03] (Ryken Studio)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-01-19] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-06-03] (NVIDIA Corp.)
OverDrive - Library eBooks & Audiobooks -> C:\Program Files\WindowsApps\2FA138F6.OverDriveMediaConsole_3.8.0.5_neutral__daecb9042jmvt [2021-06-03] (OverDrive Inc.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-23] (Microsoft Corporation)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.27.1.0_x64__nfy108tqq3p12 [2021-06-03] (Thumbmunkeys Ltd)
Pillbox -> C:\Program Files\WindowsApps\53488kidjenius.MedicationTracker_1.8.6.0_x64__fjxwr71spe664 [2021-06-03] (kidjenius) [MS Ad]
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2021-06-03] (Plex)
Pocket Casts Desktop -> C:\Program Files\WindowsApps\ShiftyJelly.PocketCastsDesktop_1.5.7.0_x64__jr8twj5yc2snp [2021-06-03] (Shifty Jelly)
QuickLook -> C:\Program Files\WindowsApps\21090PaddyXu.QuickLook_3.6.11.0_neutral__egxr34yet59cg [2021-06-03] (Paddy Xu) [Startup Task]
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.481.30470.0_x86__55nm5eh3cm0pr [2021-06-06] (ROBLOX Corporation)
RoboForm Password Manager -> C:\Program Files\WindowsApps\SiberSystemsInc.RoboFormEdge_8.5.7.0_x86__7kk3kr9e0p1np [2021-06-03] (Siber Systems Inc)
Simple Word Search -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleWordSearch_4.0.10.0_x64__kx24dqmazqk8j [2021-06-03] (Random Salad Games LLC)
Sirius XM Radio Inc. -> C:\Program Files\WindowsApps\SiriusXM.SiriusXM_4.7.0.0_x64__rb1gq5s0htdrw [2021-06-03] (Sirius XM Radio Inc)
SongPop 2 -> C:\Program Files\WindowsApps\FreshPlanetInc.SongPop2_2.16.1004.0_x64__qameptgjm6k7c [2021-06-03] (FreshPlanet Inc.)
Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.13.156.0_x64__43tkc6nmykmb6 [2021-06-03] (Ookla)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0 [2021-06-03] (Spotify AB) [Startup Task]
Stopwatch + Timer -> C:\Program Files\WindowsApps\25342asdf3333.StoppuhrTimer_1.5.7.1000_x64__1xbryz0n7krfa [2021-06-03] (asdf3333)
Taptiles -> C:\Program Files\WindowsApps\Microsoft.Taptiles_2.6.288.0_x86__8wekyb3d8bbwe [2021-06-03] (Microsoft Studios) [MS Ad]
TED -> C:\Program Files\WindowsApps\TEDConferencesLLC.TED_2.2.12.0_neutral__tdf10p8az89a6 [2021-06-03] (TED Conferences LLC)
The Weather 14 days -> C:\Program Files\WindowsApps\tiempo.com.ElTiempo14das_3.2.10.0_x64__1jw6nrrrzn4a6 [2021-06-03] (Meteo Network) [MS Ad]
Versefy - Lyrics finder -> C:\Program Files\WindowsApps\2238JakubSteplowski.SpotifyLyrics.NET_2.0.0.0_x64__76k8dzmm3mrer [2021-06-03] (Jakub Steplowski)
Warm Winter Nights -> C:\Program Files\WindowsApps\Microsoft.WarmWinterNights_1.0.0.0_neutral__8wekyb3d8bbwe [2021-06-03] (Microsoft Corporation)
Xbox 360 SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe [2021-06-03] (Microsoft Corporation) [MS Ad]
Xbox Accessories -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_300.2105.20001.0_x64__8wekyb3d8bbwe [2021-06-08] (Microsoft Corporation)
Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2021-06-03] (Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{01029388-0B8F-484C-BC0F-AC1E79630A9A}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.137.99\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{1BF368D2-E51E-4ACC-8F60-3FC9E891B96A}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.119.43\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{1EFE814D-F1BA-4B7E-AE9A-A8BD71D2CF2D}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.117.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{300E17A3-B34E-4D77-BCB4-4F227F215016}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.121.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{4372F3CE-EDF2-4B6A-937B-A6E1F4C1AA78}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.117.29\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{4BF4AA82-C9FE-45F5-A67A-925D602662F3}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.125.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{53DCCD48-20E9-4E0B-BA3F-D352EF44C9E3}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.135.49\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.35.423\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{5DB7CD8E-F11E-401F-8B84-E5B37533C22A}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.117.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.143.57\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{7C11786C-8288-421D-B1B8-EE6684A6AEED}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.135.29\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.143.57\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Mike\AppData\Local\GoToMeeting\18705\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.)
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{9C08B62F-350A-41A8-866D-958247525EE6}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.113.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{9DE945F0-3142-49CC-ACBD-AC1F443C5E16}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.127.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{BA219326-CF19-44D0-8495-3327B1868DFA}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.139.65\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{BCA9D37C-CA60-4160-9115-97A00F24702D}\localserver32 -> "C:\Program Files\Vivaldi\Application\3.6.2165.36\notification_helper.exe" => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{C1339708-2882-4647-A280-BEC7AF3217B4}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.143.45\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{DAAF107C-0599-4BA6-9722-7F5437012183}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.135.41\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{DAFA040D-F6C0-4A7E-904A-7516DDBF03D8}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.143.57\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{E94F9315-63B0-4CAF-B4AA-1907B4F344AE}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.137.93\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{EDD9A6D6-52EA-406B-AD7D-F9C9A0CE6A5F}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.127.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{F6F8D795-EA53-4CBF-A169-047D04186B82}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.135.37\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{F72FA0AF-5C8C-436F-8D41-E1B27FA05DE2}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.119.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{F7B60789-4C6A-41DD-97A7-C7052F614D5A}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.133.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{FA372A6E-149F-4E95-832D-8F698D40AD7F}\localserver32 -> C:\Users\Mike\AppData\Local\Google\Chrome SxS\Application\93.0.4536.0\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{FD6151BA-EFA6-4F58-B92C-F4733DAEBF66}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.129.31\psuser_64.dll => No File
ShellExecuteHooks: QTTabBarLib.ExplorerProcessCaptor - {D2BF470E-ED1C-487F-AAAA-2BD8835EB6CE} - C:\Windows\System32\mscoree.dll [383488 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
ShellExecuteHooks-x32: QTTabBarLib.ExplorerProcessCaptor - {D2BF470E-ED1C-487F-AAAA-2BD8835EB6CE} - C:\Windows\SysWOW64\mscoree.dll [314880 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2021-02-12] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers1: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2017-06-13] (Stardock Corporation -> Stardock)
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-06-06] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2018-05-17] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-03-16] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2021-02-12] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-06-06] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-03-16] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-18] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Program Files\PowerToys\modules\PowerRename\PowerRenameExt.dll [2021-05-10] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2021-02-12] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers4: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2017-06-13] (Stardock Corporation -> Stardock)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-06-06] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2018-05-17] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2021-02-12] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers5: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2017-06-13] (Stardock Corporation -> Stardock)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1108979a670abe46\nvshext.dll [2021-05-31] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2021-02-12] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers6: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2017-06-13] (Stardock Corporation -> Stardock)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-06-06] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-18] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2018-05-17] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\Mike\Desktop\Dear ([email protected]) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Mike\Desktop\Free Music.lnk -> C:\Users\Mike\AppData\Local\Torch\Application\torch.exe (Torch Media Inc.) -> --run-by-tm hxxp://music.torchbrowser.com
ShortcutWithArgument: C:\Users\Mike\Desktop\Hubs.lnk -> C:\Program Files\Vivaldi\Application\vivaldi_proxy.exe (Vivaldi Technologies AS) ->  --profile-directory=Default --app-id=gecpjahfmjincflnieigcbkjhmeanjej
ShortcutWithArgument: C:\Users\Mike\Desktop\Hulu.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=epffkfffophpagfbbklffindaiconkmc
ShortcutWithArgument: C:\Users\Mike\Desktop\The Roku Channel.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=igmabefcbafcdmlnijleipocglddpnbn
ShortcutWithArgument: C:\Users\Mike\AppData\Local\Microsoft\Edge SxS\User Data\Default\Microsoft Edge Canary.lnk -> C:\Users\Mike\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Mike\AppData\Local\Microsoft\Edge Dev\User Data\Microsoft Edge Dev.lnk -> C:\Program Files (x86)\Microsoft\Edge Dev\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Mike\AppData\Local\Microsoft\Edge Beta\User Data\Default\Microsoft Edge Beta.lnk -> C:\Program Files (x86)\Microsoft\Edge Beta\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Apps & Extensions Developer Tool.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=ohmmkhmmmpcnpikjeljgnaoabkaalbgc
ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Directory Index Media Player.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=bcanaaidccjjjigbdiegafllllpbgkdg
ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Floating for YouTube™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=jjphmlaoffndcnecccgemfdaaoighkel
ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Hangouts.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl
ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Keep - Notes and Lists.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Hubs.lnk -> C:\Program Files\Vivaldi\Application\vivaldi_proxy.exe (Vivaldi Technologies AS) ->  --profile-directory=Default --app-id=gecpjahfmjincflnieigcbkjhmeanjej
ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Hulu.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=epffkfffophpagfbbklffindaiconkmc
ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Pluto TV_ TV for the Internet.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=fjimjcdcjpelckcneochchfmnojdhdkh
ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Polycraft.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=eopfmbpfhhfnklgmjpoehcjaajhpbhbl
ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Reditr - The Best Reddit Client.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=pmfcbbijgnhoebddbjpmlikabnbnddgb
ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Run Pixie Run.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=gfkmokjholoinfcnlolbjfaokmoegeoh
ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\The Roku Channel.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=igmabefcbafcdmlnijleipocglddpnbn
ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Type Fu.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=pofoighmmpljaikjiidkkfhldjndfdbk
ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm
ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Hulu.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=epffkfffophpagfbbklffindaiconkmc
ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge Beta.lnk -> C:\Program Files (x86)\Microsoft\Edge Beta\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge Canary.lnk -> C:\Users\Mike\AppData\Local\Microsoft\Edge SxS\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge Dev.lnk -> C:\Program Files (x86)\Microsoft\Edge Dev\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f26e7db4086c4a4\Torch.lnk -> C:\Users\Mike\AppData\Local\Torch\Application\torch.exe (Torch Media Inc.) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e6edd31e8c733a65\Click&Clean.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=dacknjoogbepndbemlmljdobinliojbk
ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\aeea6001c9fdcab9\Click&Clean.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=ghgabhipcejejjmhhchfonmamedcbeod
ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\a3a1d6b8109861c5\Google Hangouts.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=nckgahadagoaajjgafhacjanaoiihapd
ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\8eec67784d56e0d6\Magic Actions for YouTube™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=abjcfabbhafbcdfjoecdgepllmpfceif
ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\4242a155fcc27c2b\FlashPeak Slimjet.lnk -> C:\Program Files (x86)\Slimjet\slimjet.exe (FlashPeak Inc.) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Mike\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\3373c9ebc3a5e445\SRWare Iron.lnk -> C:\Program Files\SRWare Iron (64-Bit)\chrome.exe (SRWare) -> --profile-directory=Default
 
==================== Loaded Modules (Whitelisted) =============
 
2021-04-12 00:49 - 2021-04-12 00:49 - 054230528 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\addon.node
2021-04-12 00:49 - 2021-04-12 00:49 - 000763392 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\keytar.node
2021-04-12 00:49 - 2021-04-12 00:49 - 000750080 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\logging.node
2020-03-12 21:12 - 2020-03-12 21:12 - 001037824 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\spellchecker_win.node
2021-04-12 00:49 - 2021-04-12 00:49 - 001218560 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\systeminfo.node
2020-07-28 00:13 - 2020-07-28 00:13 - 000614912 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.applicationmodel.node
2020-08-04 07:48 - 2020-08-04 07:48 - 000202240 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.networking.pushnotifications.node
2020-07-28 00:13 - 2020-07-28 00:13 - 001144832 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.storage.node
2020-07-28 00:13 - 2020-07-28 00:13 - 000681984 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_970.11.116.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.ui.notifications.node
2017-03-06 06:23 - 2017-03-06 06:23 - 000119808 ____C () [File not signed] C:\Program Files (x86)\Deluge\_cffi_backend.pyd
2016-12-17 16:44 - 2016-12-17 16:44 - 000091648 ____C () [File not signed] C:\Program Files (x86)\Deluge\_ctypes.pyd
2016-12-17 16:46 - 2016-12-17 16:46 - 001016832 ____C () [File not signed] C:\Program Files (x86)\Deluge\_hashlib.pyd
2016-12-17 16:45 - 2016-12-17 16:45 - 000046592 ____C () [File not signed] C:\Program Files (x86)\Deluge\_socket.pyd
2016-12-17 16:45 - 2016-12-17 16:45 - 001410048 ____C () [File not signed] C:\Program Files (x86)\Deluge\_ssl.pyd
2011-04-09 04:03 - 2011-04-09 04:03 - 000208384 ____C () [File not signed] C:\Program Files (x86)\Deluge\atk.pyd
2010-11-02 15:35 - 2010-11-02 15:35 - 000069632 ____C () [File not signed] C:\Program Files (x86)\Deluge\cairo._cairo.pyd
2017-03-06 06:23 - 2017-03-06 06:23 - 001828864 ____C () [File not signed] C:\Program Files (x86)\Deluge\cryptography.hazmat.bindings._openssl.pyd
2012-02-08 18:50 - 2012-02-08 18:50 - 000538324 ____C () [File not signed] C:\Program Files (x86)\Deluge\freetype6.dll
2011-04-09 03:59 - 2011-04-09 03:59 - 000263168 ____C () [File not signed] C:\Program Files (x86)\Deluge\gio._gio.pyd
2011-04-09 03:59 - 2011-04-09 03:59 - 000058368 ____C () [File not signed] C:\Program Files (x86)\Deluge\glib._glib.pyd
2011-04-09 03:59 - 2011-04-09 03:59 - 000113152 ____C () [File not signed] C:\Program Files (x86)\Deluge\gobject._gobject.pyd
2011-04-09 04:02 - 2011-04-09 04:02 - 001882624 ____C () [File not signed] C:\Program Files (x86)\Deluge\gtk._gtk.pyd
2011-04-09 04:03 - 2011-04-09 04:03 - 000018944 ____C () [File not signed] C:\Program Files (x86)\Deluge\gtk.glade.pyd
2017-05-12 16:30 - 2017-05-12 16:30 - 000156686 ____C () [File not signed] C:\Program Files (x86)\Deluge\lib\gtk-2.0\2.10.0\engines\libmurrine.dll
2012-02-08 18:51 - 2012-02-08 18:51 - 000062248 ____C () [File not signed] C:\Program Files (x86)\Deluge\lib\gtk-2.0\2.10.0\engines\libpixmap.dll
2012-02-08 18:50 - 2012-02-08 18:50 - 001294335 ____C () [File not signed] C:\Program Files (x86)\Deluge\libcairo-2.dll
2012-02-08 18:50 - 2012-02-08 18:50 - 000143096 ____C () [File not signed] C:\Program Files (x86)\Deluge\libexpat-1.dll
2012-02-08 18:50 - 2012-02-08 18:50 - 000279059 ____C () [File not signed] C:\Program Files (x86)\Deluge\libfontconfig-1.dll
2012-02-08 18:51 - 2012-02-08 18:51 - 000168833 ____C () [File not signed] C:\Program Files (x86)\Deluge\libglade-2.0-0.dll
2012-02-08 18:51 - 2012-02-08 18:51 - 000230529 ____C () [File not signed] C:\Program Files (x86)\Deluge\libpng14-14.dll
2017-02-19 11:11 - 2017-02-19 11:11 - 002596352 ____C () [File not signed] C:\Program Files (x86)\Deluge\libtorrent.pyd
2012-02-08 18:51 - 2012-02-08 18:51 - 001225225 ____C () [File not signed] C:\Program Files (x86)\Deluge\libxml2-2.dll
2011-04-09 04:03 - 2011-04-09 04:03 - 000111616 ____C () [File not signed] C:\Program Files (x86)\Deluge\pango.pyd
2011-04-09 04:03 - 2011-04-09 04:03 - 000017920 ____C () [File not signed] C:\Program Files (x86)\Deluge\pangocairo.pyd
2017-03-06 06:23 - 2017-03-06 06:23 - 000936960 ____C () [File not signed] C:\Program Files (x86)\Deluge\PIL._imaging.pyd
2015-09-13 12:07 - 2015-09-13 12:07 - 000395776 ____C () [File not signed] C:\Program Files (x86)\Deluge\pythoncom27.dll
2015-09-13 12:07 - 2015-09-13 12:07 - 000109056 ____C () [File not signed] C:\Program Files (x86)\Deluge\pywintypes27.dll
2016-07-20 10:53 - 2016-07-20 10:53 - 000058368 ____C () [File not signed] C:\Program Files (x86)\Deluge\rencode._rencode.pyd
2016-12-17 16:44 - 2016-12-17 16:44 - 000010240 ____C () [File not signed] C:\Program Files (x86)\Deluge\select.pyd
2016-12-17 16:44 - 2016-12-17 16:44 - 000687104 ____C () [File not signed] C:\Program Files (x86)\Deluge\unicodedata.pyd
2015-09-13 12:07 - 2015-09-13 12:07 - 000099328 ____C () [File not signed] C:\Program Files (x86)\Deluge\win32api.pyd
2015-09-13 12:07 - 2015-09-13 12:07 - 000360448 ____C () [File not signed] C:\Program Files (x86)\Deluge\win32com.shell.shell.pyd
2015-09-13 12:07 - 2015-09-13 12:07 - 000017408 ____C () [File not signed] C:\Program Files (x86)\Deluge\win32event.pyd
2015-09-13 12:07 - 2015-09-13 12:07 - 000118784 ____C () [File not signed] C:\Program Files (x86)\Deluge\win32file.pyd
2015-09-13 12:07 - 2015-09-13 12:07 - 000166912 ____C () [File not signed] C:\Program Files (x86)\Deluge\win32gui.pyd
2015-09-13 12:07 - 2015-09-13 12:07 - 000023040 ____C () [File not signed] C:\Program Files (x86)\Deluge\win32pipe.pyd
2015-09-13 12:07 - 2015-09-13 12:07 - 000035840 ____C () [File not signed] C:\Program Files (x86)\Deluge\win32process.pyd
2012-02-08 18:51 - 2012-02-08 18:51 - 000100352 ____C () [File not signed] C:\Program Files (x86)\Deluge\zlib1.dll
2017-03-06 06:23 - 2017-03-06 06:23 - 000019456 ____C () [File not signed] C:\Program Files (x86)\Deluge\zope.interface._zope_interface_coptimizations.pyd
2020-05-23 16:19 - 2020-05-23 16:19 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Origin\libEGL.DLL
2020-05-23 16:19 - 2020-05-23 16:19 - 003090944 _____ () [File not signed] C:\Program Files (x86)\Origin\libGLESv2.dll
2020-04-01 13:53 - 2020-04-01 13:53 - 000967168 _____ () [File not signed] C:\Program Files (x86)\VB\Voicemeeter\mp3lame\lame_enc.dll
2019-05-18 17:01 - 2017-04-15 14:39 - 000070144 ____C () [File not signed] C:\Program Files\TinyTake Filter\screen-capture-recorder-x64.dll
2020-04-17 15:58 - 2020-04-17 15:58 - 000095744 _____ () [File not signed] C:\WINDOWS\Womtrust.dll
2012-02-08 18:50 - 2012-02-08 18:50 - 000152489 ____C (Free Software Foundation) [File not signed] C:\Program Files (x86)\Deluge\intl.dll
2021-01-20 19:32 - 2021-01-20 19:32 - 004748456 ____T (Google Inc (TEST) -> Epic Privacy Browser) [File not signed] C:\Users\Mike\AppData\Local\Epic Privacy Browser\Installer\1.3.29.13\goopdate.dll
2016-12-17 16:43 - 2016-12-17 16:43 - 002639872 ____C (Python Software Foundation) [File not signed] C:\Program Files (x86)\Deluge\python27.dll
2012-02-08 18:51 - 2012-02-08 18:51 - 000333729 ____C (Red Hat Software) [File not signed] C:\Program Files (x86)\Deluge\libpango-1.0-0.dll
2012-02-08 18:51 - 2012-02-08 18:51 - 000104729 ____C (Red Hat Software) [File not signed] C:\Program Files (x86)\Deluge\libpangocairo-1.0-0.dll
2012-02-08 18:51 - 2012-02-08 18:51 - 000815421 ____C (Red Hat Software) [File not signed] C:\Program Files (x86)\Deluge\libpangoft2-1.0-0.dll
2012-02-08 18:51 - 2012-02-08 18:51 - 000108945 ____C (Red Hat Software) [File not signed] C:\Program Files (x86)\Deluge\libpangowin32-1.0-0.dll
2020-08-19 20:50 - 2020-03-13 13:37 - 000665719 _____ (SQLite Development Team) [File not signed] C:\ProgramData\NzbDrone\bin\sqlite3.DLL
2017-05-19 13:26 - 2017-05-19 13:26 - 001280472 _____ (Stardock Corporation -> Stardock Corporation) [File not signed] [File is in use] c:\program files (x86)\stardock\fences\SdAppServices_x64.dll
2017-06-13 15:33 - 2017-06-13 15:33 - 002836408 _____ (Stardock Corporation -> Stardock) [File not signed] [File is in use] c:\program files (x86)\stardock\fences\DesktopDock64.dll
2012-02-08 18:50 - 2012-02-08 18:50 - 000163476 ____C (Sun Microsystems Inc.) [File not signed] C:\Program Files (x86)\Deluge\libatk-1.0-0.dll
2017-02-11 20:28 - 2015-09-28 14:08 - 000255488 _____ (Sysprogs OU) [File not signed] C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll
2012-02-08 18:51 - 2012-02-08 18:51 - 001222182 ____C (The GLib developer community) [File not signed] C:\Program Files (x86)\Deluge\libgio-2.0-0.dll
2012-02-08 18:51 - 2012-02-08 18:51 - 001242929 ____C (The GLib developer community) [File not signed] C:\Program Files (x86)\Deluge\libglib-2.0-0.dll
2012-02-08 18:51 - 2012-02-08 18:51 - 000036986 ____C (The GLib developer community) [File not signed] C:\Program Files (x86)\Deluge\libgmodule-2.0-0.dll
2012-02-08 18:51 - 2012-02-08 18:51 - 000341594 ____C (The GLib developer community) [File not signed] C:\Program Files (x86)\Deluge\libgobject-2.0-0.dll
2012-02-08 18:51 - 2012-02-08 18:51 - 000044287 ____C (The GLib developer community) [File not signed] C:\Program Files (x86)\Deluge\libgthread-2.0-0.dll
2012-02-08 18:50 - 2012-02-08 18:50 - 000285194 ____C (The GTK developer community) [File not signed] C:\Program Files (x86)\Deluge\libgdk_pixbuf-2.0-0.dll
2012-02-08 18:51 - 2012-02-08 18:51 - 000932373 ____C (The GTK developer community) [File not signed] C:\Program Files (x86)\Deluge\libgdk-win32-2.0-0.dll
2012-02-08 18:51 - 2012-02-08 18:51 - 004939820 ____C (The GTK developer community) [File not signed] C:\Program Files (x86)\Deluge\libgtk-win32-2.0-0.dll
2021-06-02 13:08 - 2020-05-23 16:19 - 000002560 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icudt58.dll
2021-06-02 13:08 - 2020-05-23 16:19 - 001252864 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icuuc58.dll
2016-07-15 10:36 - 2016-07-15 10:36 - 001265152 ____C (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Deluge\LIBEAY32.dll
2016-07-15 10:36 - 2016-07-15 10:36 - 000274432 ____C (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Deluge\SSLEAY32.dll
2020-05-23 16:19 - 2020-05-23 16:19 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-05-23 16:19 - 2020-05-23 16:19 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2021-06-02 13:08 - 2020-05-23 16:19 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qgif.dll
2021-06-02 13:08 - 2020-05-23 16:19 - 000032768 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qico.dll
2021-06-02 13:08 - 2020-05-23 16:19 - 000256512 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2021-06-02 13:08 - 2020-05-23 16:19 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtga.dll
2021-06-02 13:08 - 2020-05-23 16:19 - 000305152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2021-06-02 13:08 - 2020-05-23 16:19 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2020-05-23 16:19 - 2020-05-23 16:19 - 000278016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\mediaservice\dsengine.dll
2020-05-23 16:19 - 2020-05-23 16:19 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2021-06-02 13:08 - 2020-05-23 16:19 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2021-06-02 13:08 - 2020-05-23 16:19 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2021-06-02 13:08 - 2020-05-23 16:19 - 000709120 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Multimedia.dll
2021-06-02 13:08 - 2020-05-23 16:19 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2021-06-02 13:08 - 2020-05-23 16:19 - 000207360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Positioning.dll
2021-06-02 13:08 - 2020-05-23 16:19 - 000310272 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5PrintSupport.dll
2021-06-02 13:08 - 2020-05-23 16:19 - 003513344 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Qml.dll
2021-06-02 13:08 - 2020-05-23 16:19 - 003390976 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Quick.dll
2021-06-02 13:08 - 2020-05-23 16:19 - 000068096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5QuickWidgets.dll
2021-06-02 13:08 - 2020-05-23 16:19 - 000045568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5TextToSpeech.dll
2021-06-02 13:08 - 2020-05-23 16:19 - 000116224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebChannel.dll
2021-06-02 13:08 - 2020-05-23 16:19 - 054071296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
2021-06-02 13:08 - 2020-05-23 16:19 - 000211456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineWidgets.dll
2021-06-02 13:08 - 2020-05-23 16:19 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2021-06-02 13:08 - 2020-05-23 16:19 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2021-06-02 13:08 - 2020-05-23 16:19 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:0BBF232A [226]
AlternateDataStreams: C:\ProgramData\TEMP:0F97692F [223]
AlternateDataStreams: C:\ProgramData\TEMP:1A14B3AF [470]
AlternateDataStreams: C:\ProgramData\TEMP:206470A5 [216]
AlternateDataStreams: C:\ProgramData\TEMP:2658F5EB [466]
AlternateDataStreams: C:\ProgramData\TEMP:26D061B8 [458]
AlternateDataStreams: C:\ProgramData\TEMP:2AE74FF9 [237]
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\TEMP:D6EEC2F8 [456]
AlternateDataStreams: C:\ProgramData\TEMP:DBE046F5 [224]
AlternateDataStreams: C:\ProgramData\TEMP:E2E09709 [249]
AlternateDataStreams: C:\ProgramData\TEMP:E925F06D [241]
AlternateDataStreams: C:\Users\Mike\Desktop\ArcSetup.exe:BDU [1]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [468]
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - QT Command Bar - {d2bf470e-ed1c-487f-a666-2bd8835eb6ce} - C:\WINDOWS\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Toolbar: HKLM - QT Command Bar 2 - {d2bf470e-ed1c-487f-a777-2bd8835eb6ce} - C:\WINDOWS\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Toolbar: HKLM - QTTabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - C:\WINDOWS\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Toolbar: HKLM - QT Base Toolbar - {d2bf470e-ed1c-487f-a300-2bd8835eb6ce} - C:\WINDOWS\system32\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Toolbar: HKLM-x32 - QT Command Bar - {d2bf470e-ed1c-487f-a666-2bd8835eb6ce} - C:\Windows\SysWOW64\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Toolbar: HKLM-x32 - QT Command Bar 2 - {d2bf470e-ed1c-487f-a777-2bd8835eb6ce} - C:\Windows\SysWOW64\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Toolbar: HKLM-x32 - QTTabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - C:\Windows\SysWOW64\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Toolbar: HKLM-x32 - QT Base Toolbar - {d2bf470e-ed1c-487f-a300-2bd8835eb6ce} - C:\Windows\SysWOW64\mscoree.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2018-12-24 23:40 - 2021-06-07 04:23 - 000001426 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-3967705999-1235421771-3941837385-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Andrew\Desktop\BG\370807.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: EasyAntiCheat => 3
MSCONFIG\Services: egGetSvc => 2
MSCONFIG\Services: Everything => 2
MSCONFIG\Services: GalaxyClientService => 3
MSCONFIG\Services: GalaxyCommunication => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NovabenchService => 2
MSCONFIG\Services: PlexUpdateService => 2
MSCONFIG\Services: TDDService => 2
HKLM\...\StartupApproved\StartupFolder: => "TurboTop.lnk"
HKLM\...\StartupApproved\StartupFolder: => "BumpTop.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Everything"
HKLM\...\StartupApproved\Run: => "GameSessionsTray"
HKLM\...\StartupApproved\Run: => "EvtMgr6"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run32: => "FxSound Enhancer"
HKLM\...\StartupApproved\Run32: => "Innkeeper"
HKLM\...\StartupApproved\Run32: => "Lightshot"
HKLM\...\StartupApproved\Run32: => "Discord"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\StartupFolder: => "DeskPins.lnk"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\StartupFolder: => "TimeLeft.lnk"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\StartupFolder: => "Facebook Gameroom.lnk"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "com.github.manuel777.mtgatool"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "electron.app.MTG-Arena-Tool"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "Vivaldi Update Notifier"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "Wox"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "Plex Media Server"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_8852ADB0C46FCDD2B960E1004A958824"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "TinyTake by MangoApps"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "SendAnywhere"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "TSMApplication"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "Battle.net"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "Microsoft Edge Update"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "RoboForm"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "Speech Recognition"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "DashlanePlugin"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "SimklTracker"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "ClipClip"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "Rambox"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "Xpadder"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_00B8A9DD3303A4C4BFC15B633CF16EE3"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "Spotify_Lyrics.NET_Helper_UWP"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{863110A4-081B-426D-B3CE-1AD65F03F991}] => (Allow) C:\Users\Mike\68.0.3618.165\opera.exe => No File
FirewallRules: [{A80524AC-82A9-4182-929C-9C15CA9DD9DF}] => (Allow) C:\Program Files\Waterfox Current\waterfox.exe (WATERFOX LIMITED -> Waterfox Ltd)
FirewallRules: [{374807C4-BE71-42E1-B88A-66A3344D4E7C}] => (Allow) C:\Program Files\Waterfox Current\waterfox.exe (WATERFOX LIMITED -> Waterfox Ltd)
FirewallRules: [UDP Query User{6F8AC953-2918-4C5E-BF09-9D7BF0177589}C:\program files\windowsapps\facebook.317180b0bb486_480.5.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_480.5.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [TCP Query User{1738EAC6-AE93-4496-ACAC-0901C46F64EA}C:\program files\windowsapps\facebook.317180b0bb486_480.5.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_480.5.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [UDP Query User{E4AF3E03-67B5-457D-AE9F-690D56FFCC72}C:\users\mike\appdata\roaming\twitch\bin\electron\twitchui.exe] => (Allow) C:\users\mike\appdata\roaming\twitch\bin\electron\twitchui.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
FirewallRules: [TCP Query User{32798FCB-7464-4DA3-94C8-5305824AE4AD}C:\users\mike\appdata\roaming\twitch\bin\electron\twitchui.exe] => (Allow) C:\users\mike\appdata\roaming\twitch\bin\electron\twitchui.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
FirewallRules: [{DE477410-E8D0-4CDD-802E-97D26B702596}] => (Allow) C:\Program Files\WindowsApps\MUSIXMATCH.LYRICS_3.14.4564.0_x86__7gejyv32yt3te\app\Musixmatch.exe (Musixmatch) [File not signed]
FirewallRules: [{F8517C14-78A4-488D-9189-DE2C93E8F9C4}] => (Allow) C:\Program Files\WindowsApps\MUSIXMATCH.LYRICS_3.14.4564.0_x86__7gejyv32yt3te\app\Musixmatch.exe (Musixmatch) [File not signed]
FirewallRules: [{47693E7D-75B6-4E99-9AEC-8CA4EA17558D}] => (Allow) C:\Program Files (x86)\PlayStationNow\unidater.exe (Sony Interactive Entertainment LLC -> Sony Interactive Entertainment)
FirewallRules: [{968FE3E2-9163-4FA1-915F-675471BB2F46}] => (Allow) C:\Users\Mike\AppData\Local\Gaikai\CrashReports\dumpupload.exe (Sony Interactive Entertainment LLC -> )
FirewallRules: [{44EF2975-2397-4198-95EA-296CFBE6DBF0}] => (Allow) C:\Program Files (x86)\PlayStationNow\psnowlauncher.exe (Sony Interactive Entertainment LLC -> Sony Interactive Entertainment Network America LLC)
FirewallRules: [UDP Query User{1ED76201-6CA1-4C24-83C0-5D956A99FBBF}C:\users\mike\68.0.3618.63\opera.exe] => (Allow) C:\users\mike\68.0.3618.63\opera.exe => No File
FirewallRules: [TCP Query User{9F6ACB0A-F05B-4A96-94C5-0BC501556ABF}C:\users\mike\68.0.3618.63\opera.exe] => (Allow) C:\users\mike\68.0.3618.63\opera.exe => No File
FirewallRules: [UDP Query User{D03FC616-5D99-4A41-991D-C2D837B86E9C}C:\users\mike\67.0.3575.137\opera.exe] => (Allow) C:\users\mike\67.0.3575.137\opera.exe => No File
FirewallRules: [TCP Query User{208AFA5B-ED75-4100-9067-34B49589299A}C:\users\mike\67.0.3575.137\opera.exe] => (Allow) C:\users\mike\67.0.3575.137\opera.exe => No File
FirewallRules: [{AFCD287B-4885-4602-A224-31697C789E87}] => (Allow) C:\Users\Mike\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{58919536-D735-4528-939B-4F85721937C0}] => (Allow) C:\Users\Mike\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{94F52B8C-1055-4857-B0F2-CA422F80EDF6}E:\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe] => (Block) E:\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe => No File
FirewallRules: [TCP Query User{8AA45E9B-20D6-4742-89D7-33CEB2A7A48F}E:\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe] => (Block) E:\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe => No File
FirewallRules: [{D08A755E-88F3-4DCF-8B12-5B7E8E91DFC6}] => (Allow) D:\SteamLibrary\steamapps\common\Tomb Raider\TombRaider.exe => No File
FirewallRules: [{389B54D6-9048-44D8-9F83-6EB7CFC02B50}] => (Allow) D:\SteamLibrary\steamapps\common\Tomb Raider\TombRaider.exe => No File
FirewallRules: [UDP Query User{704B7631-6E2C-4294-8C84-265339FEAD50}C:\users\mike\appdata\local\programs\kast-app\kast.exe] => (Allow) C:\users\mike\appdata\local\programs\kast-app\kast.exe (Evasyst, Inc. -> Evasyst, Inc.)
FirewallRules: [TCP Query User{F8E76B09-7679-4DAA-B128-BDDB756781C3}C:\users\mike\appdata\local\programs\kast-app\kast.exe] => (Allow) C:\users\mike\appdata\local\programs\kast-app\kast.exe (Evasyst, Inc. -> Evasyst, Inc.)
FirewallRules: [UDP Query User{E725187F-92E7-467A-85AA-4EFD67B0E0FE}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe () [File not signed]
FirewallRules: [TCP Query User{7E771528-C1A0-4A7C-B5D1-701008E2BAEB}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe () [File not signed]
FirewallRules: [UDP Query User{220A37C3-4BA3-44FB-84ED-52369A5600AA}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe (Deluge Team) [File not signed]
FirewallRules: [TCP Query User{0D2F607B-2692-40B9-A846-04E3391178D5}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe (Deluge Team) [File not signed]
FirewallRules: [UDP Query User{535CA0BF-61BF-4529-A1DE-6585A7C2BE36}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe (Deluge Team) [File not signed]
FirewallRules: [TCP Query User{3AE9C364-9837-47BA-BAAB-7C21AA8D5F8E}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe (Deluge Team) [File not signed]
FirewallRules: [{09004257-1697-440B-9B88-2BE57E9A4BDE}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe => No File
FirewallRules: [{4F997141-51AE-4BC3-AF9D-11FC72C0AE58}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe => No File
FirewallRules: [{5A2A1C4B-4C21-49BA-9EDE-BF78ACCC9A3C}] => (Block) E:\Games\The Elder Scrolls V Skyrim Special Edition\SkyrimSELauncher.exe => No File
FirewallRules: [{23D85576-D409-4D22-912D-F4E177C2401C}] => (Block) E:\Games\The Elder Scrolls V Skyrim Special Edition\SkyrimSE.exe => No File
FirewallRules: [{1E71061D-50BC-4485-8F07-83CE924F8477}] => (Allow) E:\Games\The Elder Scrolls V Skyrim Special Edition\SkyrimSE.exe => No File
FirewallRules: [{13585603-3C5E-4B30-BC63-495720767AF6}] => (Allow) E:\Games\The Elder Scrolls V Skyrim Special Edition\SkyrimSE.exe => No File
FirewallRules: [UDP Query User{C34F3070-0308-4558-AF5A-7CB879B21EF4}C:\users\mike\appdata\local\programs\lnv\stremio-4\node.exe] => (Allow) C:\users\mike\appdata\local\programs\lnv\stremio-4\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [TCP Query User{EEBA5F0A-BE05-44E6-A29C-90817C0E4F50}C:\users\mike\appdata\local\programs\lnv\stremio-4\node.exe] => (Allow) C:\users\mike\appdata\local\programs\lnv\stremio-4\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [UDP Query User{8A79B249-5DA2-451B-83CE-D5FF94E4188A}C:\users\mike\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\mike\appdata\local\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{8A800690-A125-44DA-9261-C25D1FC78B4F}C:\users\mike\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\mike\appdata\local\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{E53B9A68-F6C0-453A-97FD-8573224DF851}] => (Allow) LPort=8732
FirewallRules: [{200E13D1-829E-401C-B4C4-5B45838E5C1F}] => (Allow) LPort=5253
FirewallRules: [{97D5F021-5701-4507-99FD-38EF5E367A97}] => (Allow) C:\Program Files\Tangentix\Runtime\x86\GSLauncher.exe (Tangentix Ltd -> Tangentix Ltd)
FirewallRules: [{EF457E86-B10A-41C2-8667-35A9BAF12051}] => (Allow) C:\Program Files\Tangentix\Runtime\x64\GSLauncher.exe (Tangentix Ltd -> Tangentix Ltd)
FirewallRules: [{A46EDAF1-36D8-43EC-8727-B87CDF2A70A7}] => (Allow) F:\SteamLibrary\steamapps\common\3DMark\bin\x64\3DMark.exe => No File
FirewallRules: [{2D5B7230-6705-436D-A65C-49F6C21BEC8F}] => (Allow) F:\SteamLibrary\steamapps\common\3DMark\bin\x64\3DMark.exe => No File
FirewallRules: [{50CE2FEE-F79D-4D2E-BB6B-CD0131241C71}] => (Allow) F:\SteamLibrary\steamapps\common\3DMark\bin\x86\3DMark.exe => No File
FirewallRules: [{BD0F2AFA-F32D-4C59-AA79-369C7192F23C}] => (Allow) F:\SteamLibrary\steamapps\common\3DMark\bin\x86\3DMark.exe => No File
FirewallRules: [{924B613D-6D14-4F8F-8574-D31435E6A500}] => (Allow) F:\SteamLibrary\steamapps\common\PCMark 8\bin\PCMark8.exe => No File
FirewallRules: [{DCD1305A-8301-40E6-B2B1-36FBDBD28FC5}] => (Allow) F:\SteamLibrary\steamapps\common\PCMark 8\bin\PCMark8.exe => No File
FirewallRules: [{AF7AA394-9876-4068-8DD4-4891B0CB8E97}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CAA35CAD-7864-4B09-BE1F-4B9A9FE28DE7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{A301BC75-4F07-46F1-9C56-506BC8F4611F}F:\utomik\content\apps\borderlands\app\binaries\borderlands.exe] => (Allow) F:\utomik\content\apps\borderlands\app\binaries\borderlands.exe => No File
FirewallRules: [TCP Query User{405AE63B-C835-47CB-9D6E-5AF6C940A0F7}F:\utomik\content\apps\borderlands\app\binaries\borderlands.exe] => (Allow) F:\utomik\content\apps\borderlands\app\binaries\borderlands.exe => No File
FirewallRules: [UDP Query User{5D98C4FC-C1BB-490E-A8CA-93AD4F1C3F0F}F:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) F:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [TCP Query User{42847C32-377B-43AD-8395-3722F18EA12D}F:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) F:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{3DD358AB-F4AA-478F-B110-516939A26E10}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{926ADF4E-8AC3-46DD-9992-3E3D837F68BB}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{B421D1C5-3005-4306-86CE-73C791B35613}F:\games\subnautica\subnautica.exe] => (Allow) F:\games\subnautica\subnautica.exe => No File
FirewallRules: [TCP Query User{567F475B-9BD9-4204-AE5D-759B53DF910B}F:\games\subnautica\subnautica.exe] => (Allow) F:\games\subnautica\subnautica.exe => No File
FirewallRules: [UDP Query User{46688F78-96D7-46F3-95CD-3A86D2B79D70}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{38443865-5340-4382-A36C-D17322B12C1B}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{7642AABA-4BB3-4B8C-85E1-F384F7CF8A5D}C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [TCP Query User{0B378060-2258-4F7B-8E52-43C92FE201BE}C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [UDP Query User{51C1EF58-D01A-41AF-B4CB-F127D41021FE}C:\program files (x86)\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files (x86)\wizards of the coast\mtga\mtga.exe => No File
FirewallRules: [TCP Query User{D529E2B3-B4FC-4228-AFBB-2F96C9726EC4}C:\program files (x86)\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files (x86)\wizards of the coast\mtga\mtga.exe => No File
FirewallRules: [UDP Query User{1C8984E7-8EA0-476D-8B59-66E2A354572D}F:\battlefield 1942\bf1942.exe] => (Block) F:\battlefield 1942\bf1942.exe => No File
FirewallRules: [TCP Query User{77450507-9A9B-4971-95AD-A89A252B56A1}F:\battlefield 1942\bf1942.exe] => (Block) F:\battlefield 1942\bf1942.exe => No File
FirewallRules: [{7F3850AB-1CB7-42A5-A702-9E38703A8A4C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe => No File
FirewallRules: [{0C604519-2A25-4C8D-B26A-19529DA63E8B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe => No File
FirewallRules: [{2678278D-D256-418A-B57D-DD2D9E6062F2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe => No File
FirewallRules: [{80BC496D-C6BF-49E6-B2D7-5AEFCECE3CB6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe => No File
FirewallRules: [TCP Query User{69030DC0-3842-4B9B-AD16-A1EEBC1F9954}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{A7EE1F16-29C0-4969-8FAF-9DCC2977DBE4}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{7F43EB75-795D-462E-A697-1702ECD60610}E:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) E:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{788413EE-4FEB-4B25-98FE-AE797F5F1309}E:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) E:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [{2AABDBF2-1F3A-4ADC-A712-93E3D1DD0A7E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1DCB020E-1AA7-43E9-97B7-426097B28526}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{CEAFD356-0A27-4969-A688-319525C7C1C3}C:\users\mike\appdata\local\programs\rambox\rambox.exe] => (Allow) C:\users\mike\appdata\local\programs\rambox\rambox.exe (Rambox LLC -> Rambox LLC)
FirewallRules: [UDP Query User{BF51CAB6-1F52-4631-87D1-A1F15503DDCA}C:\users\mike\appdata\local\programs\rambox\rambox.exe] => (Allow) C:\users\mike\appdata\local\programs\rambox\rambox.exe (Rambox LLC -> Rambox LLC)
FirewallRules: [{CC45A5EA-6339-4FA5-8D91-6817D4E9923D}] => (Allow) C:\Program Files\OpenShot Video Editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [TCP Query User{DE0F12CB-8EAD-4DA3-8A90-89CF529DD1C8}E:\thealtocollection\the alto collection.exe] => (Allow) E:\thealtocollection\the alto collection.exe => No File
FirewallRules: [UDP Query User{A893563C-F3F9-4945-A57B-7E189C9D7994}E:\thealtocollection\the alto collection.exe] => (Allow) E:\thealtocollection\the alto collection.exe => No File
FirewallRules: [{2C302CDD-6E36-44B8-ACF2-9CB6EEDA835D}] => (Allow) LPort=8989
FirewallRules: [TCP Query User{3A881809-41D4-4FE5-9B33-E9717713F3E7}C:\users\mike\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe] => (Allow) C:\users\mike\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{5FB1F595-C75F-4D8D-B2DB-E66AB4D365E0}C:\users\mike\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe] => (Allow) C:\users\mike\appdata\local\nvidia corporation\geforcenow\cef\geforcenowstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8CB8472D-B555-40FC-A15D-5D4592E908C0}] => (Allow) D:\Program Files\Nox\bin\Nox.exe => No File
FirewallRules: [{3A04051E-D052-43EA-BE7B-3EA06508CEED}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe (Nox Limited -> Nox Limited Corporation)
FirewallRules: [TCP Query User{84065FC7-C4C5-4B80-A86B-F003F55A2CAE}C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [UDP Query User{9FFE7952-44C6-4169-8F24-12A5BA9F6309}C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [TCP Query User{2D3CC949-D121-4519-B333-46E0FADF6984}E:\star trek online\live\x64\gameclient.exe] => (Allow) E:\star trek online\live\x64\gameclient.exe => No File
FirewallRules: [UDP Query User{B918D86B-D239-4C7A-A41D-BD4A0478A216}E:\star trek online\live\x64\gameclient.exe] => (Allow) E:\star trek online\live\x64\gameclient.exe => No File
FirewallRules: [TCP Query User{74979138-004F-43B0-810B-5CC16DBB7647}C:\program files\windowsapps\facebook.317180b0bb486_750.4.124.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_750.4.124.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [UDP Query User{F8E77CE7-C976-49DE-BBB2-096940200CE7}C:\program files\windowsapps\facebook.317180b0bb486_750.4.124.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_750.4.124.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [{A5A5ECC3-BE5B-46BD-A53E-96FDB460A292}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{F6F8660D-6711-40DE-B95D-B7A4E960FC27}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{6882C443-769A-4F7A-BC9C-8D6A0849920C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8A1B20A0-C19F-4C28-9694-28624B984F5E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0A758EC8-9F5F-4C5F-A20F-0262848ABE1D}] => (Allow) C:\PROGRA~2\REALTEK\USBWIR~2\RtWlan.exe => No File
FirewallRules: [{6F3FBDBA-3724-4D08-B617-74E7D3DC57CD}] => (Allow) LPort=1542
FirewallRules: [{B630FBA5-E991-44C9-809A-C4C4FB31FCE5}] => (Allow) LPort=1542
FirewallRules: [{7639EA57-C421-42DD-934F-711BC88774B0}] => (Allow) LPort=53
FirewallRules: [{A410283C-7A45-4117-B06D-CBE780FCE4C8}] => (Allow) C:\PROGRA~2\REALTEK\USBWIR~2\Rtldhcp.exe => No File
FirewallRules: [{E732B381-E292-4505-9A0A-6AFCB0B0763E}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{9C3878F1-04FA-4E0A-A841-5FD35181680D}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{0FC0D8ED-4F38-455C-AF97-53A439B6FAEE}] => (Allow) LPort=53
FirewallRules: [{A1BE8D97-34BA-4D72-85A3-4AF11276F756}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{E11ED885-86E6-439D-A140-92E64D86E8EC}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{92A166EB-59E7-4362-8439-34FE0AEDA8FD}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{29AD4F93-C17C-441A-8781-28D34601EE76}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{29A6B32A-27C0-4565-8125-176EB0A6F5A4}] => (Allow) C:\Program Files\Waterfox\waterfox.exe (WATERFOX LIMITED -> Waterfox Ltd)
FirewallRules: [{6DB06775-1F08-405B-AEBC-A05794D66FE6}] => (Allow) C:\Program Files\Waterfox\waterfox.exe (WATERFOX LIMITED -> Waterfox Ltd)
FirewallRules: [{FC2C6EC3-B502-4202-9D00-0C679AC086D9}] => (Allow) E:\Steam Games\steamapps\common\GarrysMod\hl2.exe => No File
FirewallRules: [{9E4445B8-709D-4E2B-85BC-743BD926FF01}] => (Allow) E:\Steam Games\steamapps\common\GarrysMod\hl2.exe => No File
FirewallRules: [{90585FD0-9227-4B16-9FF2-1DC533721ED4}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CC04C363-CF62-4A4E-8A9C-BDEB146D7B03}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{58152642-95CE-4588-A951-3A445F90C8CA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{FCFFA313-3CD4-4495-AD1B-89DBED8A336B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{75B0F144-6535-4A0C-9849-0C25F516F926}F:\steamlibrary\steamapps\common\phantasystaronline2_na_steam\pso2_bin\pso2.exe] => (Allow) F:\steamlibrary\steamapps\common\phantasystaronline2_na_steam\pso2_bin\pso2.exe (SEGA Games Co., Ltd. -> )
FirewallRules: [UDP Query User{2D8E7A46-8C12-4B4D-883F-01D591B3758E}F:\steamlibrary\steamapps\common\phantasystaronline2_na_steam\pso2_bin\pso2.exe] => (Allow) F:\steamlibrary\steamapps\common\phantasystaronline2_na_steam\pso2_bin\pso2.exe (SEGA Games Co., Ltd. -> )
FirewallRules: [TCP Query User{5425CD43-473E-4666-8C1B-39661078D271}C:\program files\windowsapps\facebook.317180b0bb486_860.5.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_860.5.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [UDP Query User{FF001663-2D57-43F4-90C2-51D16117DB06}C:\program files\windowsapps\facebook.317180b0bb486_860.5.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_860.5.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [{133A13F8-A316-4452-B614-3BE049EA5B5D}] => (Allow) C:\Users\Mike\AppData\Local\Torch\Application\torch.exe (Torch Media Inc.) [File not signed]
FirewallRules: [{23469E42-09C0-4A3A-9AF6-DC23A127E760}] => (Allow) C:\Users\Mike\AppData\Local\Torch\Plugins\Hola\hola_plugin_x64.exe => No File
FirewallRules: [{9A106488-1777-493B-8786-E9AC871F137F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8283690E-50E2-46F9-8605-D4D87BD40D3E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7BCCC462-A23D-4680-A5D0-186CB4BF6640}] => (Allow) C:\Program Files\Waterfox Classic\waterfox.exe (WATERFOX LIMITED -> Waterfox)
FirewallRules: [{45AB4A9E-CAD7-431A-AA33-7248C6ECCA45}] => (Allow) C:\Program Files\Waterfox Classic\waterfox.exe (WATERFOX LIMITED -> Waterfox)
FirewallRules: [{7E21B02A-736B-4C1C-A3A4-E0D7503EE87F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5058BBE4-B931-4C1E-B4DA-5D7FE6A8D544}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D4D35DDD-DD63-4131-AD51-9AF7D7B3EEB0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3D6EAB69-A5F7-4558-9BA6-3CC728DD12D5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{19E07FF0-723D-46A3-8156-9009C185C4DE}] => (Allow) C:\Users\Mike\AppData\Local\Vivaldi\Application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS)
FirewallRules: [TCP Query User{48922543-945E-4832-9EC1-6BF0A47A4EC4}C:\users\mike\appdata\local\programs\kast-app\kast.exe] => (Allow) C:\users\mike\appdata\local\programs\kast-app\kast.exe (Evasyst, Inc. -> Evasyst, Inc.)
FirewallRules: [UDP Query User{497E7339-CCF8-47FB-BF15-31727F22BB5E}C:\users\mike\appdata\local\programs\kast-app\kast.exe] => (Allow) C:\users\mike\appdata\local\programs\kast-app\kast.exe (Evasyst, Inc. -> Evasyst, Inc.)
FirewallRules: [TCP Query User{4C107BA7-08F3-4032-B7A3-C213B25CF53E}F:\steamlibrary\steamapps\common\phantasystaronline2_na_steam\pso2_bin\pso2.exe] => (Allow) F:\steamlibrary\steamapps\common\phantasystaronline2_na_steam\pso2_bin\pso2.exe (SEGA Games Co., Ltd. -> )
FirewallRules: [UDP Query User{EFAC11EF-66E8-4536-A751-B5BA6721ED37}F:\steamlibrary\steamapps\common\phantasystaronline2_na_steam\pso2_bin\pso2.exe] => (Allow) F:\steamlibrary\steamapps\common\phantasystaronline2_na_steam\pso2_bin\pso2.exe (SEGA Games Co., Ltd. -> )
FirewallRules: [{E459E0C8-ECEC-4305-9DE7-6F46E52D156E}] => (Allow) C:\WINDOWS\system32\config\systemprofile\AppData\Local\Vivaldi\Application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS)
FirewallRules: [{CBF25BC5-A8B3-4B59-B33E-0BE0C3A19785}] => (Allow) F:\SteamLibrary\steamapps\common\PHANTASYSTARONLINE2_NA_STEAM\pso2_bin\pso2launcher.exe (SEGA Games Co., Ltd. -> SEGA)
FirewallRules: [{B2BD50CC-5B70-4A4A-BC1D-21FFB00BF42D}] => (Allow) F:\SteamLibrary\steamapps\common\PHANTASYSTARONLINE2_NA_STEAM\pso2_bin\pso2launcher.exe (SEGA Games Co., Ltd. -> SEGA)
FirewallRules: [{D41D2815-5894-4B70-B757-AA195FC271CF}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{2E1E3183-699B-48B0-B2A7-BBBC7727B053}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{2560DC8F-E543-47A4-9C20-E48A9019F543}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\KINGDOM HEARTS Birth by Sleep FINAL MIX.exe (SQUARE ENIX CO., LTD. -> Square Enix)
FirewallRules: [{E6B91959-C2AA-4AC5-8646-243D62785631}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\KINGDOM HEARTS Birth by Sleep FINAL MIX.exe (SQUARE ENIX CO., LTD. -> Square Enix)
FirewallRules: [{3DE72608-0D43-4116-90AF-0F095F8B9CFC}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\KINGDOM HEARTS FINAL MIX.exe (SQUARE ENIX CO., LTD. -> Square Enix)
FirewallRules: [{6B3A7C08-645C-4162-9667-EA1F55FC783E}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\KINGDOM HEARTS FINAL MIX.exe (SQUARE ENIX CO., LTD. -> Square Enix)
FirewallRules: [{B23EB531-22B1-4B4F-8AEB-920840A0503A}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\KINGDOM HEARTS HD 1.5+2.5 Launcher.exe (SQUARE ENIX CO., LTD. -> Square Enix)
FirewallRules: [{8399B654-3B7B-446E-B42F-49D4A386FD80}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\KINGDOM HEARTS HD 1.5+2.5 Launcher.exe (SQUARE ENIX CO., LTD. -> Square Enix)
FirewallRules: [{CD69F8CB-CB2E-4F4D-ACD8-732C82CEF163}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\KINGDOM HEARTS HD 1.5+2.5 ReMIX.exe (SQUARE ENIX CO., LTD. -> Square Enix)
FirewallRules: [{74ABFCA3-3B5D-4EC6-8323-0ACAA3B88DAC}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\KINGDOM HEARTS HD 1.5+2.5 ReMIX.exe (SQUARE ENIX CO., LTD. -> Square Enix)
FirewallRules: [{004CC956-44EA-4AF0-9795-8851CC1CCBBB}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\KINGDOM HEARTS II FINAL MIX.exe (SQUARE ENIX CO., LTD. -> Square Enix)
FirewallRules: [{BF8AFE92-B8B6-478D-A1FE-07533B730296}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\KINGDOM HEARTS II FINAL MIX.exe (SQUARE ENIX CO., LTD. -> Square Enix)
FirewallRules: [{A132E8C1-7AC8-480C-8F01-AB0CFE747E2A}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\KINGDOM HEARTS Re_Chain of Memories.exe (SQUARE ENIX CO., LTD. -> Square Enix)
FirewallRules: [{1C6F08D0-21CB-4F19-8540-E09C5BA9C742}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\KINGDOM HEARTS Re_Chain of Memories.exe (SQUARE ENIX CO., LTD. -> Square Enix)
FirewallRules: [{6A9E3D66-DA35-42AD-A889-F9656CB5F89F}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\KINGDOM HEARTS Theater.exe (SQUARE ENIX CO., LTD. -> Square Enix)
FirewallRules: [{9B2802B5-3E9E-4871-BB56-E616CDA687B7}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\KINGDOM HEARTS Theater.exe (SQUARE ENIX CO., LTD. -> Square Enix)
FirewallRules: [{E0A786C6-26DE-4C98-8975-03CDD485279C}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\WaitTitleProject.exe (SQUARE ENIX CO., LTD. -> Square Enix)
FirewallRules: [{08411535-2E3D-4021-8ED7-0E50B0E7D9B7}] => (Allow) D:\Games\Kingdom Hearts HD 1 5 and 2 5 ReMIX\WaitTitleProject.exe (SQUARE ENIX CO., LTD. -> Square Enix)
FirewallRules: [TCP Query User{35028664-64A1-4FA6-8942-69F89411D595}D:\games\kirby - the complete collection\3ds\emu\citra-qt.exe] => (Allow) D:\games\kirby - the complete collection\3ds\emu\citra-qt.exe () [File not signed]
FirewallRules: [UDP Query User{9EBBD208-BF4D-4F51-B037-0AA5E8C6F797}D:\games\kirby - the complete collection\3ds\emu\citra-qt.exe] => (Allow) D:\games\kirby - the complete collection\3ds\emu\citra-qt.exe () [File not signed]
FirewallRules: [{D245EE34-26A1-4243-8D1D-593C5C0CC203}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{F6AC02FD-CCEE-4691-91A1-A0D4F5A6C40A}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc. -> Python Software Foundation)
FirewallRules: [{78306E8E-DD46-44EE-82D6-1FCC1594CA2E}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc. -> Plex, Inc.)
FirewallRules: [{73F00038-045D-4FEB-B6A4-2748882B0A1C}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc. -> )
FirewallRules: [{D8E5F915-B246-46DA-B67D-B178ED44BE1B}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Game Transcoder\Plex Game Transcoder.exe (Plex, Inc. -> )
FirewallRules: [{C6A2C6EA-9D18-476A-8779-9BF71BB19167}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1B15FDC0-C837-4EF5-9A8B-E014A463D72C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AF86BA06-2A44-4A6A-8C60-8BDB95E0F658}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{92B74036-DEA7-4F52-ABFB-68D55D91BB79}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{92BEDB10-CC61-4F63-B31E-F952155818DE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7393FC0B-9D1C-49FA-B5AA-10B3EB296637}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1E5C47A5-1A81-498F-907C-F6B22C1D2250}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6723D469-1BC0-4775-95B0-BAC7170C93AC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EF8F111E-6862-485D-9A7C-8D6A7A4846DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DB653CAA-B751-4F19-8B1B-71BD8B6FBA3F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7A98ABA7-2359-4737-93E5-AA66B061ABED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{88720180-DE6F-42A9-9B96-209A3E635F63}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BEE7BE49-7D44-4552-9C50-A872D6796F71}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\91.0.4472.10\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [{0564A863-B9FF-4856-B75E-12217A16DFFF}] => (Allow) LPort=7359
FirewallRules: [{16DDC05D-9748-44A8-BBD4-BB81EF71B1BF}] => (Allow) LPort=8096
FirewallRules: [{91FC276D-625A-461B-815A-89EA6566C802}] => (Allow) LPort=8920
FirewallRules: [{E8F0BF08-44AA-47A3-B391-CB34E4906D60}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{796781EF-19C0-4968-8DAE-6893FCAAA7B2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AD102EFE-6880-4B68-BAD4-FE8E4E9504F3}] => (Allow) C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_8.5.0.0_x86__kc6t79cpj4tp0\Amazon Music Helper.exe (Amazon.com Services LLC) [File not signed]
FirewallRules: [{EE245116-CE0F-486B-9247-BA49C2A8CDA1}] => (Allow) C:\Program Files\WindowsApps\AmazonMobileLLC.AmazonMusic_8.5.0.0_x86__kc6t79cpj4tp0\Amazon Music Helper.exe (Amazon.com Services LLC) [File not signed]
FirewallRules: [{1DADB1A6-586C-46BF-B954-D563C0923DDB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{27298DD4-E80C-4438-A3E9-A47093156C76}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5D795BBC-D401-462E-A21F-F0BC8A66FA93}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{52833D71-94E9-4CC4-8588-948CACA63EFD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{90B875DB-7AF5-4360-9FD9-94C16C3DE8A8}] => (Allow) C:\Users\Mike\76.0.4017.154\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{B73EF11C-1CEA-4E0E-B2D9-C90EC8C1A355}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CDED0AF4-94EC-4333-94B8-D51A2EF4299C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9CD91045-57A8-44BD-BB07-51FA200BCDB5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{02A6D1C4-24A3-4ACA-9A46-7CF6CB2C8BB7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B25E36E6-3610-461A-857E-018BBFD1DC8C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7FFD464E-916E-4094-9F52-9C9598BB132F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{232050F6-54E5-493D-A64F-C5E0223026B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D784ED90-1ED7-4E84-B9C3-DBCA26238CA0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.160.672.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3AB715A2-E708-46DE-98E4-CCDADC4FEC65}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [{94F0C948-AD6F-4CD3-B12C-C7FDCF821868}] => (Allow) C:\Users\Mike\76.0.4017.177\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{2CCED138-2CE6-4900-8CC0-6B9BFFF0B60D}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{CD772043-FDD3-49A1-92AE-11A7033A70BE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{DA85F303-D29A-472D-A74B-56B700FF7EE1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B827CE9F-7B0A-491E-8B22-7670DAF28B65}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{61C4A05B-E28D-4AFD-AA06-B81D6D8F4244}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1FA9D706-5F79-4065-843F-1DCDDACED60D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\91.0.864.41\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6DF139B1-5C27-46B3-B418-8CB84695F7D7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EE182ACF-89BA-4DE6-B723-29D08B4FC8C0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0B007CDD-B36D-4C20-8B3D-297D6085372C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{57F73778-DE76-4305-BC4E-7FA8E91C3068}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F8ED3EFD-78AF-4F21-ADAA-93D2C99F547E}] => (Allow) C:\Program Files (x86)\Microsoft\Edge Beta\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4AA5BD50-8980-4BDE-9E26-DD5EE364F19B}] => (Allow) C:\Program Files (x86)\Microsoft\Edge Beta\Application\92.0.902.9\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{60F13E7A-BCC0-4612-9752-D965146FC5A4}] => (Allow) C:\Program Files\Vivaldi\Application\vivaldi.exe (Vivaldi Technologies AS -> Vivaldi Technologies AS)
FirewallRules: [{28300E35-B01E-44ED-93C2-D5300F72B76E}] => (Allow) C:\Program Files (x86)\Microsoft\Edge Dev\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9BE5B056-21E0-4437-8AEF-005C44FFEC2E}] => (Allow) C:\Program Files (x86)\Microsoft\Edge Dev\Application\93.0.910.5\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled (Total:110.72 GB) (Free:11.8 GB) (11%)
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (06/09/2021 04:19:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 19.5.2021.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 2af0
 
Start Time: 01d75d6c7a4360ea
 
Termination Time: 4294967295
 
Application Path: C:\Users\Mike\Desktop\FRST-OlderVersion\FRST64.exe
 
Report Id: 6ec89f08-e90b-42d8-a323-bc9b92b7bb10
 
Faulting package full name: 
 
Faulting package-relative application ID: 
 
Hang type: Top level window is idle
 
Error: (06/09/2021 04:19:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 19.5.2021.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 4f38
 
Start Time: 01d75d6c932de934
 
Termination Time: 4294967295
 
Application Path: C:\Users\Mike\Desktop\FRST-OlderVersion\FRST64.exe
 
Report Id: b73716a3-e3d8-4c5b-8c34-cfd674abcafa
 
Faulting package full name: 
 
Faulting package-relative application ID: 
 
Hang type: Top level window is idle
 
Error: (06/09/2021 04:19:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.19041.546, time stamp: 0x5aa8e03c
Faulting module name: ntdll.dll, version: 10.0.19041.1023, time stamp: 0xf739c3a5
Exception code: 0xc0000374
Fault offset: 0x000e6bb3
Faulting process id: 0x4870
Faulting application start time: 0x01d75d6cafc34e48
Faulting application path: C:\WINDOWS\SysWOW64\backgroundTaskHost.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: e905fc99-081b-499b-865f-e04c5358f3c8
Faulting package full name: FINGERSOFT.HILLCLIMBRACING_1.41.1.0_x86__r6rtpscs7gwyg
Faulting package-relative application ID: App
 
Error: (06/09/2021 04:19:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: myTube.exe, version: 1.0.0.0, time stamp: 0x5fe2e461
Faulting module name: KERNELBASE.dll, version: 10.0.19041.1023, time stamp: 0x924f9cdb
Exception code: 0xc000027b
Fault offset: 0x000000000010b39c
Faulting process id: 0x5e9c
Faulting application start time: 0x01d75d6cafbb326b
Faulting application path: C:\Program Files\WindowsApps\59750RYKENAPPS.435307C335C44_4.0.2.0_x64__zd92nzxdcatqw\myTube.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: c2501922-a1cb-4164-9acc-b67e4753038d
Faulting package full name: 59750RYKENAPPS.435307C335C44_4.0.2.0_x64__zd92nzxdcatqw
Faulting package-relative application ID: App
 
Error: (06/09/2021 04:19:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.19041.546, time stamp: 0x5aa8e03c
Faulting module name: biwinrt.dll, version: 10.0.19041.746, time stamp: 0xa06efcf6
Exception code: 0xc000027b
Fault offset: 0x0001d29b
Faulting process id: 0x4870
Faulting application start time: 0x01d75d6cafc34e48
Faulting application path: C:\WINDOWS\SysWOW64\backgroundTaskHost.exe
Faulting module path: C:\Windows\System32\biwinrt.dll
Report Id: 34f4c54b-0a86-4dce-8e93-f36f990b9ce9
Faulting package full name: FINGERSOFT.HILLCLIMBRACING_1.41.1.0_x86__r6rtpscs7gwyg
Faulting package-relative application ID: App
 
Error: (06/09/2021 04:06:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: myTube.exe, version: 1.0.0.0, time stamp: 0x5fe2d851
Faulting module name: KERNELBASE.dll, version: 10.0.19041.1023, time stamp: 0x924f9cdb
Exception code: 0xc000027b
Fault offset: 0x000000000010b39c
Faulting process id: 0x4aa0
Faulting application start time: 0x01d75d6ade44873f
Faulting application path: C:\Program Files\WindowsApps\59750RykenApps.myTubeBeta_4.0.2.0_x64__zd92nzxdcatqw\myTube.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 6f6a37fc-8279-40a7-9629-5a4d509aa621
Faulting package full name: 59750RykenApps.myTubeBeta_4.0.2.0_x64__zd92nzxdcatqw
Faulting package-relative application ID: App
 
Error: (06/09/2021 04:06:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Medtracker.exe, version: 1.0.0.0, time stamp: 0x5b6a3406
Faulting module name: KERNELBASE.dll, version: 10.0.19041.1023, time stamp: 0x924f9cdb
Exception code: 0xc000027b
Fault offset: 0x000000000010b39c
Faulting process id: 0xf8
Faulting application start time: 0x01d75d5e2e559bd7
Faulting application path: C:\Program Files\WindowsApps\53488kidjenius.MedicationTracker_1.8.6.0_x64__fjxwr71spe664\Medtracker.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 3fb757a0-28f6-4ff3-904d-0ae84f6927ab
Faulting package full name: 53488kidjenius.MedicationTracker_1.8.6.0_x64__fjxwr71spe664
Faulting package-relative application ID: App
 
Error: (06/09/2021 03:58:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.19041.546, time stamp: 0x5aa8e03c
Faulting module name: ntdll.dll, version: 10.0.19041.1023, time stamp: 0xf739c3a5
Exception code: 0xc0000374
Fault offset: 0x000e6bb3
Faulting process id: 0x3a84
Faulting application start time: 0x01d75d69d140789e
Faulting application path: C:\WINDOWS\SysWOW64\backgroundTaskHost.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: a588f8dd-2517-46c6-bed6-6a3526d7e9ff
Faulting package full name: FINGERSOFT.HILLCLIMBRACING_1.41.1.0_x86__r6rtpscs7gwyg
Faulting package-relative application ID: App
 
 
System errors:
=============
Error: (06/09/2021 10:39:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (06/09/2021 10:39:55 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
 
Error: (06/06/2021 11:15:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMChameleon service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (06/06/2021 11:12:18 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for DeleteFlag with the following error: 
The maximum number of secrets that may be stored in a single system has been exceeded.
 
Error: (06/06/2021 11:12:17 PM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error:
"2147942405"
Happened while starting this command:
C:\WINDOWS\system32\wbem\wmiprvse.exe -secured -Embedding
 
Error: (06/06/2021 11:12:17 PM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error:
"2147942405"
Happened while starting this command:
C:\WINDOWS\system32\wbem\wmiprvse.exe -secured -Embedding
 
Error: (06/06/2021 11:12:17 PM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error:
"2147942405"
Happened while starting this command:
C:\WINDOWS\system32\wbem\wmiprvse.exe -secured -Embedding
 
Error: (06/06/2021 11:12:17 PM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error:
"2147942405"
Happened while starting this command:
C:\WINDOWS\system32\wbem\wmiprvse.exe -secured -Embedding
 
 
Windows Defender:
================
Date: 2021-06-06 05:56:15
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-06-05 00:12:32
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-06-03 18:31:26
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-06-03 05:12:38
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-06-03 05:08:06
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2021-06-04 03:44:08
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.341.8.0
Previous security intelligence Version: 1.339.1937.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 
 
Date: 2021-06-04 03:44:08
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.341.8.0
Previous security intelligence Version: 1.339.1937.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 
 
Date: 2021-06-04 03:44:08
Description: 
Microsoft Defender Antivirus has encountered an error trying to update the engine.
New Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error Code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 
 
Date: 2021-06-03 22:10:09
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.341.8.0
Previous security intelligence Version: 1.339.1937.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 
 
Date: 2021-06-03 22:10:09
Description: 
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.341.8.0
Previous security intelligence Version: 1.339.1937.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 
 
CodeIntegrity:
===============
Date: 2021-06-09 15:12:05
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
 
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. 1903 07/11/2013
Motherboard: ASUSTeK COMPUTER INC. M5A97 R2.0
Processor: AMD FX™-8320 Eight-Core Processor 
Percentage of memory in use: 78%
Total physical RAM: 11177.45 MB
Available physical RAM: 2417.9 MB
Total Virtual: 31657.45 MB
Available Virtual: 18967.75 MB
 
==================== Drives ================================
 
Drive c: (Howard The Duck) (Fixed) (Total:110.72 GB) (Free:11.8 GB) NTFS
Drive d: (Large Boi) (Fixed) (Total:3726.01 GB) (Free:1957.72 GB) NTFS
Drive f: (Small Boi) (Fixed) (Total:1863 GB) (Free:1537.17 GB) NTFS
Drive g: (Howard The Duck) (RAMDisk) (Total:110.72 GB) (Free:12.58 GB) NTFS
 
\\?\Volume{2713d272-8d1e-4b8b-ab61-cc39eeb6d7ea}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.13 GB) NTFS
\\?\Volume{0ba0bc9d-6992-4616-972b-0917273fb952}\ () (Fixed) (Total:0.47 GB) (Free:0.04 GB) NTFS
\\?\Volume{f4fce790-47e8-4d49-9c91-381282c7fcd6}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 48F7ACEF)
 
Partition: GPT.
 
==========================================================
Disk: 1 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==========================================================
Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

  • 0

#4
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,240 posts

Hi, Maleboe.

I can't remember if I have ever seen so many things in a computer!  :blink: 

 

So many programs (I wonder if you use them all), so many extensions... 

 

I'm currently reviewing your logs.

 

Meanwhile...


Please, adhere to the guidelines below, and then carefully follow, with the same order, all the instructions after:

1. Always ask before acting. Do not continue if you are not sure, or if something unexpected happens!

2. Do not run any tools unless instructed to do so. Also, do not uninstall or install any software during the procedure, unless I ask you to do so.

3. If your computer seems to start working normally, don't abandon the topic. Even if your system is behaving normally, there may still be some malware remnants left over. Additionally, malware can re-infect the computer if some remnants are left. Therefore, please complete all requested steps to make sure any malware is successfully eradicated from your PC.

4. You have to reply to my posts within 3 days. If you need some additional time, just let me know. Otherwise, I will leave the topic due to lack of feedback. If you are able, I would request you to check this thread at least once per day so that we can resolve your issues effectively and efficiently.

5. Logs from malware diagnostic or removal programs can take some time to get analyzed. Also, have in mind that all the experts here are volunteers and may not be available to assist when you post. Please, be patient, while I analyze your logs.
 


  • 0

#5
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,240 posts

Hi, Josh.
 
Let's start work.
 
 
1. P2P programs

You have Deluge installed in your computer. This is a P2P program. P2P programs form a direct conduit on to a computer. They have always been a target of malware writers and are increasingly so of late. P2P security measures are easily circumvented and if your P2P program is not configured correctly, you may be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to the file sharing network by a badly configured program. If you don't uninstall it, your computer will probably get infected again, as soon as you use it again. But it is your computer and of course your decision. 

  • If you decide to keep it, DON'T use it during the cleaning procedure.
  • If you decide to uninstall it, uninstall it along with the unwanted programs in Step 3 below.

 

2. Completely Uninstall Bitdefender

  • Open Revo Uninstaller you have already installed.
  • Write in the search area, on the top left, the following program:
Bitdefender
  • Choose the Uninstall tab from the menu and let the program to create a Restore point.
  • Choose Scan, and then the Advanced mode scan.
  • Select all the Sophos Anti-Virus items found, Delete and Next.
  • Let the procedure be completed and click on Finish.
  • Restart the computer.

 

3. Uninstall unnecessary programs
 
3.1. Drivers updaters 
 
We do not recommend the use of third party programs to update drivers. Sometimes these programs may harm your computer instead of doing any good. So, please consider to uninstall the following programs: 
 
Driver Easy 5.6.15
KC Softwares DUMo 
KC Softwares SUMo
 
3.2. Uninstallers
 
Keep Revo and uninstall the following:
 
Eraser 6.2.0.2992
BCUninstaller 
Wise Program Uninstaller 2.5.1 
 
3.3. Do you really need these?
 
The first three are suppose to do similar jobs. The next two may be used as tools to steal others websites. The last two are remote access programs and unless you need them, it is recommended to uninstall them.
 
IObit Unlocker 
SmartClose 1.3
Unlocker 
WinHTTrack Website Copier 3.49-2 (x64) 
Getleft v1.2 
Chrome Remote Desktop Host
TeamViewer 
 
 
To uninstall any of the above programs, as well as any other program not needed/used, please do the following:

  • Press the Windows Key + R.
  • Type appwiz.cpl in the Run box and click OK.
  • The Add/Remove Programs list will open. Locate the programs you want to uninstal.
  • Select the programs, one by one, and click Uninstall.
  • Restart the computer.

 

4. Notifications
 
Did you intentionally enable Chrome notifications from the following sites?

hxxps://app.houseparty.com; 
hxxps://calendar.google.com; 
hxxps://greatist.com; 
hxxps://onlinemovies.watch; 
hxxps://pa.zzzpush.icu; 
hxxps://paidviewpoint.com; 
hxxps://postmates.com; 
hxxps://rp.zzzpush.icu; 
hxxps://us-foodfc.yousweeps.com; 
hxxps://us.letgo.com; 
hxxps://voice.google.com; 
hxxps://www.6pm.com; 
hxxps://www.aliexpress.com; 
hxxps://www.androidcentral.com; 
hxxps://www.comicbookmovie.com; 
hxxps://www.consumeraffairs.com; 
hxxps://www.courier-journal.com; 
hxxps://www.duolingo.com; 
hxxps://www.ebtcardbalance.com; 
hxxps://www.game-debate.com; 
hxxps://www.lawenforcementtoday.com; 
hxxps://www.netflix.com; 
hxxps://www.newsweek.com; 
hxxps://www.orthofeet.com; 
hxxps://www.tellwut.com; 
hxxps://www.tennessean.com; 
hxxps://www.watchcartoononline.io; 
hxxps://www.watchonline.guide; 
hxxps://www.windowscentral.com

 
And from Vivaldi:

hxxps://calendar.google.com; 
hxxps://duo.google.com; 
hxxps://epicstream.com; 
hxxps://meet.google.com; 
hxxps://music.amazon.com; 
hxxps://old.reddit.com; 
hxxps://voice.google.com; 
hxxps://w.kast.live; 
hxxps://web.telegram.org; 
hxxps://www.cbssports.com; 
hxxps://www.game-debate.com; 
hxxps://www.indiegala.com; 
hxxps://www.quora.com; 
hxxps://www.vidangel.com; 
hxxps://www.wish.com

 
5. Uninstall an extension
 
Uninstall this Vivaldi extension: Avast Online Security
 
 
6. FRST fix

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

Start::
CreateRestorePoint:
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{01029388-0B8F-484C-BC0F-AC1E79630A9A}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.137.99\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{1BF368D2-E51E-4ACC-8F60-3FC9E891B96A}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.119.43\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{1EFE814D-F1BA-4B7E-AE9A-A8BD71D2CF2D}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.117.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{300E17A3-B34E-4D77-BCB4-4F227F215016}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.121.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{4372F3CE-EDF2-4B6A-937B-A6E1F4C1AA78}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.117.29\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{4BF4AA82-C9FE-45F5-A67A-925D602662F3}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.125.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{53DCCD48-20E9-4E0B-BA3F-D352EF44C9E3}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.135.49\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.35.423\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{5DB7CD8E-F11E-401F-8B84-E5B37533C22A}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.117.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.143.57\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{7C11786C-8288-421D-B1B8-EE6684A6AEED}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.135.29\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{9C08B62F-350A-41A8-866D-958247525EE6}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.113.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{9DE945F0-3142-49CC-ACBD-AC1F443C5E16}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.127.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{BA219326-CF19-44D0-8495-3327B1868DFA}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.139.65\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{BCA9D37C-CA60-4160-9115-97A00F24702D}\localserver32 -> "C:\Program Files\Vivaldi\Application\3.6.2165.36\notification_helper.exe" => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{C1339708-2882-4647-A280-BEC7AF3217B4}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.143.45\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{DAAF107C-0599-4BA6-9722-7F5437012183}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.135.41\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{E94F9315-63B0-4CAF-B4AA-1907B4F344AE}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.137.93\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{EDD9A6D6-52EA-406B-AD7D-F9C9A0CE6A5F}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.127.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{F6F8D795-EA53-4CBF-A169-047D04186B82}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.135.37\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{F72FA0AF-5C8C-436F-8D41-E1B27FA05DE2}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.119.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{F7B60789-4C6A-41DD-97A7-C7052F614D5A}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.133.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{FD6151BA-EFA6-4F58-B92C-F4733DAEBF66}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.129.31\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No FileContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
AlternateDataStreams: C:\ProgramData\TEMP:0BBF232A [226]
AlternateDataStreams: C:\ProgramData\TEMP:0F97692F [223]
AlternateDataStreams: C:\ProgramData\TEMP:1A14B3AF [470]
AlternateDataStreams: C:\ProgramData\TEMP:206470A5 [216]
AlternateDataStreams: C:\ProgramData\TEMP:2658F5EB [466]
AlternateDataStreams: C:\ProgramData\TEMP:26D061B8 [458]
AlternateDataStreams: C:\ProgramData\TEMP:2AE74FF9 [237]
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\TEMP:D6EEC2F8 [456]
AlternateDataStreams: C:\ProgramData\TEMP:DBE046F5 [224]
AlternateDataStreams: C:\ProgramData\TEMP:E2E09709 [249]
AlternateDataStreams: C:\ProgramData\TEMP:E925F06D [241]
AlternateDataStreams: C:\Users\Mike\Desktop\ArcSetup.exe:BDU [1]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [468]
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "uTorrent"
FirewallRules: [{863110A4-081B-426D-B3CE-1AD65F03F991}] => (Allow) C:\Users\Mike\68.0.3618.165\opera.exe => No File
FirewallRules: [UDP Query User{6F8AC953-2918-4C5E-BF09-9D7BF0177589}C:\program files\windowsapps\facebook.317180b0bb486_480.5.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_480.5.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [TCP Query User{1738EAC6-AE93-4496-ACAC-0901C46F64EA}C:\program files\windowsapps\facebook.317180b0bb486_480.5.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_480.5.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [UDP Query User{1ED76201-6CA1-4C24-83C0-5D956A99FBBF}C:\users\mike\68.0.3618.63\opera.exe] => (Allow) C:\users\mike\68.0.3618.63\opera.exe => No File
FirewallRules: [TCP Query User{9F6ACB0A-F05B-4A96-94C5-0BC501556ABF}C:\users\mike\68.0.3618.63\opera.exe] => (Allow) C:\users\mike\68.0.3618.63\opera.exe => No File
FirewallRules: [UDP Query User{D03FC616-5D99-4A41-991D-C2D837B86E9C}C:\users\mike\67.0.3575.137\opera.exe] => (Allow) C:\users\mike\67.0.3575.137\opera.exe => No File
FirewallRules: [TCP Query User{208AFA5B-ED75-4100-9067-34B49589299A}C:\users\mike\67.0.3575.137\opera.exe] => (Allow) C:\users\mike\67.0.3575.137\opera.exe => No File
FirewallRules: [UDP Query User{94F52B8C-1055-4857-B0F2-CA422F80EDF6}E:\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe] => (Block) E:\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe => No File
FirewallRules: [TCP Query User{8AA45E9B-20D6-4742-89D7-33CEB2A7A48F}E:\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe] => (Block) E:\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe => No File
FirewallRules: [{D08A755E-88F3-4DCF-8B12-5B7E8E91DFC6}] => (Allow) D:\SteamLibrary\steamapps\common\Tomb Raider\TombRaider.exe => No File
FirewallRules: [{389B54D6-9048-44D8-9F83-6EB7CFC02B50}] => (Allow) D:\SteamLibrary\steamapps\common\Tomb Raider\TombRaider.exe => No File
FirewallRules: [{09004257-1697-440B-9B88-2BE57E9A4BDE}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe => No File
FirewallRules: [{4F997141-51AE-4BC3-AF9D-11FC72C0AE58}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe => No File
FirewallRules: [{5A2A1C4B-4C21-49BA-9EDE-BF78ACCC9A3C}] => (Block) E:\Games\The Elder Scrolls V Skyrim Special Edition\SkyrimSELauncher.exe => No File
FirewallRules: [{23D85576-D409-4D22-912D-F4E177C2401C}] => (Block) E:\Games\The Elder Scrolls V Skyrim Special Edition\SkyrimSE.exe => No File
FirewallRules: [{1E71061D-50BC-4485-8F07-83CE924F8477}] => (Allow) E:\Games\The Elder Scrolls V Skyrim Special Edition\SkyrimSE.exe => No File
FirewallRules: [{13585603-3C5E-4B30-BC63-495720767AF6}] => (Allow) E:\Games\The Elder Scrolls V Skyrim Special Edition\SkyrimSE.exe => No File
FirewallRules: [{A46EDAF1-36D8-43EC-8727-B87CDF2A70A7}] => (Allow) F:\SteamLibrary\steamapps\common\3DMark\bin\x64\3DMark.exe => No File
FirewallRules: [{2D5B7230-6705-436D-A65C-49F6C21BEC8F}] => (Allow) F:\SteamLibrary\steamapps\common\3DMark\bin\x64\3DMark.exe => No File
FirewallRules: [{50CE2FEE-F79D-4D2E-BB6B-CD0131241C71}] => (Allow) F:\SteamLibrary\steamapps\common\3DMark\bin\x86\3DMark.exe => No File
FirewallRules: [{BD0F2AFA-F32D-4C59-AA79-369C7192F23C}] => (Allow) F:\SteamLibrary\steamapps\common\3DMark\bin\x86\3DMark.exe => No File
FirewallRules: [{924B613D-6D14-4F8F-8574-D31435E6A500}] => (Allow) F:\SteamLibrary\steamapps\common\PCMark 8\bin\PCMark8.exe => No File
FirewallRules: [{DCD1305A-8301-40E6-B2B1-36FBDBD28FC5}] => (Allow) F:\SteamLibrary\steamapps\common\PCMark 8\bin\PCMark8.exe => No File
FirewallRules: [UDP Query User{A301BC75-4F07-46F1-9C56-506BC8F4611F}F:\utomik\content\apps\borderlands\app\binaries\borderlands.exe] => (Allow) F:\utomik\content\apps\borderlands\app\binaries\borderlands.exe => No File
FirewallRules: [TCP Query User{405AE63B-C835-47CB-9D6E-5AF6C940A0F7}F:\utomik\content\apps\borderlands\app\binaries\borderlands.exe] => (Allow) F:\utomik\content\apps\borderlands\app\binaries\borderlands.exe => No File
FirewallRules: [UDP Query User{5D98C4FC-C1BB-490E-A8CA-93AD4F1C3F0F}F:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) F:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [TCP Query User{42847C32-377B-43AD-8395-3722F18EA12D}F:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) F:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{B421D1C5-3005-4306-86CE-73C791B35613}F:\games\subnautica\subnautica.exe] => (Allow) F:\games\subnautica\subnautica.exe => No File
FirewallRules: [TCP Query User{567F475B-9BD9-4204-AE5D-759B53DF910B}F:\games\subnautica\subnautica.exe] => (Allow) F:\games\subnautica\subnautica.exe => No File
FirewallRules: [UDP Query User{7642AABA-4BB3-4B8C-85E1-F384F7CF8A5D}C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [TCP Query User{0B378060-2258-4F7B-8E52-43C92FE201BE}C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [UDP Query User{51C1EF58-D01A-41AF-B4CB-F127D41021FE}C:\program files (x86)\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files (x86)\wizards of the coast\mtga\mtga.exe => No File
FirewallRules: [TCP Query User{D529E2B3-B4FC-4228-AFBB-2F96C9726EC4}C:\program files (x86)\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files (x86)\wizards of the coast\mtga\mtga.exe => No File
FirewallRules: [UDP Query User{1C8984E7-8EA0-476D-8B59-66E2A354572D}F:\battlefield 1942\bf1942.exe] => (Block) F:\battlefield 1942\bf1942.exe => No File
FirewallRules: [TCP Query User{77450507-9A9B-4971-95AD-A89A252B56A1}F:\battlefield 1942\bf1942.exe] => (Block) F:\battlefield 1942\bf1942.exe => No File
FirewallRules: [{7F3850AB-1CB7-42A5-A702-9E38703A8A4C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe => No File
FirewallRules: [{0C604519-2A25-4C8D-B26A-19529DA63E8B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe => No File
FirewallRules: [{2678278D-D256-418A-B57D-DD2D9E6062F2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe => No File
FirewallRules: [{80BC496D-C6BF-49E6-B2D7-5AEFCECE3CB6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe => No File
FirewallRules: [TCP Query User{7F43EB75-795D-462E-A697-1702ECD60610}E:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) E:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{788413EE-4FEB-4B25-98FE-AE797F5F1309}E:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) E:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [TCP Query User{DE0F12CB-8EAD-4DA3-8A90-89CF529DD1C8}E:\thealtocollection\the alto collection.exe] => (Allow) E:\thealtocollection\the alto collection.exe => No File
FirewallRules: [UDP Query User{A893563C-F3F9-4945-A57B-7E189C9D7994}E:\thealtocollection\the alto collection.exe] => (Allow) E:\thealtocollection\the alto collection.exe => No File
FirewallRules: [{8CB8472D-B555-40FC-A15D-5D4592E908C0}] => (Allow) D:\Program Files\Nox\bin\Nox.exe => No File
FirewallRules: [TCP Query User{84065FC7-C4C5-4B80-A86B-F003F55A2CAE}C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [UDP Query User{9FFE7952-44C6-4169-8F24-12A5BA9F6309}C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [TCP Query User{2D3CC949-D121-4519-B333-46E0FADF6984}E:\star trek online\live\x64\gameclient.exe] => (Allow) E:\star trek online\live\x64\gameclient.exe => No File
FirewallRules: [UDP Query User{B918D86B-D239-4C7A-A41D-BD4A0478A216}E:\star trek online\live\x64\gameclient.exe] => (Allow) E:\star trek online\live\x64\gameclient.exe => No File
FirewallRules: [TCP Query User{74979138-004F-43B0-810B-5CC16DBB7647}C:\program files\windowsapps\facebook.317180b0bb486_750.4.124.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_750.4.124.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [UDP Query User{F8E77CE7-C976-49DE-BBB2-096940200CE7}C:\program files\windowsapps\facebook.317180b0bb486_750.4.124.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_750.4.124.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [{0A758EC8-9F5F-4C5F-A20F-0262848ABE1D}] => (Allow) C:\PROGRA~2\REALTEK\USBWIR~2\RtWlan.exe => No File
FirewallRules: [{A410283C-7A45-4117-B06D-CBE780FCE4C8}] => (Allow) C:\PROGRA~2\REALTEK\USBWIR~2\Rtldhcp.exe => No File
FirewallRules: [{E732B381-E292-4505-9A0A-6AFCB0B0763E}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{9C3878F1-04FA-4E0A-A841-5FD35181680D}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe => No FileFirewallRules: [{FC2C6EC3-B502-4202-9D00-0C679AC086D9}] => (Allow) E:\Steam Games\steamapps\common\GarrysMod\hl2.exe => No File
FirewallRules: [{9E4445B8-709D-4E2B-85BC-743BD926FF01}] => (Allow) E:\Steam Games\steamapps\common\GarrysMod\hl2.exe => No File
FirewallRules: [{A1BE8D97-34BA-4D72-85A3-4AF11276F756}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{E11ED885-86E6-439D-A140-92E64D86E8EC}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{92A166EB-59E7-4362-8439-34FE0AEDA8FD}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{29AD4F93-C17C-441A-8781-28D34601EE76}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [TCP Query User{5425CD43-473E-4666-8C1B-39661078D271}C:\program files\windowsapps\facebook.317180b0bb486_860.5.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_860.5.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [UDP Query User{FF001663-2D57-43F4-90C2-51D16117DB06}C:\program files\windowsapps\facebook.317180b0bb486_860.5.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_860.5.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [{23469E42-09C0-4A3A-9AF6-DC23A127E760}] => (Allow) C:\Users\Mike\AppData\Local\Torch\Plugins\Hola\hola_plugin_x64.exe => No File
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\MountPoints2: {6ab08fea-361f-11eb-b262-60e3270d7793} - "E:\setup.exe" 
Task: {37317A0D-6899-462D-A1E9-0E12779155C2} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe [566672 2018-01-02] (TAOBAO (CHINA) SOFTWARE CO.,LTD. -> UCWeb Inc) <==== ATTENTION
Task: {614419CA-B19D-4A8F-B6BA-85562E66F4C2} - \CMPCUAC -> No File <==== ATTENTION
Task: {7397046B-2C4F-4370-9C91-AA2A83962EF2} - System32\Tasks\UCBrowserUpdaterCore => C:\Program Files (x86)\UCBrowser\Application\update_task.exe [566672 2018-01-02] (TAOBAO (CHINA) SOFTWARE CO.,LTD. -> UCWeb Inc) <==== ATTENTION
Task: C:\WINDOWS\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\UCBrowserUpdaterCore.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
S2 RTLDHCPService; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [X]
2019-05-12 19:18 - 2017-11-19 13:51 - 000004286 ____C () C:\Program Files (x86)\FalcoGo.ico
2019-05-12 19:18 - 2017-11-19 13:53 - 000000044 ____C () C:\Program Files (x86)\FalcoGo.url
2019-05-12 19:18 - 2016-01-05 13:37 - 000004286 ____C () C:\Program Files (x86)\FalconLine.ico
2019-05-12 19:18 - 2016-01-05 13:25 - 000000047 ____C () C:\Program Files (x86)\FalconLine.url
2019-05-12 19:18 - 2016-12-21 01:39 - 000004286 ____C () C:\Program Files (x86)\FalcoSpace.ico
2019-05-12 19:18 - 2016-12-21 01:36 - 000000047 ____C () C:\Program Files (x86)\FalcoSpace.url
C:\Program Files (x86)\UCBrowser
EmptyTemp:
End::
  • Please select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.
    • Please right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
    • Press the Fix button once and wait.
    • FRST will process fixlist.txt
    • When finished, it will produce a log fixlog.txt on your Desktop.
    • Please post the log in your next reply.

 

 

In your next reply please post:

  • What programs did you uninstall
  • Your reply about notifications
  • If everything went fine with the extension uninstall.
  • What happened with BitDefender uninstall.

  • 0

#6
Maleboe

Maleboe

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 100 posts

1. I use Deluge with a private tracker I trust. 

2. Bitdefender had been uninstalled previously and is not in the programs list in Revo.

3. Driver Easy and Dumo are uninstalled. I use sumo to check updates for software on my computer.

3.2 Is there anything wrong with Eraser? I use it to overwrite personal file I delete so they can't be accessed with recovery tools. I uninstalled BCUninstaller and Wise Program.

3.3 I kept IObit Unlocker, Smart Close, and TeamViewer and removed the rest.

4. While these notifications are enabled, Notifications are completely disabled in the browser. So those can go.

5. I forgot to uninstall Avast for Vivaldi because I disabled it and forgot. Removed now.

6. Ran FRST fix

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 09-06-2021
Ran by Mike (11-06-2021 17:33:48) Run:1
Running from C:\Users\Mike\Desktop
Loaded Profiles: Mike & Andrew
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{01029388-0B8F-484C-BC0F-AC1E79630A9A}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.137.99\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{1BF368D2-E51E-4ACC-8F60-3FC9E891B96A}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.119.43\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{1EFE814D-F1BA-4B7E-AE9A-A8BD71D2CF2D}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.117.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{300E17A3-B34E-4D77-BCB4-4F227F215016}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.121.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{4372F3CE-EDF2-4B6A-937B-A6E1F4C1AA78}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.117.29\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{4BF4AA82-C9FE-45F5-A67A-925D602662F3}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.125.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{53DCCD48-20E9-4E0B-BA3F-D352EF44C9E3}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.135.49\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.35.423\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{5DB7CD8E-F11E-401F-8B84-E5B37533C22A}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.117.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.143.57\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{7C11786C-8288-421D-B1B8-EE6684A6AEED}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.135.29\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\OneDrive\19.232.1124.0012\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{9C08B62F-350A-41A8-866D-958247525EE6}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.113.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{9DE945F0-3142-49CC-ACBD-AC1F443C5E16}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.127.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{BA219326-CF19-44D0-8495-3327B1868DFA}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.139.65\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{BCA9D37C-CA60-4160-9115-97A00F24702D}\localserver32 -> "C:\Program Files\Vivaldi\Application\3.6.2165.36\notification_helper.exe" => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{C1339708-2882-4647-A280-BEC7AF3217B4}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.143.45\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.36.52\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{DAAF107C-0599-4BA6-9722-7F5437012183}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.135.41\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.36.72\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{E94F9315-63B0-4CAF-B4AA-1907B4F344AE}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.137.93\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{EDD9A6D6-52EA-406B-AD7D-F9C9A0CE6A5F}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.127.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\Mike\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{F6F8D795-EA53-4CBF-A169-047D04186B82}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.135.37\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{F72FA0AF-5C8C-436F-8D41-E1B27FA05DE2}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.119.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{F7B60789-4C6A-41DD-97A7-C7052F614D5A}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.133.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{FD6151BA-EFA6-4F58-B92C-F4733DAEBF66}\InprocServer32 -> C:\Users\Mike\AppData\Local\Microsoft\EdgeUpdate\1.3.129.31\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No FileContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
AlternateDataStreams: C:\ProgramData\TEMP:0BBF232A [226]
AlternateDataStreams: C:\ProgramData\TEMP:0F97692F [223]
AlternateDataStreams: C:\ProgramData\TEMP:1A14B3AF [470]
AlternateDataStreams: C:\ProgramData\TEMP:206470A5 [216]
AlternateDataStreams: C:\ProgramData\TEMP:2658F5EB [466]
AlternateDataStreams: C:\ProgramData\TEMP:26D061B8 [458]
AlternateDataStreams: C:\ProgramData\TEMP:2AE74FF9 [237]
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\TEMP:D6EEC2F8 [456]
AlternateDataStreams: C:\ProgramData\TEMP:DBE046F5 [224]
AlternateDataStreams: C:\ProgramData\TEMP:E2E09709 [249]
AlternateDataStreams: C:\ProgramData\TEMP:E925F06D [241]
AlternateDataStreams: C:\Users\Mike\Desktop\ArcSetup.exe:BDU [1]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [468]
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\StartupApproved\Run: => "uTorrent"
FirewallRules: [{863110A4-081B-426D-B3CE-1AD65F03F991}] => (Allow) C:\Users\Mike\68.0.3618.165\opera.exe => No File
FirewallRules: [UDP Query User{6F8AC953-2918-4C5E-BF09-9D7BF0177589}C:\program files\windowsapps\facebook.317180b0bb486_480.5.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_480.5.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [TCP Query User{1738EAC6-AE93-4496-ACAC-0901C46F64EA}C:\program files\windowsapps\facebook.317180b0bb486_480.5.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_480.5.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [UDP Query User{1ED76201-6CA1-4C24-83C0-5D956A99FBBF}C:\users\mike\68.0.3618.63\opera.exe] => (Allow) C:\users\mike\68.0.3618.63\opera.exe => No File
FirewallRules: [TCP Query User{9F6ACB0A-F05B-4A96-94C5-0BC501556ABF}C:\users\mike\68.0.3618.63\opera.exe] => (Allow) C:\users\mike\68.0.3618.63\opera.exe => No File
FirewallRules: [UDP Query User{D03FC616-5D99-4A41-991D-C2D837B86E9C}C:\users\mike\67.0.3575.137\opera.exe] => (Allow) C:\users\mike\67.0.3575.137\opera.exe => No File
FirewallRules: [TCP Query User{208AFA5B-ED75-4100-9067-34B49589299A}C:\users\mike\67.0.3575.137\opera.exe] => (Allow) C:\users\mike\67.0.3575.137\opera.exe => No File
FirewallRules: [UDP Query User{94F52B8C-1055-4857-B0F2-CA422F80EDF6}E:\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe] => (Block) E:\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe => No File
FirewallRules: [TCP Query User{8AA45E9B-20D6-4742-89D7-33CEB2A7A48F}E:\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe] => (Block) E:\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe => No File
FirewallRules: [{D08A755E-88F3-4DCF-8B12-5B7E8E91DFC6}] => (Allow) D:\SteamLibrary\steamapps\common\Tomb Raider\TombRaider.exe => No File
FirewallRules: [{389B54D6-9048-44D8-9F83-6EB7CFC02B50}] => (Allow) D:\SteamLibrary\steamapps\common\Tomb Raider\TombRaider.exe => No File
FirewallRules: [{09004257-1697-440B-9B88-2BE57E9A4BDE}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe => No File
FirewallRules: [{4F997141-51AE-4BC3-AF9D-11FC72C0AE58}] => (Allow) C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe => No File
FirewallRules: [{5A2A1C4B-4C21-49BA-9EDE-BF78ACCC9A3C}] => (Block) E:\Games\The Elder Scrolls V Skyrim Special Edition\SkyrimSELauncher.exe => No File
FirewallRules: [{23D85576-D409-4D22-912D-F4E177C2401C}] => (Block) E:\Games\The Elder Scrolls V Skyrim Special Edition\SkyrimSE.exe => No File
FirewallRules: [{1E71061D-50BC-4485-8F07-83CE924F8477}] => (Allow) E:\Games\The Elder Scrolls V Skyrim Special Edition\SkyrimSE.exe => No File
FirewallRules: [{13585603-3C5E-4B30-BC63-495720767AF6}] => (Allow) E:\Games\The Elder Scrolls V Skyrim Special Edition\SkyrimSE.exe => No File
FirewallRules: [{A46EDAF1-36D8-43EC-8727-B87CDF2A70A7}] => (Allow) F:\SteamLibrary\steamapps\common\3DMark\bin\x64\3DMark.exe => No File
FirewallRules: [{2D5B7230-6705-436D-A65C-49F6C21BEC8F}] => (Allow) F:\SteamLibrary\steamapps\common\3DMark\bin\x64\3DMark.exe => No File
FirewallRules: [{50CE2FEE-F79D-4D2E-BB6B-CD0131241C71}] => (Allow) F:\SteamLibrary\steamapps\common\3DMark\bin\x86\3DMark.exe => No File
FirewallRules: [{BD0F2AFA-F32D-4C59-AA79-369C7192F23C}] => (Allow) F:\SteamLibrary\steamapps\common\3DMark\bin\x86\3DMark.exe => No File
FirewallRules: [{924B613D-6D14-4F8F-8574-D31435E6A500}] => (Allow) F:\SteamLibrary\steamapps\common\PCMark 8\bin\PCMark8.exe => No File
FirewallRules: [{DCD1305A-8301-40E6-B2B1-36FBDBD28FC5}] => (Allow) F:\SteamLibrary\steamapps\common\PCMark 8\bin\PCMark8.exe => No File
FirewallRules: [UDP Query User{A301BC75-4F07-46F1-9C56-506BC8F4611F}F:\utomik\content\apps\borderlands\app\binaries\borderlands.exe] => (Allow) F:\utomik\content\apps\borderlands\app\binaries\borderlands.exe => No File
FirewallRules: [TCP Query User{405AE63B-C835-47CB-9D6E-5AF6C940A0F7}F:\utomik\content\apps\borderlands\app\binaries\borderlands.exe] => (Allow) F:\utomik\content\apps\borderlands\app\binaries\borderlands.exe => No File
FirewallRules: [UDP Query User{5D98C4FC-C1BB-490E-A8CA-93AD4F1C3F0F}F:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) F:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [TCP Query User{42847C32-377B-43AD-8395-3722F18EA12D}F:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) F:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{B421D1C5-3005-4306-86CE-73C791B35613}F:\games\subnautica\subnautica.exe] => (Allow) F:\games\subnautica\subnautica.exe => No File
FirewallRules: [TCP Query User{567F475B-9BD9-4204-AE5D-759B53DF910B}F:\games\subnautica\subnautica.exe] => (Allow) F:\games\subnautica\subnautica.exe => No File
FirewallRules: [UDP Query User{7642AABA-4BB3-4B8C-85E1-F384F7CF8A5D}C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [TCP Query User{0B378060-2258-4F7B-8E52-43C92FE201BE}C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe => No File
FirewallRules: [UDP Query User{51C1EF58-D01A-41AF-B4CB-F127D41021FE}C:\program files (x86)\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files (x86)\wizards of the coast\mtga\mtga.exe => No File
FirewallRules: [TCP Query User{D529E2B3-B4FC-4228-AFBB-2F96C9726EC4}C:\program files (x86)\wizards of the coast\mtga\mtga.exe] => (Allow) C:\program files (x86)\wizards of the coast\mtga\mtga.exe => No File
FirewallRules: [UDP Query User{1C8984E7-8EA0-476D-8B59-66E2A354572D}F:\battlefield 1942\bf1942.exe] => (Block) F:\battlefield 1942\bf1942.exe => No File
FirewallRules: [TCP Query User{77450507-9A9B-4971-95AD-A89A252B56A1}F:\battlefield 1942\bf1942.exe] => (Block) F:\battlefield 1942\bf1942.exe => No File
FirewallRules: [{7F3850AB-1CB7-42A5-A702-9E38703A8A4C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe => No File
FirewallRules: [{0C604519-2A25-4C8D-B26A-19529DA63E8B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe => No File
FirewallRules: [{2678278D-D256-418A-B57D-DD2D9E6062F2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe => No File
FirewallRules: [{80BC496D-C6BF-49E6-B2D7-5AEFCECE3CB6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe => No File
FirewallRules: [TCP Query User{7F43EB75-795D-462E-A697-1702ECD60610}E:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) E:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{788413EE-4FEB-4B25-98FE-AE797F5F1309}E:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) E:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [TCP Query User{DE0F12CB-8EAD-4DA3-8A90-89CF529DD1C8}E:\thealtocollection\the alto collection.exe] => (Allow) E:\thealtocollection\the alto collection.exe => No File
FirewallRules: [UDP Query User{A893563C-F3F9-4945-A57B-7E189C9D7994}E:\thealtocollection\the alto collection.exe] => (Allow) E:\thealtocollection\the alto collection.exe => No File
FirewallRules: [{8CB8472D-B555-40FC-A15D-5D4592E908C0}] => (Allow) D:\Program Files\Nox\bin\Nox.exe => No File
FirewallRules: [TCP Query User{84065FC7-C4C5-4B80-A86B-F003F55A2CAE}C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [UDP Query User{9FFE7952-44C6-4169-8F24-12A5BA9F6309}C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [TCP Query User{2D3CC949-D121-4519-B333-46E0FADF6984}E:\star trek online\live\x64\gameclient.exe] => (Allow) E:\star trek online\live\x64\gameclient.exe => No File
FirewallRules: [UDP Query User{B918D86B-D239-4C7A-A41D-BD4A0478A216}E:\star trek online\live\x64\gameclient.exe] => (Allow) E:\star trek online\live\x64\gameclient.exe => No File
FirewallRules: [TCP Query User{74979138-004F-43B0-810B-5CC16DBB7647}C:\program files\windowsapps\facebook.317180b0bb486_750.4.124.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_750.4.124.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [UDP Query User{F8E77CE7-C976-49DE-BBB2-096940200CE7}C:\program files\windowsapps\facebook.317180b0bb486_750.4.124.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_750.4.124.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [{0A758EC8-9F5F-4C5F-A20F-0262848ABE1D}] => (Allow) C:\PROGRA~2\REALTEK\USBWIR~2\RtWlan.exe => No File
FirewallRules: [{A410283C-7A45-4117-B06D-CBE780FCE4C8}] => (Allow) C:\PROGRA~2\REALTEK\USBWIR~2\Rtldhcp.exe => No File
FirewallRules: [{E732B381-E292-4505-9A0A-6AFCB0B0763E}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{9C3878F1-04FA-4E0A-A841-5FD35181680D}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe => No FileFirewallRules: [{FC2C6EC3-B502-4202-9D00-0C679AC086D9}] => (Allow) E:\Steam Games\steamapps\common\GarrysMod\hl2.exe => No File
FirewallRules: [{9E4445B8-709D-4E2B-85BC-743BD926FF01}] => (Allow) E:\Steam Games\steamapps\common\GarrysMod\hl2.exe => No File
FirewallRules: [{A1BE8D97-34BA-4D72-85A3-4AF11276F756}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{E11ED885-86E6-439D-A140-92E64D86E8EC}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{92A166EB-59E7-4362-8439-34FE0AEDA8FD}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{29AD4F93-C17C-441A-8781-28D34601EE76}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [TCP Query User{5425CD43-473E-4666-8C1B-39661078D271}C:\program files\windowsapps\facebook.317180b0bb486_860.5.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_860.5.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [UDP Query User{FF001663-2D57-43F4-90C2-51D16117DB06}C:\program files\windowsapps\facebook.317180b0bb486_860.5.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_860.5.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [{23469E42-09C0-4A3A-9AF6-DC23A127E760}] => (Allow) C:\Users\Mike\AppData\Local\Torch\Plugins\Hola\hola_plugin_x64.exe => No File
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\...\MountPoints2: {6ab08fea-361f-11eb-b262-60e3270d7793} - "E:\setup.exe" 
Task: {37317A0D-6899-462D-A1E9-0E12779155C2} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe [566672 2018-01-02] (TAOBAO (CHINA) SOFTWARE CO.,LTD. -> UCWeb Inc) <==== ATTENTION
Task: {614419CA-B19D-4A8F-B6BA-85562E66F4C2} - \CMPCUAC -> No File <==== ATTENTION
Task: {7397046B-2C4F-4370-9C91-AA2A83962EF2} - System32\Tasks\UCBrowserUpdaterCore => C:\Program Files (x86)\UCBrowser\Application\update_task.exe [566672 2018-01-02] (TAOBAO (CHINA) SOFTWARE CO.,LTD. -> UCWeb Inc) <==== ATTENTION
Task: C:\WINDOWS\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\UCBrowserUpdaterCore.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
S2 RTLDHCPService; C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe [X]
2019-05-12 19:18 - 2017-11-19 13:51 - 000004286 ____C () C:\Program Files (x86)\FalcoGo.ico
2019-05-12 19:18 - 2017-11-19 13:53 - 000000044 ____C () C:\Program Files (x86)\FalcoGo.url
2019-05-12 19:18 - 2016-01-05 13:37 - 000004286 ____C () C:\Program Files (x86)\FalconLine.ico
2019-05-12 19:18 - 2016-01-05 13:25 - 000000047 ____C () C:\Program Files (x86)\FalconLine.url
2019-05-12 19:18 - 2016-12-21 01:39 - 000004286 ____C () C:\Program Files (x86)\FalcoSpace.ico
2019-05-12 19:18 - 2016-12-21 01:36 - 000000047 ____C () C:\Program Files (x86)\FalcoSpace.url
C:\Program Files (x86)\UCBrowser
EmptyTemp:
 
*****************
 
Error: (0) Failed to create a restore point.
Processes closed successfully.
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{01029388-0B8F-484C-BC0F-AC1E79630A9A} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{1BF368D2-E51E-4ACC-8F60-3FC9E891B96A} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{1EFE814D-F1BA-4B7E-AE9A-A8BD71D2CF2D} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{300E17A3-B34E-4D77-BCB4-4F227F215016} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{4372F3CE-EDF2-4B6A-937B-A6E1F4C1AA78} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{4BF4AA82-C9FE-45F5-A67A-925D602662F3} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{53DCCD48-20E9-4E0B-BA3F-D352EF44C9E3} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{5DB7CD8E-F11E-401F-8B84-E5B37533C22A} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{7C11786C-8288-421D-B1B8-EE6684A6AEED} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{9C08B62F-350A-41A8-866D-958247525EE6} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{9DE945F0-3142-49CC-ACBD-AC1F443C5E16} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{BA219326-CF19-44D0-8495-3327B1868DFA} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{BCA9D37C-CA60-4160-9115-97A00F24702D} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{C1339708-2882-4647-A280-BEC7AF3217B4} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{CA919489-0396-4164-A6E7-94CDED45A707} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{DAAF107C-0599-4BA6-9722-7F5437012183} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{E94F9315-63B0-4CAF-B4AA-1907B4F344AE} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{EDD9A6D6-52EA-406B-AD7D-F9C9A0CE6A5F} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{F6F8D795-EA53-4CBF-A169-047D04186B82} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{F72FA0AF-5C8C-436F-8D41-E1B27FA05DE2} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{F7B60789-4C6A-41DD-97A7-C7052F614D5A} => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001_Classes\CLSID\{FD6151BA-EFA6-4F58-B92C-F4733DAEBF66} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No FileContextMenuHandlers6: [7-Zip => not found
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
C:\ProgramData\TEMP => ":0BBF232A" ADS removed successfully
C:\ProgramData\TEMP => ":0F97692F" ADS removed successfully
C:\ProgramData\TEMP => ":1A14B3AF" ADS removed successfully
C:\ProgramData\TEMP => ":206470A5" ADS removed successfully
C:\ProgramData\TEMP => ":2658F5EB" ADS removed successfully
C:\ProgramData\TEMP => ":26D061B8" ADS removed successfully
C:\ProgramData\TEMP => ":2AE74FF9" ADS removed successfully
C:\ProgramData\TEMP => ":2CB9631F" ADS removed successfully
C:\ProgramData\TEMP => ":D6EEC2F8" ADS removed successfully
C:\ProgramData\TEMP => ":DBE046F5" ADS removed successfully
C:\ProgramData\TEMP => ":E2E09709" ADS removed successfully
C:\ProgramData\TEMP => ":E925F06D" ADS removed successfully
C:\Users\Mike\Desktop\ArcSetup.exe => ":BDU" ADS removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\uTorrent" => removed successfully
"HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\uTorrent" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{863110A4-081B-426D-B3CE-1AD65F03F991}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6F8AC953-2918-4C5E-BF09-9D7BF0177589}C:\program files\windowsapps\facebook.317180b0bb486_480.5.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1738EAC6-AE93-4496-ACAC-0901C46F64EA}C:\program files\windowsapps\facebook.317180b0bb486_480.5.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1ED76201-6CA1-4C24-83C0-5D956A99FBBF}C:\users\mike\68.0.3618.63\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9F6ACB0A-F05B-4A96-94C5-0BC501556ABF}C:\users\mike\68.0.3618.63\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D03FC616-5D99-4A41-991D-C2D837B86E9C}C:\users\mike\67.0.3575.137\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{208AFA5B-ED75-4100-9067-34B49589299A}C:\users\mike\67.0.3575.137\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{94F52B8C-1055-4857-B0F2-CA422F80EDF6}E:\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8AA45E9B-20D6-4742-89D7-33CEB2A7A48F}E:\spyro reignited trilogy\falcon\binaries\win64\spyro-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D08A755E-88F3-4DCF-8B12-5B7E8E91DFC6}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{389B54D6-9048-44D8-9F83-6EB7CFC02B50}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{09004257-1697-440B-9B88-2BE57E9A4BDE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4F997141-51AE-4BC3-AF9D-11FC72C0AE58}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5A2A1C4B-4C21-49BA-9EDE-BF78ACCC9A3C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{23D85576-D409-4D22-912D-F4E177C2401C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1E71061D-50BC-4485-8F07-83CE924F8477}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{13585603-3C5E-4B30-BC63-495720767AF6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A46EDAF1-36D8-43EC-8727-B87CDF2A70A7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2D5B7230-6705-436D-A65C-49F6C21BEC8F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{50CE2FEE-F79D-4D2E-BB6B-CD0131241C71}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BD0F2AFA-F32D-4C59-AA79-369C7192F23C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{924B613D-6D14-4F8F-8574-D31435E6A500}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DCD1305A-8301-40E6-B2B1-36FBDBD28FC5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A301BC75-4F07-46F1-9C56-506BC8F4611F}F:\utomik\content\apps\borderlands\app\binaries\borderlands.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{405AE63B-C835-47CB-9D6E-5AF6C940A0F7}F:\utomik\content\apps\borderlands\app\binaries\borderlands.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5D98C4FC-C1BB-490E-A8CA-93AD4F1C3F0F}F:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{42847C32-377B-43AD-8395-3722F18EA12D}F:\games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B421D1C5-3005-4306-86CE-73C791B35613}F:\games\subnautica\subnautica.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{567F475B-9BD9-4204-AE5D-759B53DF910B}F:\games\subnautica\subnautica.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7642AABA-4BB3-4B8C-85E1-F384F7CF8A5D}C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0B378060-2258-4F7B-8E52-43C92FE201BE}C:\program files\windowsapps\xbmcfoundation.kodi_17.9.601.0_x86__4n2hpmxwrvr6p\kodi.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{51C1EF58-D01A-41AF-B4CB-F127D41021FE}C:\program files (x86)\wizards of the coast\mtga\mtga.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D529E2B3-B4FC-4228-AFBB-2F96C9726EC4}C:\program files (x86)\wizards of the coast\mtga\mtga.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1C8984E7-8EA0-476D-8B59-66E2A354572D}F:\battlefield 1942\bf1942.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{77450507-9A9B-4971-95AD-A89A252B56A1}F:\battlefield 1942\bf1942.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7F3850AB-1CB7-42A5-A702-9E38703A8A4C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0C604519-2A25-4C8D-B26A-19529DA63E8B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2678278D-D256-418A-B57D-DD2D9E6062F2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{80BC496D-C6BF-49E6-B2D7-5AEFCECE3CB6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7F43EB75-795D-462E-A697-1702ECD60610}E:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{788413EE-4FEB-4B25-98FE-AE797F5F1309}E:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DE0F12CB-8EAD-4DA3-8A90-89CF529DD1C8}E:\thealtocollection\the alto collection.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A893563C-F3F9-4945-A57B-7E189C9D7994}E:\thealtocollection\the alto collection.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8CB8472D-B555-40FC-A15D-5D4592E908C0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{84065FC7-C4C5-4B80-A86B-F003F55A2CAE}C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9FFE7952-44C6-4169-8F24-12A5BA9F6309}C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2D3CC949-D121-4519-B333-46E0FADF6984}E:\star trek online\live\x64\gameclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B918D86B-D239-4C7A-A41D-BD4A0478A216}E:\star trek online\live\x64\gameclient.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{74979138-004F-43B0-810B-5CC16DBB7647}C:\program files\windowsapps\facebook.317180b0bb486_750.4.124.0_x64__8xx8rvfyw5nnt\app\messenger.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F8E77CE7-C976-49DE-BBB2-096940200CE7}C:\program files\windowsapps\facebook.317180b0bb486_750.4.124.0_x64__8xx8rvfyw5nnt\app\messenger.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0A758EC8-9F5F-4C5F-A20F-0262848ABE1D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A410283C-7A45-4117-B06D-CBE780FCE4C8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E732B381-E292-4505-9A0A-6AFCB0B0763E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9C3878F1-04FA-4E0A-A841-5FD35181680D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9E4445B8-709D-4E2B-85BC-743BD926FF01}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A1BE8D97-34BA-4D72-85A3-4AF11276F756}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E11ED885-86E6-439D-A140-92E64D86E8EC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{92A166EB-59E7-4362-8439-34FE0AEDA8FD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{29AD4F93-C17C-441A-8781-28D34601EE76}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5425CD43-473E-4666-8C1B-39661078D271}C:\program files\windowsapps\facebook.317180b0bb486_860.5.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FF001663-2D57-43F4-90C2-51D16117DB06}C:\program files\windowsapps\facebook.317180b0bb486_860.5.119.0_x64__8xx8rvfyw5nnt\app\messenger.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{23469E42-09C0-4A3A-9AF6-DC23A127E760}" => not found
"HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GalaxyClient" => removed successfully
HKU\S-1-5-21-3967705999-1235421771-3941837385-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6ab08fea-361f-11eb-b262-60e3270d7793} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{37317A0D-6899-462D-A1E9-0E12779155C2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37317A0D-6899-462D-A1E9-0E12779155C2}" => removed successfully
C:\WINDOWS\System32\Tasks\UCBrowserUpdater => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UCBrowserUpdater" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{614419CA-B19D-4A8F-B6BA-85562E66F4C2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{614419CA-B19D-4A8F-B6BA-85562E66F4C2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CMPCUAC" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7397046B-2C4F-4370-9C91-AA2A83962EF2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7397046B-2C4F-4370-9C91-AA2A83962EF2}" => removed successfully
C:\WINDOWS\System32\Tasks\UCBrowserUpdaterCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UCBrowserUpdaterCore" => removed successfully
C:\WINDOWS\Tasks\UCBrowserUpdater.job => moved successfully
C:\WINDOWS\Tasks\UCBrowserUpdaterCore.job => moved successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
HKLM\System\CurrentControlSet\Services\RTLDHCPService => removed successfully
RTLDHCPService => service removed successfully
C:\Program Files (x86)\FalcoGo.ico => moved successfully
C:\Program Files (x86)\FalcoGo.url => moved successfully
C:\Program Files (x86)\FalconLine.ico => moved successfully
C:\Program Files (x86)\FalconLine.url => moved successfully
C:\Program Files (x86)\FalcoSpace.ico => moved successfully
C:\Program Files (x86)\FalcoSpace.url => moved successfully
C:\Program Files (x86)\UCBrowser => moved successfully
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 12607488 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 45765713 B
Java, Flash, Steam htmlcache => 269904172 B
Windows/system/drivers => 211280878 B
Edge => 669230 B
Chrome => 1598351142 B
Brave => 251932258 B
Vivaldi => 736004561 B
Firefox => 60913411 B
Opera => 49924075 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 14240629 B
systemprofile32 => 14250664 B
LocalService => 14477680 B
NetworkService => 29399970 B
Mike => 1444454677 B
Andrew => 1444513361 B
 
RecycleBin => 144061237 B
EmptyTemp: => 5.9 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 17:40:17 ====

  • 0

#7
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,240 posts

Hi, Josh.
 
Thanks for the information about the programs you uninstalled or kept. Please, do not use Deluge during the cleaning procedure.
 
Now...
 
Let's do some additional scans.


1. Run AdwCleaner (Scan mode)

Download AdwCleaner and save it to your desktop.

  • Double click AdwCleaner.exe to run it.
  • Click Scan Now.
    • When the scan has finished, a Scan Results window will open.
    • Click Cancel (at this point do not attempt to Quarantine anything that is found)
  • Now click the Log Files tab.
    • Double click on the latest scan log (Scan logs have a [S0*] suffix, where * is replaced by a number. The latest scan will have the largest number)
    • A Notepad file will open containing the results of the scan.
    • Please post the contents of the file in your next reply.

 

2. Run Malwarebytes (Scan mode)

  • Open Malwarebytes.
  • Click the little gear on the top right (Settings) and when it opens, click the Security tab and make sure about the following:
    Under the title Scan Options, all the options are checked.
    Under the title Windows Security Center (Premium only) the option is NOT checked.
    Under the title Potentially unwanted items all options are set to Always.
  • Click on the little gear to return to the main menu and select Scan. The program will start scanning your computer. This may take about 10 minutes, but in some cases it may be take longer.
  • When finished, you will see the Threat Scan Summary window open.

If threats are not found, click View Report and proceed to the two last steps below.

If threats are found, make sure that all threats are not selected, close the program and proceed to the next steps below.

  • Open Malwarebytes again, click on the Scanner, and then on the Reports tab.
  • Find the report with the most recent date and double click on it.
  • Click on Export and then Copy to Clipboard.
  • Paste its content here, in your next reply.

 

 

In your next reply, please post:

  • The AdwCleaner[S0*].txt
  • The Malwarebytes report

  • 0

#8
Maleboe

Maleboe

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 100 posts

I don't see a log files tab in adwcleaner.


  • 0

#9
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,240 posts

Here it is:

 

AdwCleaner.jpg

 

 


  • 0

#10
Maleboe

Maleboe

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 100 posts
1
 
# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build:    03-22-2021
# Database: 2021-05-17.1 (Cloud)
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    06-12-2021
# Duration: 00:00:25
# OS:       Windows 10 Pro
# Scanned:  31988
# Detected: 45
 
 
***** [ Services ] *****
 
No malicious services found.
 
***** [ Folders ] *****
 
PUP.Optional.DownloadAssistant  C:\Users\Mike\Assistant
PUP.Optional.Legacy             C:\Users\Mike\AppData\Local\torch
PUP.Optional.UCBrowser          C:\Users\Mike\AppData\Local\UCBrowser
PUP.Optional.UCBrowser          C:\Windows\SysWOW64\config\systemprofile\AppData\Local\UCBrowser
 
***** [ Files ] *****
 
PUP.Optional.Torch              C:\Users\Mike\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Torch.lnk
PUP.Optional.Torch              C:\Users\Mike\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Torch.lnk
PUP.Optional.Torch              C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
PUP.Optional.Torch              C:\Users\Mike\Desktop\Torch.lnk
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
***** [ WMI ] *****
 
No malicious WMI found.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts found.
 
***** [ Tasks ] *****
 
No malicious tasks found.
 
***** [ Registry ] *****
 
PUP.Optional.Legacy             HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch
PUP.Optional.Legacy             HKCU\Software\torch
PUP.Optional.Legacy             HKLM\SOFTWARE\Classes\Applications\Torch.exe
PUP.Optional.Legacy             HKLM\SOFTWARE\Clients\StartMenuInternet\Torch
PUP.Optional.Legacy             HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{39F8F195-9979-40C0-B0A1-EF34AC7A93A8}
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\\Clients\StartMenuInternet\Torch
PUP.Optional.Legacy             HKLM\Software\Wow6432Node\torch
PUP.Optional.Torch              HKLM\SOFTWARE\Classes\.URL\OpenWithList\Torch.exe
PUP.Optional.Torch              HKLM\SOFTWARE\Classes\.bmp\OpenWithList\Torch.exe
PUP.Optional.Torch              HKLM\SOFTWARE\Classes\.dib\OpenWithList\Torch.exe
PUP.Optional.Torch              HKLM\SOFTWARE\Classes\.gif\OpenWithList\Torch.exe
PUP.Optional.Torch              HKLM\SOFTWARE\Classes\.htm\OpenWithList\Torch.exe
PUP.Optional.Torch              HKLM\SOFTWARE\Classes\.html\OpenWithList\Torch.exe
PUP.Optional.Torch              HKLM\SOFTWARE\Classes\.ico\OpenWithList\Torch.exe
PUP.Optional.Torch              HKLM\SOFTWARE\Classes\.jfif\OpenWithList\Torch.exe
PUP.Optional.Torch              HKLM\SOFTWARE\Classes\.jpe\OpenWithList\Torch.exe
PUP.Optional.Torch              HKLM\SOFTWARE\Classes\.jpg\OpenWithList\Torch.exe
PUP.Optional.Torch              HKLM\SOFTWARE\Classes\.mfp\OpenWithList\Torch.exe
PUP.Optional.Torch              HKLM\SOFTWARE\Classes\.pdf\OpenWithList\Torch.exe
PUP.Optional.Torch              HKLM\SOFTWARE\Classes\.png\OpenWithList\Torch.exe
PUP.Optional.Torch              HKLM\SOFTWARE\Classes\.shtml\OpenWithList\Torch.exe
PUP.Optional.Torch              HKLM\SOFTWARE\Classes\.webm\OpenWithList\Torch.exe
PUP.Optional.Torch              HKLM\SOFTWARE\Classes\.xht\OpenWithList\Torch.exe
PUP.Optional.Torch              HKLM\SOFTWARE\Classes\.xhtml\OpenWithList\Torch.exe
PUP.Optional.Torch              HKLM\SOFTWARE\Classes\Applications\TorchSetupstub.exe
PUP.Optional.Torch              HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{74DDB316-3CA1-4D10-882F-2F25CDBDB329}
 
***** [ Chromium (and derivatives) ] *****
 
PUP.Optional.22ChromeEXT        User-Agent Switcher for Chrome - djflhoibgkdhkhhcedjiklpkjnoahfmg
PUP.Optional.Legacy             Hover Hound - dogmhlelnjpjgahofccgbfnmojkmlfep
PUP.Optional.Legacy             Instapaper - ldjkgaaoikpmhmkelcgkgacicjfbofhh
PUP.Optional.Legacy             MediaPlus - emaamodndfmmmcjepfigalbjjjemadom
PUP.Optional.Legacy             New tab page by start.me - cfmnkhhioonhiehehedmnjibmampjiab
PUP.Optional.Legacy             Sprucemarks - fakeocdnmmmnokabaiflppclocckihoj
PUP.Optional.Legacy             SwagButton - gngocbkfmikdgphklgmmehbjjlfgdemm
PUP.Optional.Legacy             algjnflpgoopkdijmkalfcifomdhmcbe
PUP.Optional.Legacy             bbdfnhblopmjjmghkgflplloabcclbmj
PUP.Optional.Legacy             nonjdcjchghhkdoolnlbekcfllmednbl
 
***** [ Chromium URLs ] *****
 
PUP.Optional.Legacy             AVG Secure Search
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries found.
 
***** [ Firefox URLs ] *****
 
No malicious Firefox URLs found.
 
***** [ Hosts File Entries ] *****
 
No malicious hosts file entries found.
 
***** [ Preinstalled Software ] *****
 
No Preinstalled Software found.
 
 
AdwCleaner[S00].txt - [8271 octets] - [16/03/2021 06:38:37]
AdwCleaner[C00].txt - [5392 octets] - [16/03/2021 06:41:02]
 
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
 
2
 
Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 6/12/21
Scan Time: 4:34 PM
Log File: 88f48b44-cbbd-11eb-b12d-bcee7b5a755f.json
 
-Software Information-
Version: 4.4.0.117
Components Version: 1.0.1318
Update Package Version: 1.0.41655
License: Trial
 
-System Information-
OS: Windows 10 (Build 19043.1052)
CPU: x64
File System: NTFS
User: CommandCenter\Mike
 
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 398560
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 8 min, 38 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 0
(No malicious items detected)
 
Registry Value: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 0
(No malicious items detected)
 
File: 0
(No malicious items detected)
 
Physical Sector: 0
(No malicious items detected)
 
WMI: 0
(No malicious items detected)
 
 
(end)

  • 0

Advertisements


#11
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,240 posts

Hi, Josh.
 
Malwarebytes didn't detect anything malicious, but AdwCleaner detected many PUPs, meaning potentially unwanted programs/applications. These include Torch and UCBrowser and some extensions you are using (like New tab page by start.me). Although the term is potentially, I recommend you to uninstall them all, unless you have strong argument to keep any of them.

To proceed, please do the following:
 
AdwCleaner (Clean mode)

  • Double click AdwCleaner.exe on your Desktop, to run it as you did before.
  • Click Scan Now.
  • When the scan has finished a Scan Results window will open.
  • Please check all the boxes and then click Quarantine.
  • Click Next.
    • If any pre-installed software was found on your machine, a prompt window will open. Click OK to close it.
    • Check any pre-installed software items you want to remove.
    • Click Quarantine.
  • A prompt to save your work will appear.
    • Click Continue when you're ready to proceed.
  • A prompt to restart your computer will appear.
    • Click Restart Now.
  • Once your computer has restarted:
    • If it doesn't open automatically, please start AdwCleaner.
    • Click the Log Files tab.
    • Double click on the latest Clean log (Clean logs have a [C0*] suffix, where * is replaced by a number, the latest scan will have the largest number)
    • A Notepad file will open containing the results of the removal.
    • Please post the contents of the file in your next reply.

 

After that, I would like to see fresh FRST logs. Please attach them this time instead of copy/paste them. Click on the More Reply Options button under the reply area, and then you will see the Attach this File button.

  • Double-click on the FRST icon to run it, as you did before. When the tool opens click Yes to disclaimer.
  • Press Scan button and wait for a while.
  • The scanner will produced two logs on your Desktop: FRST.txt and Addition.txt.
  • Please attach the content of these two logs in your next reply.

 

 

In your next reply please post:

  1. The AdwCleaner[C0*].txt
  2. The fresh FRST logs, Addition and FRST 

 


  • 0

#12
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,240 posts

Any progress with the above?


  • 0

#13
Maleboe

Maleboe

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 100 posts

So sorry, I have my son and got distracted. I use the new tab by start.me and the torch browser. UCBrowser can go though.

 

Attached File  AdwCleanerC02.txt   4.53KB   86 downloads

 

 

Attached Files


  • 0

#14
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,240 posts

Apologies for no response yet. I will be with you tomorrow.


  • 0

#15
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 3,240 posts

Hi, Josh.
 
I still see the Avast extension in Vivaldi. There is also a questionable extension in Chrome (Bypass Paywalls). This latter extension is now removed from Chrome and Firefox stores and I would recommend you to uninstall it. See more here. 
 
So, let's go on with uninstalling these extensions and then run a fix.
 
1. Uninstall extensions
 
In Chrome:

Open Chrome.
At the top right choose More (the three vertical dots) > More Tools > Extensions
Find Bypass Paywalls, and remove it, clicking on Remove.
Confirm the action by clicking Remove once again.
 
In Vivaldi:
 
Uninstall Avast Online Security
 
 
2. FRST fix

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

  • Please select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.
Start::
CreateRestorePoint:
CloseProcesses:
SystemRestore: On
AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {EA21BCE8-A461-99C3-3A0D-4C964E75494E}
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
FirewallRules: [{FC2C6EC3-B502-4202-9D00-0C679AC086D9}] => (Allow) E:\Steam Games\steamapps\common\GarrysMod\hl2.exe => No File
FirewallRules: [{FBA38111-17CE-4D72-B32E-92AD4A655739}] => (Allow) C:\Users\Mike\AppData\Local\Temp\HouseCall\tmase\nmap\nmap.exe => No File
FirewallRules: [{DF8F5FCD-A355-46D4-9228-1B8664D6D81C}] => (Allow) C:\Users\Mike\AppData\Local\Torch\Plugins\Hola\hola_plugin_x64.exe => No File
CHR Notifications: Default -> hxxp://127.0.0.1; hxxps://app.houseparty.com; hxxps://calendar.google.com; hxxps://greatist.com; hxxps://onlinemovies.watch; hxxps://pa.zzzpush.icu; hxxps://paidviewpoint.com; hxxps://postmates.com; hxxps://rp.zzzpush.icu; hxxps://us-foodfc.yousweeps.com; hxxps://us.letgo.com; hxxps://voice.google.com; hxxps://www.6pm.com; hxxps://www.aliexpress.com; hxxps://www.androidcentral.com; hxxps://www.comicbookmovie.com; hxxps://www.consumeraffairs.com; hxxps://www.courier-journal.com; hxxps://www.duolingo.com; hxxps://www.ebtcardbalance.com; hxxps://www.game-debate.com; hxxps://www.lawenforcementtoday.com; hxxps://www.netflix.com; hxxps://www.newsweek.com; hxxps://www.orthofeet.com; hxxps://www.tellwut.com; hxxps://www.tennessean.com; hxxps://www.watchcartoononline.io; hxxps://www.watchonline.guide; hxxps://www.windowscentral.com
VIV Notifications: Default -> hxxps://calendar.google.com; hxxps://duo.google.com; hxxps://epicstream.com; hxxps://meet.google.com; hxxps://music.amazon.com; hxxps://old.reddit.com; hxxps://voice.google.com; hxxps://w.kast.live; hxxps://web.telegram.org; hxxps://www.cbssports.com; hxxps://www.game-debate.com; hxxps://www.indiegala.com; hxxps://www.quora.com; hxxps://www.vidangel.com; hxxps://www.wish.com
S2 UCBrowserSvc; "C:\Program Files (x86)\UCBrowser\Application\UCService.exe" [X] <==== ATTENTION
S3 npf; \??\C:\Users\Mike\AppData\Local\Temp\HouseCall\tmase\nmap\npf\x64\npf.sys [X] <==== ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
EmptyTemp: 
End::
  • Please right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt on your Desktop.
  • Please post the log in your next reply.

 

 

In your next reply please post:

  • If everything went fine with the extensions
  • The fixlog.txt
  • Feedback: How is the computer running now?

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP