Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows 10 computer runs too slow [Solved]


  • This topic is locked This topic is locked

#1
John Aukerman

John Aukerman

    Member

  • Member
  • PipPipPip
  • 255 posts

I bought this WIn10 computer about 2.5 years ago, and it has been fine until recently. It runs slower and slower.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-06-2021
Ran by jhauk (administrator) on DESKTOP-6JBP3L9 (Dell Inc. Inspiron 3670) (26-06-2021 12:58:13)
Running from C:\Users\jhauk\Desktop
Loaded Profiles: jhauk
Platform: Windows 10 Home Version 2004 19041.1052 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc -> Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Digiarty Software, Inc. -> DearMob) C:\Program Files (x86)\DearMob\5KPlayer\5KPlayer.exe
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\48.0.13.0\crashpad_handler.exe <2>
(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\48.0.13.0\GoogleDriveFS.exe <8>
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_efb119a73d6b56f6\igfxCUIService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_577b4722c749a41f\OneApp.IGCC.WinService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9a914baee86356a0\IntelCpHDCPSvc.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9a914baee86356a0\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_f881c4be237ce854\RstMwService.exe
(Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\laclient.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7>
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\SystemIdleCheck.exe
(Pro Softnet Corporation -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe
(Pro Softnet Corporation -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_service.exe
(Pro Softnet Corporation -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_tray.exe
(Qualcomm Atheros -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_18c775e07a6aaafd\RtkAudUService64.exe <3>
(Rivet Networks LLC -> DELL) C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RAPS.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Rivet Networks LLC -> Rivet Networks, LLC.) C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_9e45e2d5613ef7ef\WavesSysSvc64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_18c775e07a6aaafd\RtkAudUService64.exe [1257032 2021-04-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWStartup.exe [313064 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2109064 2019-11-27] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320056 2019-12-10] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_9e45e2d5613ef7ef\WavesSvc64.exe [1237920 2019-09-05] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [WSVCUUpdateHelper.exe] => C:\Program Files\Wondershare\Wondershare UniConverter (CPC)\WSVCUUpdateHelper.exe
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [271496 2017-11-02] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [IDrive Background process] => C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe [78176 2020-02-18] (Pro Softnet Corporation -> Prosoftnet)
HKLM-x32\...\Run: [IDrive Tray] => C:\Program Files (x86)\IDriveWindows\id_tray.exe [1977696 2020-02-18] (Pro Softnet Corporation -> Prosoftnet)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [uupdate] => C:\ProgramData\wDcLibs\uhelper.exe [512280 2019-11-28] (Shenzhen Yi Xing Investment Co., Ltd. -> )
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\48.0.13.0\GoogleDriveFS.exe [58172896 2021-05-24] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\48.0.13.0\GoogleDriveFS.exe [58172896 2021-05-24] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\48.0.13.0\GoogleDriveFS.exe [58172896 2021-05-24] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30862320 2019-07-25] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Run: [5KPlayer] => C:\Program Files (x86)\DearMob\5KPlayer\5KPlayer.exe [28456624 2021-01-26] (Digiarty Software, Inc. -> DearMob)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\48.0.13.0\GoogleDriveFS.exe [58172896 2021-05-24] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\BJ Print Processor4: C:\Windows\System32\spool\prtprocs\x64\CNBPP4.DLL [84992 2011-08-30] (CANON INC.) [File not signed]
HKLM\...\Windows x64\Print Processors\Canon MP970 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD91.DLL [27648 2007-05-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon TS8300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDFT.DLL [509952 2019-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\BJ Language Monitor4: C:\WINDOWS\system32\CNBLM4.DLL [267776 2011-08-30] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP970 series: C:\WINDOWS\system32\CNMLM91.DLL [258560 2007-05-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS8300 series: C:\WINDOWS\system32\CNMLMFT.DLL [940032 2019-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [252416 2012-08-30] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.114\Installer\chrmstp.exe [2021-06-17] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NotificationTool.lnk [2020-02-13]
ShortcutTarget: NotificationTool.lnk -> C:\Program Files (x86)\Canon\hdAlbum EZ\NotificationTool.exe (Canon Inc. -> CANON INC.)
Startup: C:\Users\jhauk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\firefox.exe - Shortcut.lnk [2019-10-12]
ShortcutTarget: firefox.exe - Shortcut.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
Startup: C:\Users\jhauk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Indiana FB Posts.docx - Shortcut.lnk [2019-10-21]
ShortcutTarget: Indiana FB Posts.docx - Shortcut.lnk -> C:\Users\jhauk\Desktop\Indiana FB Posts.docx (No File)
Startup: C:\Users\jhauk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trail Life.docx - Shortcut.lnk [2019-11-21]
ShortcutTarget: Trail Life.docx - Shortcut.lnk -> C:\Users\jhauk\Desktop\Trail Life.docx (No File)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1684B791-B395-4DD1-A66B-D08FE33B62CE} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\Explorer.exe /NOUACCHECK
Task: {3946A875-A93C-4928-926E-F6CA792F8893} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3EB46213-22D7-4598-B91B-E5DA13C3E2A1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4C26AFD1-5C37-4F8A-BC2C-27E939578E35} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-18] (Google Inc -> Google Inc.)
Task: {4DBE5CFE-4137-406F-84BA-7B7CCE1E9ADD} - System32\Tasks\Norton Security Scan for jhauk => C:\Program Files (x86)\Norton Security Scan\Engine\4.6.1.179\Nss.exe [848912 2019-02-15] (Symantec Corporation -> Symantec Corporation)
Task: {6113DE98-18FB-45F5-8E61-856727E5D48E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147320 2021-06-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {68E112ED-601F-428D-848D-BD0B940D7F89} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [690616 2021-06-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {7CBEC024-B0E4-4CCF-A8D4-8D32633EBCF9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124896 2021-06-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {82C37CD8-60F8-447B-BBD5-3B11FB416215} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {85DF244C-6AD5-4394-BBF3-31F07BFDED0D} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1059872 2021-05-24] (Dell Inc -> Dell Inc.)
Task: {88F1048A-E883-4F12-9D28-98A5C8C00B37} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [95072 2020-08-14] (Rivet Networks LLC -> DELL)
Task: {9D904B96-E053-486A-A163-FE749D9823EA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124896 2021-06-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {B3AFAED3-7574-49A6-8119-23127F5A1B9C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CDDE49F6-7867-44EC-A062-343791A98317} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DC24A639-C495-4029-8875-650BD3169F6A} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2019-07-25] (Garmin International, Inc. -> )
Task: {E12717D5-AA3C-4AB7-A2CB-A857DF628A14} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147320 2021-06-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {EDFF0B54-722B-4DB3-93E5-B0A4BC32CA25} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1510832 2021-06-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {FCA6206D-B840-474E-8114-64E82E20DEBF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-18] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{e6d416ea-722e-4537-9bf4-49c06dbe3514}: [DhcpNameServer] 192.168.1.254

Edge:
=======
DownloadDir: C:\Users\jhauk\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\jhauk\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-26]
Edge DownloadDir: Default -> C:\Users\jhauk\Downloads
Edge StartupUrls: Default -> "hxxps://www.onlinebanking.pnc.com/alservlet/PNCOnlineBankingServletLogin"

FireFox:
========
FF DefaultProfile: ou4ydgfb.default-1553941110074
FF ProfilePath: C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074 [2021-06-26]
FF DownloadDir: C:\Users\jhauk\Desktop
FF Homepage: Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074 -> hxxps://www.facebook.com/|hxxps://mail.google.com/mail/u/0/?ui=2#inbox|hxxps://calendar.google.com/calendar/u/0/r/day?tab=mc
FF Notifications: Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074 -> hxxps://www.facebook.com; hxxps://usa.life; hxxps://mail.google.com
FF HomepageOverride: Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074 -> Disabled: [email protected]
FF NewTabOverride: Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074 -> Disabled: [email protected]
FF Extension: (F.B Purity - Cleans up Facebook) - C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074\Extensions\[email protected] [2021-05-11] [UpdateUrl:hxxps://www.fbpurity.com/FF-FBP-Ext-Updates.json]
FF Extension: (Gaming Assassin) - C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074\Extensions\[email protected] [2019-11-22] [UpdateUrl:hxxps:\/\/updates.tb.ask.com\/updateXpi.json?id=224233761&version=8.924.16.56986&track=TTAB02&trackRevision=1&fromId=_e7Members_%40free.gamingassassin.com&isBridgeExtension=false]
FF Extension: (MediaPlayer Search) - C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074\Extensions\{b779151f-7a4c-46b2-83e4-3dbad231a9b9}.xpi [2019-12-06] [UpdateUrl:hxxps://cdn.mediaplayer10-cdn.com/xpi/mediaplayer10/settings_Api/0919/no_ba/updates.json]
FF Extension: (Zoom Scheduler) - C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074\Extensions\{bf855ead-d7c3-4c7b-9f88-9a7e75c0efdf}.xpi [2021-05-19]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default [2021-06-26]
CHR DownloadDir: C:\Users\jhauk\Desktop
CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/u/0/#inbox","hxxps://calendar.google.com/calendar/r?tab=mc","hxxps://www.facebook.com/"
CHR NewTab: Default ->  Not-active:"chrome-extension://bcedopgbjnjfngcejdmkppbcmcgndpkg/newtab/quicknewtabpage.html"
CHR Extension: (Slides) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-18]
CHR Extension: (Docs) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-18]
CHR Extension: (Google Drive) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (Satellite Earth) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcedopgbjnjfngcejdmkppbcmcgndpkg [2019-07-25]
CHR Extension: (YouTube) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-18]
CHR Extension: (Sheets) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-18]
CHR Extension: (Google Docs Offline) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-13]
CHR Extension: (Mountain River) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\hldnnpdpbcplkacehcbafmncblojlead [2020-05-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-28]
CHR Extension: (Gmail) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-25]
CHR HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-06-23] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [422128 2021-03-09] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3975712 2021-03-09] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [623136 2021-03-09] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1009264 2021-03-30] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [19128 2021-04-01] (Dell Inc -> Dell INC.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2021-01-19] (Dell Inc -> )
R2 IDriveService; C:\Program Files (x86)\IDriveWindows\id_service.exe [334688 2020-02-18] (Pro Softnet Corporation -> Prosoftnet)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [399296 2019-11-28] (Canon Inc. -> )
R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [64848 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64856 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1630576 2020-08-14] (Rivet Networks LLC -> Rivet Networks)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2385256 2020-08-14] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-05-24] (Dell Inc -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\TunesGo\DriverInstall.exe [107624 2018-12-13] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
R1 googledrivefs3301; C:\WINDOWS\System32\DRIVERS\googledrivefs3301.sys [132456 2020-11-19] (Google LLC -> Google, Inc.)
R1 googledrivefs3460; C:\WINDOWS\System32\DRIVERS\googledrivefs3460.sys [389600 2021-05-24] (Google LLC -> Google, Inc.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [226984 2018-05-02] (McAfee, Inc. -> McAfee, Inc.)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [164424 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425184 2021-06-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-13] (Microsoft Windows -> Microsoft Corporation)
S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-26 12:58 - 2021-06-26 13:01 - 000027912 _____ C:\Users\jhauk\Desktop\FRST.txt
2021-06-26 12:57 - 2021-06-26 12:57 - 002300416 _____ (Farbar) C:\Users\jhauk\Desktop\FRST64.exe
2021-06-26 12:57 - 2021-06-26 12:57 - 000000000 ____D C:\Users\jhauk\Desktop\FRST-OlderVersion
2021-06-26 12:56 - 2021-06-26 13:00 - 000000000 ____D C:\FRST
2021-06-26 00:51 - 2021-06-26 00:51 - 000801767 _____ C:\Users\jhauk\Desktop\Redeemed - Quartet.pdf
2021-06-24 12:53 - 2021-06-24 12:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-06-24 06:59 - 2021-06-24 06:59 - 000724993 _____ C:\Users\jhauk\Desktop\EM-SRL-10.pdf
2021-06-24 06:41 - 2021-06-24 06:41 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-06-23 22:52 - 2021-04-22 01:06 - 006459880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2021-06-23 22:52 - 2021-04-22 00:56 - 045539300 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2021-06-23 22:51 - 2021-04-22 01:08 - 000276832 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTHDASIO64.dll
2021-06-23 22:51 - 2021-04-22 01:08 - 000231264 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RTHDASIO.dll
2021-06-21 10:07 - 2021-06-21 10:07 - 000264533 _____ C:\Users\jhauk\Desktop\Deed.pdf
2021-06-20 14:41 - 2021-06-20 14:41 - 000003396 _____ C:\Users\jhauk\Desktop\Funk, Wilford & Gloria - possible prop. 1950 (1).html
2021-06-17 22:44 - 2021-06-17 22:44 - 011030299 _____ C:\Users\jhauk\Documents\FUNK (2021-06-17).rmgb
2021-06-16 02:36 - 2021-06-16 02:36 - 002780517 _____ C:\Users\jhauk\Desktop\Current tax map.pdf
2021-06-12 20:31 - 2021-06-12 20:31 - 011028048 _____ C:\Users\jhauk\Documents\FUNK (2021-06-12).rmgb
2021-06-10 11:10 - 2021-06-10 11:10 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-06-09 21:55 - 2021-06-09 21:55 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-09 21:55 - 2021-06-09 21:55 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-09 21:55 - 2021-06-09 21:55 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-09 21:55 - 2021-06-09 21:55 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-06-09 21:55 - 2021-06-09 21:55 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-09 21:55 - 2021-06-09 21:55 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-09 21:55 - 2021-06-09 21:55 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-09 21:55 - 2021-06-09 21:55 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-09 21:55 - 2021-06-09 21:55 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-09 21:55 - 2021-06-09 21:55 - 000011353 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-09 21:54 - 2021-06-09 21:54 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-09 21:54 - 2021-06-09 21:54 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-09 21:54 - 2021-06-09 21:54 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-06-09 21:54 - 2021-06-09 21:54 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-09 21:54 - 2021-06-09 21:54 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-09 21:54 - 2021-06-09 21:54 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-09 21:54 - 2021-06-09 21:54 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-06-09 21:53 - 2021-06-09 21:53 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-02 23:33 - 2021-06-02 23:33 - 011025673 _____ C:\Users\jhauk\Documents\FUNK (2021-06-02).rmgb
2021-05-27 15:27 - 2021-05-24 12:39 - 000389600 _____ (Google, Inc.) C:\WINDOWS\system32\Drivers\googledrivefs3460.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-26 13:01 - 2019-03-18 10:16 - 000000000 ____D C:\ProgramData\IDrive
2021-06-26 12:54 - 2019-03-18 09:43 - 000000000 ____D C:\ProgramData\Mozilla
2021-06-26 12:53 - 2019-03-18 09:43 - 000000000 ____D C:\Users\jhauk\AppData\LocalLow\Mozilla
2021-06-26 12:52 - 2020-08-05 02:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-26 12:12 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-26 10:58 - 2020-06-08 06:52 - 000000000 ____D C:\Users\jhauk\Documents\Outlook Files
2021-06-26 10:19 - 2019-04-09 06:11 - 000000000 ____D C:\Users\jhauk\Desktop\Auk Pics
2021-06-26 09:26 - 2020-06-20 06:07 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-26 09:26 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-26 09:26 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-26 09:18 - 2021-04-09 08:30 - 000000000 ____D C:\Users\jhauk\AppData\Roaming\5KPlayer
2021-06-26 00:59 - 2019-03-18 18:50 - 000000000 ____D C:\Users\jhauk\Documents\Bren
2021-06-25 15:36 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-25 15:04 - 2019-03-18 09:26 - 000000000 ____D C:\Users\jhauk\AppData\Local\Packages
2021-06-24 22:48 - 2019-07-30 07:16 - 004647936 _____ C:\Users\jhauk\Documents\aukerman20190730.rmgc
2021-06-24 22:48 - 2019-04-08 06:46 - 040681472 _____ C:\Users\jhauk\Documents\FUNK.rmgc
2021-06-24 12:53 - 2019-03-18 09:43 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-06-24 01:37 - 2019-03-27 11:34 - 000000000 ____D C:\Users\jhauk\Desktop\Lou Ann - Choruses; Print-Scan, save to comp., doc. (pdf)
2021-06-23 08:22 - 2019-03-18 18:57 - 000000000 ____D C:\Users\jhauk\Desktop\John
2021-06-23 08:19 - 2019-03-19 05:21 - 000000000 ____D C:\Users\Aukerman\Desktop\John
2021-06-23 02:25 - 2019-04-02 08:43 - 000000000 ____D C:\Program Files\Microsoft Office
2021-06-18 09:07 - 2021-01-22 07:13 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-17 21:59 - 2019-03-18 09:35 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-17 06:39 - 2019-03-18 09:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-06-13 07:39 - 2018-11-21 03:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-10 06:59 - 2020-08-05 02:43 - 000842418 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-10 06:53 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-10 06:52 - 2020-08-05 02:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-10 06:52 - 2020-08-05 02:33 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-10 06:52 - 2018-11-21 03:30 - 000000000 ____D C:\Intel
2021-06-10 01:44 - 2019-12-07 05:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-06-10 01:36 - 2020-08-05 02:33 - 000508560 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-10 01:33 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-10 01:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-10 01:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-10 01:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-10 01:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-10 01:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-10 01:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-06-10 01:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-10 01:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-10 01:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-10 01:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-09 22:01 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-09 21:26 - 2019-03-19 06:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-06-09 21:16 - 2019-03-19 06:00 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-06-09 08:10 - 2020-02-13 14:56 - 000000000 ____D C:\ProgramData\CanonIJPLM
2021-06-05 13:41 - 2018-11-21 03:27 - 000000000 ____D C:\ProgramData\Dell
2021-06-05 11:34 - 2018-11-21 03:26 - 000000000 ____D C:\ProgramData\Package Cache
2021-06-05 10:44 - 2020-01-18 18:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2021-05-29 22:16 - 2019-03-18 10:23 - 000000000 ____D C:\Users\jhauk\Desktop\Brenda
2021-05-29 03:13 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-05-27 15:27 - 2021-02-03 14:32 - 000002030 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk

==================== Files in the root of some directories ========

2003-11-10 16:27 - 2003-11-10 16:26 - 000376884 _____ () C:\Program Files\image001.bmp
2021-01-18 13:44 - 2021-01-18 13:44 - 000000171 _____ () C:\Users\jhauk\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-06-2021
Ran by jhauk (26-06-2021 13:04:27)
Running from C:\Users\jhauk\Desktop
Windows 10 Home Version 2004 19041.1052 (X64) (2020-08-05 06:51:15)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1015540938-3996997567-1391499832-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1015540938-3996997567-1391499832-503 - Limited - Disabled)
Guest (S-1-5-21-1015540938-3996997567-1391499832-501 - Limited - Disabled)
jhauk (S-1-5-21-1015540938-3996997567-1391499832-1001 - Administrator - Enabled) => C:\Users\jhauk
WDAGUtilityAccount (S-1-5-21-1015540938-3996997567-1391499832-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 4.8 (HKLM\...\{2FA2F521-494C-4E8F-8C30-3D3E81590413}) (Version: 4.8.0.2852 - Open Media LLC)
5KPlayer (HKLM-x32\...\5KPlayer) (Version: 6.5 - DearMob, Inc.)
AceMoney (HKLM-x32\...\AceMoney_is1) (Version:  - MechCAD Software)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (HKLM\...\{B7626024-53D9-4982-A1EE-64BC9438DFD5}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.10.2 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.30.1.52 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.5.5.3 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.2.0 - Canon Inc.)
Canon MP970 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP970_series) (Version:  - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.2 - Canon Inc.)
Canon TS8300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS8300_series) (Version: 1.01 - Canon Inc.)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 5.59 - NCH Software)
Dell Digital Delivery Service (HKLM-x32\...\{DD47FCB3-5038-40CE-A02A-85F51BA03F37}) (Version: 3.6.1012.0 - Dell Products, LP)
Dell Mobile Connect Drivers (HKLM\...\{04DF02C6-E3D7-4D26-A44C-6F8A2E218D2C}) (Version: 1.3.6844 - Screenovate Technologies Ltd.)
Dell SupportAssist (HKLM\...\{A3E44B1D-1AC1-414F-A7D4-0824E0A49F3A}) (Version: 3.9.1.245 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{900D0BCD-0B86-4DAA-B639-89BE70449569}) (Version: 5.4.1.14954 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{ec40a028-983b-4213-af2c-77ed6f6fe1d5}) (Version: 5.4.1.14954 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{E9E87628-7D88-4557-9A80-49B2B4A81460}) (Version: 5.4.1.14954 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{ef6a1215-d616-4e4f-9453-525ed9903031}) (Version: 5.4.1.14954 - Dell Inc.)
Dell Update for Windows 10 (HKLM\...\{41D2D254-D869-4CD8-B440-5DF49083C4BA}) (Version: 4.1.0 - Dell Inc.)
Dynamic Application Loader Host Interface Service (HKLM\...\{3252E69D-9075-40FD-A9EF-F6D96091B5BF}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Elevated Installer (HKLM-x32\...\{067FCCD5-0DC8-4D84-849C-A82656EFD36C}) (Version: 6.16.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{78B7CE44-6303-4EC8-9A53-B7F3F3F89E24}) (Version: 6.16.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{824324a6-400d-4ee8-9aa0-72a8627a425e}) (Version: 6.16.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.114 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 48.0.13.0 - Google LLC)
hdAlbum EZ (HKLM-x32\...\{014BBF3C-D9C4-4FD0-857D-E7DDC95263C0}) (Version: 1.7.1.6 - Canon Inc.)
IDrive version 6.7.3.6 (HKLM-x32\...\IDrive_is1) (Version: 6.7.3.6 - Pro Softnet Corp)
Intel® Chipset Device Software (HKLM-x32\...\{70281077-96c3-4f75-938c-dc4746110c00}) (Version: 10.1.17903.8106 - Intel® Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1932.12.0.1298 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.8141 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.9.1040 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{05817e4d-5f15-49b4-afec-7edb31fc7dd6}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{C81FD018-F151-460F-B4F9-0D58039503E2}) (Version: 17.2.4.9002 - Intel Corporation)
Jihosoft Phone Transfer version 3.4.2.0 (HKLM-x32\...\{116B8806-B959-4600-8591-35E60440BD3D}_is1) (Version: 3.4.2.0 - HONGKONG JIHO CO., LIMITED)
Logitech Options (HKLM\...\LogiOptions) (Version: 8.10.84 - Logitech)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.14026.20308 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.59 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 91.0.864.59 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movavi Screen Recorder Studio 10 (HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Movavi Screen Recorder Studio 10) (Version: 10.2.0 - Movavi)
Mozilla Firefox 89.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 89.0.2 (x64 en-US)) (Version: 89.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.2 - Mozilla)
MusicTime Deluxe (HKLM-x32\...\MusicTime Deluxe 4.0.4) (Version: 4.0.4 - Passport)
MusicTime Deluxe 3.5.5 (HKLM-x32\...\MusicTime Deluxe 3.5.5) (Version:  - )
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.6.1.179 - Symantec Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20308 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20308 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Printer Registration (HKLM-x32\...\Canon EISRegistration) (Version: 1.5.0 - Canon Inc.)
Qualcomm WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8791.1 - Realtek Semiconductor Corp.)
RootsMagic 7.6.1.0 (HKLM-x32\...\{D6286873-A757-4A4D-A6EF-0081B3EE32CA}_is1) (Version: RootsMagic 7.6.1.0 - RootsMagic, Inc.)
SmartByte Drivers and Services (HKLM\...\{9668B1BB-D0FE-4C0C-800C-B1555E069A62}) (Version: 3.1.940 - Rivet Networks)
Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 8.18 - NCH Software)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{FBA3961B-D1DF-493C-BC1F-E67D3B832895}) (Version: 2.56.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
VSDC Free Video Editor version 6.3.9.49 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.3.9.49 - Flash-Integro LLC)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Web Launch Recorder (HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\WebLaunchRecorder) (Version: 2.0 - )
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Wondershare TunesGo ( Version 9.7.3 ) (HKLM-x32\...\{0B31C808-8274-460D-8846-C711D40544A0}_is1) (Version: 9.7.3 - Wondershare)
Zoom (HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\ZoomUMX) (Version: 5.4.9 (59931.0110) - Zoom Video Communications, Inc.)

Packages:
=========
Audacity 2 -> C:\Program Files\WindowsApps\42109FactoriaDatacenter.Audacity2_2.3.2.0_neutral__zaf1c6h4vqsbt [2019-05-29] (Repackagerexpress.com)
Baseball Game Pro -> C:\Program Files\WindowsApps\25228GameMotionStudio.BaseballGamePro_1.0.1.0_x64__t5x6bekc08gee [2019-11-22] (Game Motion Studio) [MS Ad]
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.60.1.0_x86__kgqvnymyfvs32 [2021-06-25] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2040.2.0_x86__kgqvnymyfvs32 [2021-06-12] (king.com)
Canon Office Printer Utility -> C:\Program Files\WindowsApps\34791E63.CanonOfficePrinterUtility_12.7.0.0_x64__6e5tt8cgb93ep [2019-08-26] (Canon Inc.)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_12.0.2.0_x86__m9bz608c1b9ra [2021-04-09] (Nordcurrent)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.2.52.0_x64__htrsf667h5kn2 [2021-04-07] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.90.0_x64__htrsf667h5kn2 [2021-05-27] (Dell Inc)
Dell Mobile Connect 3.3 -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9803.0_x64__0vhbc3ng4wbp0 [2021-06-20] (Screenovate Technologies) [Startup Task]
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.9.13.0_x64__htrsf667h5kn2 [2021-06-10] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.1.15.0_x86__htrsf667h5kn2 [2021-02-21] (Dell Inc)
Downloader for YouTube. Free Coverter to MP3, MP4 & AVI. -> C:\Program Files\WindowsApps\13240GoodBuzzMedia.DownloaderforYouTube.FreeCovert_1.1.17.0_x64__pkybfkfh0fpqa [2020-11-03] (Good Buzz Media)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2020-01-17] (Dropbox Inc.)
Express Burn CD and DVD Burner Free -> C:\Program Files\WindowsApps\NCHSoftware.ExpressBurnFree_10.2.0.0_x86__7kedsbyvzns34 [2021-06-18] (NCH Software)
Fitbit -> C:\Program Files\WindowsApps\Fitbit.Fitbit_2.44.1997.0_x64__6mqt6hf9g46tw [2019-11-14] (Fitbit)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-03-18] (Fitbit)
Free Instant Youtube Downloader -> C:\Program Files\WindowsApps\356E5ED5.FreeInstantYoutubeDownloader_1.5.2.0_x64__n9erwrkheyjxe [2020-02-05] (Prospera Software Inc.) [MS Ad]
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.15.0_neutral__8xx8rvfyw5nnt [2021-06-25] (Instagram)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt [2021-05-14] (INTEL CORP) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-17] (INTEL CORP)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa [2021-05-14] (Apple Inc.) [Startup Task]
Libby, by OverDrive -> C:\Program Files\WindowsApps\2FA138F6.LibbybyOverDrive_1.4.2.0_x64__daecb9042jmvt [2019-07-20] (OverDrive Inc.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-03-18] (LinkedIn)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.60.0_x64__wafk5atnkzcwy [2021-02-26] (McAfee LLC.)
Media Player -> C:\Program Files\WindowsApps\YellowElephantProductions.MediaPlayerS_1.175.91.0_x64__p3e1zgp7z7szg [2021-05-27] (Yellow Elephant Productions)
Media Suite Essentials for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.MediaSuiteEssentialsforDell_2.6.4028.0_x86__mcezb6ze687jp [2020-03-27] (CYBERLINK CORPORATION.)
Meme-Generator -> C:\Program Files\WindowsApps\8840NaveenCS.Meme-Generator_3.3.0.0_neutral__20e0kv46hk748 [2019-04-27] (Naveen CS)
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1809.1.0_x64__8wekyb3d8bbwe [2019-11-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1809.1.0_x86__8wekyb3d8bbwe [2019-11-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-20] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.17.201.0_x64__8wekyb3d8bbwe [2021-06-25] (Microsoft Studios)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-24] (Microsoft Corporation)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_1.8.40.0_x64__htrsf667h5kn2 [2021-05-14] (Dell Inc)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-16] (Netflix, Inc.)
OpenShot Video Editor - MS Store Port -> C:\Program Files\WindowsApps\37559StorePorts.OpenShotVideoEditor-MSStorePort_1.1.2.0_x64__gbs9e2cxjv4vj [2020-02-22] (Store Ports)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-01] (Microsoft Corporation)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.27.1.0_x64__nfy108tqq3p12 [2021-02-20] (Thumbmunkeys Ltd)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2019-03-18] (Plex)
Power Media Player for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerMediaPlayerforDell_14.2.3224.0_x86__mcezb6ze687jp [2021-03-09] (CYBERLINK CORPORATION.)
Power2Go for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.Power2GoforDell_11.0.3920.0_x86__mcezb6ze687jp [2020-08-12] (CYBERLINK CORPORATION.) [Startup Task]
PowerDirector for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerDirectorforDell_15.0.4409.0_x64__mcezb6ze687jp [2019-03-18] (CYBERLINK CORPORATION.)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.483.31805.0_x86__55nm5eh3cm0pr [2021-06-20] (ROBLOX Corporation)
Screen Recorder Lite -> C:\Program Files\WindowsApps\YellowElephantProductions.ScreenRecorderLite_1.142.137.0_x64__p3e1zgp7z7szg [2021-05-27] (Yellow Elephant Productions) [Startup Task]
SHARE.it -> C:\Program Files\WindowsApps\30608Paradox.SHAREit81_1.7.18.0_x64__ghshvk1r7eapp [2019-04-30] (SHAREit Technologies Co.Ltd) [MS Ad]
Slack -> C:\Program Files\WindowsApps\91750D7E.Slack_4.17.1.0_x64__8she8kybcnzg4 [2021-06-18] (Slack Technologies Inc.) [Startup Task]
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.971.0_x64__rh07ty8m5nkag [2021-05-17] (Rivet Networks LLC)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation)
Ultra Screen Recorder -> C:\Program Files\WindowsApps\D5BE6627.UltraScreenRecorder_2.0.9.0_x86__9pm2v9747qaaa [2021-03-29] (CompuClever Systems Inc.)
VideoPad Video Editor Free -> C:\Program Files\WindowsApps\NCHSoftware.VideoPadVideoEditorFree_10.5.2.0_x86__7kedsbyvzns34 [2021-06-24] (NCH Software)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2019-10-11] (VideoLAN)
Waves MaxxAudio Pro for Dell -> C:\Program Files\WindowsApps\WavesAudio.WavesMaxxAudioProforDell_1.1.131.0_x64__fh4rh281wavaa [2019-03-18] (Waves Audio)
Windows DVD Player -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer2_10.17091.10381.0_x64__8wekyb3d8bbwe [2021-04-09] (Microsoft Corporation)
Zalo Desktop -> C:\Program Files\WindowsApps\VNGOnline.Zalofordesktop_19.8.1.0_x64__z59ddpn1nx8g0 [2019-08-17] (VNG Online)
ZAPYA -> C:\Program Files\WindowsApps\EBAC32FB.ZAPYA_1.2.6.0_x86__7pjp2xjm0bc9w [2019-04-30] (邻动(北京)技术有限公司)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [          0001IDSIcon1] -> {0FA6DCC0-CF0B-427D-A8AF-97C466AB5769} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2020-02-18] (Pro Softnet Corporation -> Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: [          0001IDSIcon2] -> {66357BBE-D2E5-453C-95FF-8102EB32419D} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2020-02-18] (Pro Softnet Corporation -> Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: [          0001IDSIcon3] -> {904E6336-8B13-43FA-B4C3-5B62C1C91971} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2020-02-18] (Pro Softnet Corporation -> Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\48.0.13.0\drivefsext.dll [2021-05-24] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\48.0.13.0\drivefsext.dll [2021-05-24] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\48.0.13.0\drivefsext.dll [2021-05-24] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\48.0.13.0\drivefsext.dll [2021-05-24] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-25] () [File not signed] [File is in use]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\48.0.13.0\drivefsext.dll [2021-05-24] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2020-02-18] () [File not signed]
ContextMenuHandlers2: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2020-02-18] () [File not signed]
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-25] () [File not signed] [File is in use]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\48.0.13.0\drivefsext.dll [2021-05-24] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2020-02-18] () [File not signed]
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\48.0.13.0\drivefsext.dll [2021-05-24] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_0219cc1c7085a93f\igfxDTCM.dll [2018-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.voxacm160] => C:\WINDOWS\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\WINDOWS\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\WINDOWS\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lame] => C:\WINDOWS\system32\lame.ax [245760 2005-08-01] () [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\WINDOWS\system32\xvidvfw.dll [139264 2004-07-03] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-04-09 08:30 - 2019-06-20 22:12 - 000075264 _____ () [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\libgcc_s_seh-1.dll
2021-04-09 08:30 - 2019-06-20 22:12 - 001430016 _____ () [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\libstdc++-6.dll
2021-04-09 08:30 - 2019-06-20 22:17 - 000215040 _____ () [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\libupnp.dll
2020-02-23 19:04 - 2020-02-18 13:19 - 005034496 _____ () [File not signed] C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll
2020-02-23 19:04 - 2020-02-18 13:19 - 000834048 _____ () [File not signed] C:\Program Files (x86)\IDriveWindows\sqlite3.dll
2019-10-21 08:56 - 2019-10-21 08:56 - 000144896 _____ () [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\libssh2.dll
2019-10-21 08:56 - 2019-10-21 08:56 - 000077824 _____ () [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\zlib.dll
2020-02-13 15:02 - 2016-10-21 17:06 - 000318976 _____ (CANON INC) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\scchmpm.dll
2020-02-13 15:02 - 2017-06-27 11:59 - 000219648 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\cnmpu2.dll
2020-02-13 15:02 - 2017-11-02 16:36 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_ENU.DLL
2020-02-13 15:02 - 2017-11-02 16:36 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2011-08-30 08:06 - 2011-08-30 08:06 - 000267776 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNBLM4.DLL
2019-03-19 05:52 - 2012-08-30 11:18 - 000252416 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2019-03-18 09:21 - 2011-08-30 08:06 - 000084992 _____ (CANON INC.) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\CNBPP4.DLL
2021-04-09 08:30 - 2020-04-01 07:41 - 015414272 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\avcodec-58.dll
2021-04-09 08:30 - 2020-04-01 07:41 - 003311616 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\avformat-58.dll
2021-04-09 08:30 - 2020-04-01 07:41 - 000690688 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\avutil-56.dll
2021-04-09 08:30 - 2020-04-01 07:41 - 000126464 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\swresample-3.dll
2021-04-09 08:30 - 2020-04-01 07:41 - 000544256 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\swscale-5.dll
2021-04-09 08:30 - 2019-06-20 22:16 - 000082944 _____ (Open Source Software community LGPL) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\pthreadVC2.dll
2020-08-14 22:29 - 2020-08-14 22:29 - 000122880 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll
2020-12-01 01:14 - 2020-12-01 01:14 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll
2019-10-21 08:56 - 2019-10-21 08:56 - 000355840 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\LIBCURL.dll
2019-10-21 08:56 - 2019-10-21 08:56 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\LIBEAY32.dll
2019-10-21 08:56 - 2019-10-21 08:56 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\SSLEAY32.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000169984 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\libvlc.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 002197504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\libvlccore.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libaccess_concat_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000051200 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libaccess_imem_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000084992 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libaccess_mms_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000123392 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libaccess_realrtsp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000037376 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libaccess_wasapi_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000018944 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libattachment_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000175104 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libcdda_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000286720 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libdshow_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000284160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libdtv_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000270336 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libdvdnav_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000180224 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libdvdread_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000047616 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libfilesystem_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000105984 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libftp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000053760 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libhttp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000135168 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libhttps_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libidummy_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000019456 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libimem_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 002432512 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\liblibbluray_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000791040 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\liblive555_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000188928 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libnfs_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000653312 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\librtp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000053760 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libsatip_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000027136 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libscreen_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000018944 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libsdp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000832000 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libsftp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libshm_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000046080 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libsmb_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000019456 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libtcp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000043008 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libtimecode_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libudp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000086016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libvcd_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000084480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libvdr_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 002146816 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libvnc_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000018432 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access_output\libaccess_output_dummy_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000022016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access_output\libaccess_output_file_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000024064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access_output\libaccess_output_http_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000657920 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access_output\libaccess_output_livehttp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000443392 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access_output\libaccess_output_shout_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access_output\libaccess_output_udp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000044032 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libaudio_format_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000048640 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libaudiobargraph_a_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000028672 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libchorus_flanger_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000032256 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libcompressor_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000019456 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000060416 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libequalizer_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000018944 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libgain_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000025088 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libheadphone_channel_mixer_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000019456 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libkaraoke_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000149504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libmad_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000026112 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libmono_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000022528 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libnormvol_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000028160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libparam_eq_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000025600 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libremap_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 001500160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libsamplerate_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000032768 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libscaletempo_pitch_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000028160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libscaletempo_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000027648 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 001048064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libspatialaudio_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000093696 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libspatializer_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000030720 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libspeex_resampler_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000022528 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libstereo_widen_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000034816 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libtospdif_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000020992 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000018944 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libugly_resampler_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000019456 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_mixer\libfloat_mixer_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000022528 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_mixer\libinteger_mixer_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000018432 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_output\libadummy_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000022016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_output\libafile_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000020480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_output\libamem_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000039936 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_output\libdirectsound_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000047104 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_output\libmmdevice_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000036864 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_output\libwasapi_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000036864 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_output\libwaveout_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000088064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\liba52_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000028160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libadpcm_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000020992 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libaes3_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 007614976 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libaom_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000041472 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libaraw_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 026777088 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libavcodec_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000068096 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libcc_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000024576 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libcdg_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000101376 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libcrystalhd_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000024576 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libcvdsub_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000259584 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libd3d11va_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 001253888 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libdav1d_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000191488 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libdca_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000042496 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libddummy_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000037888 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libdmo_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000089088 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libdvbsub_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000218112 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libdxva2_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000018432 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libedummy_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000280064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libfaad_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000429056 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libflac_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000311296 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libfluidsynth_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000032256 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libg711_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000220160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libjpeg_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000075264 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libkate_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 002533376 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\liblibass_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000125952 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\liblibmpeg2_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000029184 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\liblpcm_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000117248 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libmft_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000333824 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libmpg123_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\liboggspots_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000328704 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libopus_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000184320 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libqsv_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\librawvideo_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000018944 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\librtpvideo_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 001435648 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libschroedinger_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000024576 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libscte18_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000037376 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libscte27_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000671744 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libsdl_image_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000018432 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libspdif_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000145408 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libspeex_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000028160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libspudec_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000025088 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libstl_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000055808 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libsubsdec_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000024064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libsubstx3g_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000031744 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libsubsusf_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000024576 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libsvcdsub_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000018432 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libt140_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000023040 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libtextst_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000315392 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libtheora_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000101376 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libttml_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000138240 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libtwolame_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000020480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libuleaddvaudio_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000765440 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libvorbis_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 003690496 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libvpx_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000167424 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libwebvtt_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 001010176 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libx264_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 004764160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libx265_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 001494016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libzvbi_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000018432 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\control\libdummy_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000024576 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\control\libgestures_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000064512 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\control\libhotkeys_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\control\libnetsync_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000046080 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\control\libntservice_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000073728 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\control\liboldrc_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000022528 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\control\libwin_hotkeys_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\control\libwin_msg_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000192512 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\d3d11\libdirect3d11_filters_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000142848 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\d3d9\libdirect3d9_filters_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 002265600 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libadaptive_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libaiff_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000097792 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libasf_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000020480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libau_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000113664 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libavi_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000027136 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libcaf_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libdemux_cdg_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000088064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libdemux_chromecast_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000022528 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libdemux_stl_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libdemuxdump_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000020480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libdiracsys_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019456 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libdirectory_demux_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000046080 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libes_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000094720 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libflacsys_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000356352 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libgme_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000124416 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libh26x_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000030720 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libimage_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000025600 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libmjpeg_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 001723392 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libmkv_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000296960 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libmp4_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000085504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libmpc_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libmpgv_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000018432 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libnoseek_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000056832 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libnsc_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000024064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libnsv_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000027136 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libnuv_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000323584 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libogg_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000149504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libplaylist_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000047616 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libps_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000026112 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libpva_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\librawaud_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000022528 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\librawdv_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000024576 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\librawvid_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000039936 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libreal_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 001231872 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libsid_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000026112 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libsmf_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000098304 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libsubtitle_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000304640 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libts_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000020992 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libtta_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000040960 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libty_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000020480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libvc1_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000085504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libvobsub_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libvoc_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000028160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libwav_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libxa_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000049152 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\keystore\libfile_keystore_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000020480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\keystore\libmemory_keystore_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000041472 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\logger\libconsole_logger_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000044544 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\logger\libfile_logger_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000041984 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\meta_engine\libfolder_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 001478656 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\meta_engine\libtaglib_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000086016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\libaddonsfsstorage_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000078848 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\libaddonsvorepository_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000054784 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\libaudioscrobbler_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000050688 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\libexport_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000061440 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\libfingerprinter_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 001379328 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\libgnutls_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000018432 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\liblogger_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\libstats_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000100352 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\libvod_rtsp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 001485312 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\libxml_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000051712 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\mux\libmux_asf_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000037376 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\mux\libmux_avi_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019456 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\mux\libmux_dummy_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000227840 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\mux\libmux_mp4_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000041472 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\mux\libmux_mpjpeg_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000073728 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\mux\libmux_ogg_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000069632 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\mux\libmux_ps_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000144384 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\mux\libmux_ts_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000022528 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\mux\libmux_wav_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000030208 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_a52_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000043008 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_av1_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_copy_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000034816 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_dirac_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000028672 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_dts_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000029184 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_flac_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000153088 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_h264_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000116224 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_hevc_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000036864 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_mlp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000070656 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000033792 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000025088 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_mpegaudio_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000033792 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000040448 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_vc1_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\services_discovery\libmediadirs_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000026112 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\services_discovery\libpodcast_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000132608 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\services_discovery\libsap_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000437248 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\services_discovery\libupnp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\services_discovery\libwindrive_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000028160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\spu\libaudiobargraph_v_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000027136 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\spu\liblogo_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000026624 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\spu\libmarq_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000034816 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\spu\libmosaic_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000663552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\spu\libremoteosd_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000053248 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\spu\librss_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000031744 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\spu\libsubsdelay_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000400896 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_extractor\libarchive_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libadf_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000047104 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libaribcam_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000022016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libcache_block_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000022016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libcache_read_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000059392 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libhds_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000047616 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libinflate_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libprefetch_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\librecord_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000020480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libskiptags_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019456 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_autodel_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000048640 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_bridge_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 001233920 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_chromaprint_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 001088000 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_chromecast_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_cycle_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019456 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_delay_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000018944 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_description_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_display_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000018432 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_dummy_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000075776 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_duplicate_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000024064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_es_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000020480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_gather_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000027648 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_mosaic_bridge_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000052736 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_record_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000773632 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_rtp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000020992 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_setid_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_smem_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000050688 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_standard_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000044032 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_stats_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000049664 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_transcode_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 002077696 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\text_renderer\libfreetype_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000026112 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\text_renderer\libsapi_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000017920 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\text_renderer\libtdummy_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000046592 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libchain_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000023040 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libgrey_yuv_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000109056 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_10_p010_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000111616 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_nv12_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000059904 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_rgb_mmx_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000037888 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_rgb_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000120832 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_rgb_sse2_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000026624 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000037888 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_yuy2_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000035840 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_yuy2_sse2_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi422_i420_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000024064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi422_yuy2_mmx_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000032256 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi422_yuy2_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000029696 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000018944 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\librv32_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000821248 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libswscale_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libyuvp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000034816 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libyuy2_i420_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000028672 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libyuy2_i422_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000074752 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libadjust_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000020992 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libalphamask_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000024064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libanaglyph_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000027136 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libantiflicker_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000039424 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libball_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000166912 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libblend_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000022528 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libblendbench_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000029184 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libbluescreen_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000045056 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libcanvas_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000022016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libcolorthres_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000024576 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libcroppadd_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000136704 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libdeinterlace_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libedgedetection_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000026624 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\liberase_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000024576 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libextract_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libfps_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libfreeze_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000024576 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libgaussianblur_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000029184 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libgradfun_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000042496 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libgradient_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000034304 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libgrain_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000031232 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libhqdn3d_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000022016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libinvert_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libmagnify_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000034304 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libmirror_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000022528 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libmotionblur_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000027648 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libmotiondetect_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000030720 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\liboldmovie_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libposterize_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000121856 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libpostproc_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000022016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libpsychedelic_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000089088 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libpuzzle_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000022016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libripple_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000062464 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\librotate_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libscale_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000045056 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libscene_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000023040 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libsepia_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000020992 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libsharpen_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000035328 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libtransform_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libvhs_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libwave_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000818688 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libcaca_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000346624 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libdirect3d11_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000268288 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libdirect3d9_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000246272 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libdirectdraw_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000018944 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libdrawable_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000044544 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libflaschen_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000094720 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libgl_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000304640 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libglwin32_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000020480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libvdummy_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000022016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libvmem_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000096768 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libwgl_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000230400 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libwingdi_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libwinhibit_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000044032 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libyuv_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000020992 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_splitter\libclone_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000045056 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_splitter\libpanoramix_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000058880 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_splitter\libwall_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000038400 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\visualization\libglspectrum_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000208384 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\visualization\libgoom_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 001702912 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\visualization\libprojectm_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000056832 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\visualization\libvisual_plugin.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-1015540938-3996997567-1391499832-1001 -> DefaultScope {43B1B2E9-843B-4459-8E32-95BA5A2117FD} URL =
SearchScopes: HKU\S-1-5-21-1015540938-3996997567-1391499832-1001 -> {43B1B2E9-843B-4459-8E32-95BA5A2117FD} URL =
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\oldnational.com -> hxxps://www.oldnational.com
IE trusted site: HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\pnc.com -> hxxps://www.onlinebanking.pnc.com
IE trusted site: HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\sharepoint.com -> hxxps://anderson0-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-11 19:38 - 2018-04-11 19:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jhauk\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\2020 08 07 The boys.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "DellMobileConnectWelcome"
HKLM\...\StartupApproved\Run: => "WavesSvc"
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\StartupApproved\Run: => "Zalo"
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\StartupApproved\Run: => "GarminExpress"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{0BF25BA8-8276-4A70-9625-7D0BC5C469D6}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{3AA89511-D6C1-4D99-B70B-6B07A506BA62}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{01124C22-FC05-4808-BC13-12C076DDC76E}] => (Allow) C:\Users\jhauk\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{05D6B342-78F3-482C-B53E-0D3E4467F99D}] => (Allow) C:\Users\jhauk\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{7E348CD9-0918-40FB-9C58-0C7176627CA5}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{482CD256-9F6B-400E-B563-E6821169580F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C2006FCD-AD51-45E0-B4A4-B874E7474F91}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{55DBA7B1-5982-433F-8D38-DE7E7E51F490}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{D545A722-3337-485D-BDC1-704C1A98AB82}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{88D6118D-6A11-4619-897E-735523227F99}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{7023B499-2448-4724-8081-517C15763D1F}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{3F2A6D7E-9815-45CF-B176-9C8BC9FA27E0}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{D8DD128A-FB4A-448A-85E4-37BFF4E1E1A5}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector -> Flash-Integro LLC)
FirewallRules: [TCP Query User{96B8CB64-96D9-4BF8-AC6A-0438EF3926A0}C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.1.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\launch.exe] => (Allow) C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.1.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\launch.exe => No File
FirewallRules: [UDP Query User{5EA0394E-C7E0-45AF-BDD8-C319EED2B8AA}C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.1.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\launch.exe] => (Allow) C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.1.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\launch.exe => No File
FirewallRules: [TCP Query User{786C4EF5-F340-416B-BECF-3C0690788894}C:\program files\dvdfab\dvdfab 12\dvdfab64.exe] => (Allow) C:\program files\dvdfab\dvdfab 12\dvdfab64.exe => No File
FirewallRules: [UDP Query User{8FA259D2-1508-4210-A52E-FA1B2F95C0AA}C:\program files\dvdfab\dvdfab 12\dvdfab64.exe] => (Allow) C:\program files\dvdfab\dvdfab 12\dvdfab64.exe => No File
FirewallRules: [TCP Query User{565B4B4A-B93A-4ECA-975E-380E884EDBFF}C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.2.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\openshot-qt.exe] => (Allow) C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.2.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [UDP Query User{6E23B3D1-7A4F-4AF6-9719-0D263E97DE6D}C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.2.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\openshot-qt.exe] => (Allow) C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.2.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [TCP Query User{0937C031-7424-4A22-A065-9A9E1D396F17}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Allow) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe (Digiarty Software, Inc. -> DearMob)
FirewallRules: [UDP Query User{37020B62-4258-4ABC-9472-2368C60CE78C}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Allow) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe (Digiarty Software, Inc. -> DearMob)
FirewallRules: [{77D9FBF5-0004-4276-9006-B49E3FEE8F98}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9514920F-C25B-4AD1-B7C8-DB1E0490E178}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E6AEE2EB-DCE2-47DC-B07F-F07EEDABA27A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{669EE4AF-EDC7-4D82-8EBD-E2A33BE16E1B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{645A3D14-83C3-48D9-9F97-C1C940B18BB0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B7DBB186-6373-444E-AD5B-E06C6D18C1AA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BB024AD8-CF94-4AF8-8FCB-3AB7C4673C91}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1FFB60A2-85F0-4AAF-ABEF-BA34ACA52327}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{96A4AB91-C986-4767-AF64-47FCDD1BCE83}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{520FDAF8-DD3A-4EE1-A365-A35C704FEF5E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{49A6E846-62A1-4B03-8267-0F9992A2DC72}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C3587CD2-52D5-4885-A8E2-0D01D208EF31}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{12DDBAF2-7814-472B-9A68-F0F7CE80A621}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1487664C-7571-4710-A980-D5E6B43C2D74}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{9466FDD6-4604-4200-8A14-248087F11BBE}] => (Allow) C:\Program Files\WindowsApps\91750D7E.Slack_4.17.1.0_x64__8she8kybcnzg4\app\Slack.exe (Slack Technologies, Inc. -> Slack Technologies Inc.)
FirewallRules: [{040A4BBE-5FAC-48F8-88BC-535DCFAAAFCE}] => (Allow) C:\Program Files\WindowsApps\91750D7E.Slack_4.17.1.0_x64__8she8kybcnzg4\app\Slack.exe (Slack Technologies, Inc. -> Slack Technologies Inc.)
FirewallRules: [{4463B185-C0FA-46C6-B744-2AED2F374A76}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9803.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{6E459C1C-9939-4077-AEEA-00B6EB94115A}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9803.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{27A394FC-9359-4648-A2BC-24C77F68C5B4}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\91.0.864.59\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

26-06-2021 11:09:25 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/25/2021 11:51:17 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {6d4bd2e3-f197-4e91-af79-dcc6ff13954a}

Error: (06/25/2021 08:38:33 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {6d4bd2e3-f197-4e91-af79-dcc6ff13954a}

Error: (06/25/2021 07:21:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Microsoft.Photos.exe, version: 2020.20120.4004.0, time stamp: 0x5fcaab3d
Faulting module name: KERNELBASE.dll, version: 10.0.19041.1023, time stamp: 0x924f9cdb
Exception code: 0xc000027b
Fault offset: 0x000000000010b39c
Faulting process id: 0x2928
Faulting application start time: 0x01d769f985468e8c
Faulting application path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: a38549d6-a150-44ef-a7a3-17d1227709a7
Faulting package full name: Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App

Error: (06/25/2021 07:14:20 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {6d4bd2e3-f197-4e91-af79-dcc6ff13954a}

Error: (06/25/2021 12:33:17 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {6d4bd2e3-f197-4e91-af79-dcc6ff13954a}

Error: (06/24/2021 01:31:43 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {6d4bd2e3-f197-4e91-af79-dcc6ff13954a}

Error: (06/24/2021 12:56:34 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {6d4bd2e3-f197-4e91-af79-dcc6ff13954a}

Error: (06/23/2021 11:18:28 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {6d4bd2e3-f197-4e91-af79-dcc6ff13954a}


System errors:
=============
Error: (06/26/2021 09:18:39 AM) (Source: googledrivefs3301) (EventID: 2) (User: )
Description: The driver version of the disk does not match.

Error: (06/25/2021 10:43:42 AM) (Source: googledrivefs3301) (EventID: 2) (User: )
Description: The driver version of the disk does not match.

Error: (06/25/2021 06:43:32 AM) (Source: googledrivefs3301) (EventID: 2) (User: )
Description: The driver version of the disk does not match.

Error: (06/24/2021 06:33:53 AM) (Source: googledrivefs3301) (EventID: 2) (User: )
Description: The driver version of the disk does not match.

Error: (06/23/2021 07:08:58 AM) (Source: googledrivefs3301) (EventID: 2) (User: )
Description: The driver version of the disk does not match.

Error: (06/22/2021 06:20:39 AM) (Source: googledrivefs3301) (EventID: 2) (User: )
Description: The driver version of the disk does not match.

Error: (06/21/2021 10:18:23 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-6JBP3L9)
Description: The server microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.

Error: (06/21/2021 07:23:30 AM) (Source: googledrivefs3301) (EventID: 2) (User: )
Description: The driver version of the disk does not match.


Windows Defender:
================
Date: 2021-06-26 10:52:21
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-25 07:58:21
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-24 07:51:26
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-23 08:36:41
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-22 10:28:41
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-04 07:04:32
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.341.40.0
Previous security intelligence Version: 1.339.1944.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

Date: 2021-06-04 07:04:32
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.341.40.0
Previous security intelligence Version: 1.339.1944.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

Date: 2021-06-04 07:04:32
Description:
Microsoft Defender Antivirus has encountered an error trying to update the engine.
New Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error Code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

Date: 2021-05-15 23:40:35
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.339.790.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18100.6
Error code: 0x80070102
Error description: The wait operation timed out.

Date: 2021-05-14 18:51:25
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.339.664.0
Previous security intelligence Version: 1.339.368.0
Update Source: Security intelligence Update Folder
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.18100.6
Previous Engine Version: 1.1.18100.6
Error code: 0x80004004
Error description: Operation aborted

==================== Memory info ===========================

BIOS: Dell Inc. 2.15.0 02/21/2020
Motherboard: Dell Inc. 0H4VK7
Processor: Intel® Core™ i3-8100 CPU @ 3.60GHz
Percentage of memory in use: 77%
Total physical RAM: 8006.97 MB
Available physical RAM: 1810.38 MB
Total Virtual: 16482.59 MB
Available Virtual: 2000.41 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:917.05 GB) (Free:559.96 GB) NTFS
Drive g: (Google Drive) (Fixed) (Total:917.05 GB) (Free:531.96 GB) FAT32

\\?\Volume{ddeb6c84-810c-46a1-aec6-44f8c7ccad3a}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.45 GB) NTFS
\\?\Volume{df0a5467-a661-4a6f-af6f-55c9d5055271}\ (Image) (Fixed) (Total:11.66 GB) (Free:0.22 GB) NTFS
\\?\Volume{5da840b2-c364-4272-bd43-d66afc350687}\ (DELLSUPPORT) (Fixed) (Total:1.07 GB) (Free:0.21 GB) NTFS
\\?\Volume{7f86ac07-f133-4645-b879-12d32c99ea96}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.56 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 926B0D78)

Partition: GPT.

==================== End of Addition.txt =======================

 

 


  • 0

Advertisements


#2
icotonev

icotonev

    Trusted Helper

  • Malware Removal
  • 230 posts

Hi , John Aukerman..!  :) 

 

Let's start like this:

 

Step 1:

Download MCPR (McAfee Product Removal).
Start MCPR.exe.
Follow the instructions that appear.
On completion restart the machine.

 

Step 2 - Uninstall a Program

  • Press the Windows Key + R.
  • Type appwiz.cpl in the Run box and click OK.
  • The Add/Remove Programs list will open. Locate the following program(s) on the list:

 

 

Norton Security Scan

 

  • On completion restart the machine.

 

Step 3:

 

Scanning with SecurityCheck by glax24

  • Download SecurityCheck by glax24 from here and remember the tool on the desktop.
  • Run the program right-click the administrator name
  • Wait for the scan to finish. It will open in a text file named SecurityType.txt. Copy the contents of this file to your next post
  • You can find this file in the root of the system disk in a folder called SecurityCheck, C: \\ SecurityCheck \\ SecurityCheck.txt

 

Step 4:

 

Re-scan with FRST

 

  • Double-click FRST.exe/FRST64.exe to run it.
  • Press the Scan button.
  • When finished, it will produce logs called FRST.txt and Addition.txt in the same directory the tool was run from.
  • Please copy and paste the logs in your next reply.

 

 

 


  • 0

#3
John Aukerman

John Aukerman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 255 posts

SecurityCheck by glax24 & Severnyj v.1.4.0.53 [27.10.17]
WebSite: www.safezone.cc
DateLog: 27.06.2021 08:20:21
Path starting: C:\Users\jhauk\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: jhauk
VersionXML: 8.87is-26.06.2021
___________________________________________________________________________

Windows 10(6.3.19041) (x64) Core Release: 2004 Lang: English(0409)
Installation date OS: 05.08.2020 06:51:15
LicenseStatus: Windows®, Core edition The machine is permanently activated.
LicenseStatus: Office 16, Office16O365HomePremR_Subscription4 edition Timebased activation will expire :46512 minutes
LicenseStatus: Office 16, Office16O365HomePremR_Grace edition Windows is in Notification mode
Boot Mode: Normal
Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
SystemDrive: C: FS: [NTFS] Capacity: [917 Gb] Used: [356.4 Gb] Free: [560.6 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.789.19041.0
User Account Control enabled
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
---------------------------- [ Antivirus_WMI ] ----------------------------
Windows Defender (enabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Defender Firewall (mpssvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (enabled and up to date)
--------------------------- [ OtherUtilities ] ----------------------------
Microsoft 365 - en-us v.16.0.14026.20308
Dell SupportAssist OS Recovery Plugin for Dell Update v.5.4.1.14954 [+]
Dell SupportAssist v.3.9.1.245 [+]
-------------------------- [ IMAndCollaborate ] ---------------------------
Zoom v.5.4.9 (59931.0110) Warning! Download Update
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Acrobat Reader DC v.21.005.20048
------------------------------- [ Browser ] -------------------------------
Mozilla Firefox 89.0.2 (x64 en-US) v.89.0.2
Google Chrome v.91.0.4472.114
Microsoft Edge v.91.0.864.59
------------------ [ AntivirusFirewallProcessServices ] -------------------
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe v.4.18.2105.5
C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe v.4.18.2105.5
Microsoft Defender Antivirus Service (WinDefend) - The service is running
Microsoft Defender Antivirus Network Inspection Service (WdNisSvc) - The service is running
----------------------------- [ End of Log ] ------------------------------

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-06-2021
Ran by jhauk (administrator) on DESKTOP-6JBP3L9 (Dell Inc. Inspiron 3670) (27-06-2021 08:22:12)
Running from C:\Users\jhauk\Desktop
Loaded Profiles: jhauk
Platform: Windows 10 Home Version 2004 19041.1052 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc -> Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Digiarty Software, Inc. -> DearMob) C:\Program Files (x86)\DearMob\5KPlayer\5KPlayer.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\48.0.13.0\crashpad_handler.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\48.0.13.0\GoogleDriveFS.exe <7>
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_efb119a73d6b56f6\igfxCUIService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_577b4722c749a41f\OneApp.IGCC.WinService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9a914baee86356a0\IntelCpHDCPSvc.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9a914baee86356a0\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_f881c4be237ce854\RstMwService.exe
(Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\laclient.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10>
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe
(Pro Softnet Corporation -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe
(Pro Softnet Corporation -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_service.exe
(Pro Softnet Corporation -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_tray.exe
(Qualcomm Atheros -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_18c775e07a6aaafd\RtkAudUService64.exe <3>
(Rivet Networks LLC -> DELL) C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RAPS.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Rivet Networks LLC -> Rivet Networks, LLC.) C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_9e45e2d5613ef7ef\WavesSysSvc64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_18c775e07a6aaafd\RtkAudUService64.exe [1257032 2021-04-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWStartup.exe [313064 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2109064 2019-11-27] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320056 2019-12-10] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [WSVCUUpdateHelper.exe] => C:\Program Files\Wondershare\Wondershare UniConverter (CPC)\WSVCUUpdateHelper.exe
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_9e45e2d5613ef7ef\WavesSvc64.exe [1237920 2019-09-05] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [271496 2017-11-02] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [IDrive Background process] => C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe [78176 2020-02-18] (Pro Softnet Corporation -> Prosoftnet)
HKLM-x32\...\Run: [IDrive Tray] => C:\Program Files (x86)\IDriveWindows\id_tray.exe [1977696 2020-02-18] (Pro Softnet Corporation -> Prosoftnet)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [uupdate] => C:\ProgramData\wDcLibs\uhelper.exe [512280 2019-11-28] (Shenzhen Yi Xing Investment Co., Ltd. -> )
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\48.0.13.0\GoogleDriveFS.exe [58172896 2021-05-24] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\48.0.13.0\GoogleDriveFS.exe [58172896 2021-05-24] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\48.0.13.0\GoogleDriveFS.exe [58172896 2021-05-24] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30862320 2019-07-25] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Run: [5KPlayer] => C:\Program Files (x86)\DearMob\5KPlayer\5KPlayer.exe [28456624 2021-01-26] (Digiarty Software, Inc. -> DearMob)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\48.0.13.0\GoogleDriveFS.exe [58172896 2021-05-24] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\BJ Print Processor4: C:\Windows\System32\spool\prtprocs\x64\CNBPP4.DLL [84992 2011-08-30] (CANON INC.) [File not signed]
HKLM\...\Windows x64\Print Processors\Canon MP970 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD91.DLL [27648 2007-05-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon TS8300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDFT.DLL [509952 2019-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\BJ Language Monitor4: C:\WINDOWS\system32\CNBLM4.DLL [267776 2011-08-30] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP970 series: C:\WINDOWS\system32\CNMLM91.DLL [258560 2007-05-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS8300 series: C:\WINDOWS\system32\CNMLMFT.DLL [940032 2019-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [252416 2012-08-30] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.114\Installer\chrmstp.exe [2021-06-17] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NotificationTool.lnk [2020-02-13]
ShortcutTarget: NotificationTool.lnk -> C:\Program Files (x86)\Canon\hdAlbum EZ\NotificationTool.exe (Canon Inc. -> CANON INC.)
Startup: C:\Users\jhauk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\firefox.exe - Shortcut.lnk [2019-10-12]
ShortcutTarget: firefox.exe - Shortcut.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
Startup: C:\Users\jhauk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Indiana FB Posts.docx - Shortcut.lnk [2019-10-21]
ShortcutTarget: Indiana FB Posts.docx - Shortcut.lnk -> C:\Users\jhauk\Desktop\Indiana FB Posts.docx (No File)
Startup: C:\Users\jhauk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trail Life.docx - Shortcut.lnk [2019-11-21]
ShortcutTarget: Trail Life.docx - Shortcut.lnk -> C:\Users\jhauk\Desktop\Trail Life.docx (No File)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1684B791-B395-4DD1-A66B-D08FE33B62CE} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\Explorer.exe /NOUACCHECK
Task: {3946A875-A93C-4928-926E-F6CA792F8893} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3EB46213-22D7-4598-B91B-E5DA13C3E2A1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4C26AFD1-5C37-4F8A-BC2C-27E939578E35} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-18] (Google Inc -> Google Inc.)
Task: {6113DE98-18FB-45F5-8E61-856727E5D48E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147320 2021-06-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {68E112ED-601F-428D-848D-BD0B940D7F89} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [690616 2021-06-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {7CBEC024-B0E4-4CCF-A8D4-8D32633EBCF9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124896 2021-06-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {82C37CD8-60F8-447B-BBD5-3B11FB416215} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {85DF244C-6AD5-4394-BBF3-31F07BFDED0D} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1059872 2021-05-24] (Dell Inc -> Dell Inc.)
Task: {88F1048A-E883-4F12-9D28-98A5C8C00B37} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [95072 2020-08-14] (Rivet Networks LLC -> DELL)
Task: {9D904B96-E053-486A-A163-FE749D9823EA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124896 2021-06-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {B3AFAED3-7574-49A6-8119-23127F5A1B9C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CDDE49F6-7867-44EC-A062-343791A98317} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DC24A639-C495-4029-8875-650BD3169F6A} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2019-07-25] (Garmin International, Inc. -> )
Task: {E12717D5-AA3C-4AB7-A2CB-A857DF628A14} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147320 2021-06-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {EDFF0B54-722B-4DB3-93E5-B0A4BC32CA25} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1510832 2021-06-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {FCA6206D-B840-474E-8114-64E82E20DEBF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-18] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{e6d416ea-722e-4537-9bf4-49c06dbe3514}: [DhcpNameServer] 192.168.1.254

Edge:
=======
DownloadDir: C:\Users\jhauk\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\jhauk\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-27]
Edge DownloadDir: Default -> C:\Users\jhauk\Downloads
Edge StartupUrls: Default -> "hxxps://www.onlinebanking.pnc.com/alservlet/PNCOnlineBankingServletLogin"

FireFox:
========
FF DefaultProfile: ou4ydgfb.default-1553941110074
FF ProfilePath: C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074 [2021-06-27]
FF DownloadDir: C:\Users\jhauk\Desktop
FF Homepage: Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074 -> hxxps://www.facebook.com/|hxxps://mail.google.com/mail/u/0/?ui=2#inbox|hxxps://calendar.google.com/calendar/u/0/r/day?tab=mc
FF Notifications: Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074 -> hxxps://www.facebook.com; hxxps://usa.life; hxxps://mail.google.com
FF HomepageOverride: Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074 -> Disabled: [email protected]
FF NewTabOverride: Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074 -> Disabled: [email protected]
FF Extension: (F.B Purity - Cleans up Facebook) - C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074\Extensions\[email protected] [2021-05-11] [UpdateUrl:hxxps://www.fbpurity.com/FF-FBP-Ext-Updates.json]
FF Extension: (Gaming Assassin) - C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074\Extensions\[email protected] [2019-11-22] [UpdateUrl:hxxps:\/\/updates.tb.ask.com\/updateXpi.json?id=224233761&version=8.924.16.56986&track=TTAB02&trackRevision=1&fromId=_e7Members_%40free.gamingassassin.com&isBridgeExtension=false]
FF Extension: (MediaPlayer Search) - C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074\Extensions\{b779151f-7a4c-46b2-83e4-3dbad231a9b9}.xpi [2019-12-06] [UpdateUrl:hxxps://cdn.mediaplayer10-cdn.com/xpi/mediaplayer10/settings_Api/0919/no_ba/updates.json]
FF Extension: (Zoom Scheduler) - C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074\Extensions\{bf855ead-d7c3-4c7b-9f88-9a7e75c0efdf}.xpi [2021-05-19]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default [2021-06-27]
CHR DownloadDir: C:\Users\jhauk\Desktop
CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/u/0/#inbox","hxxps://calendar.google.com/calendar/r?tab=mc","hxxps://www.facebook.com/"
CHR NewTab: Default ->  Not-active:"chrome-extension://bcedopgbjnjfngcejdmkppbcmcgndpkg/newtab/quicknewtabpage.html"
CHR Extension: (Slides) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-18]
CHR Extension: (Docs) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-18]
CHR Extension: (Google Drive) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (Satellite Earth) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcedopgbjnjfngcejdmkppbcmcgndpkg [2019-07-25]
CHR Extension: (YouTube) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-18]
CHR Extension: (Sheets) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-18]
CHR Extension: (Google Docs Offline) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-13]
CHR Extension: (Mountain River) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\hldnnpdpbcplkacehcbafmncblojlead [2020-05-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-28]
CHR Extension: (Gmail) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-25]
CHR HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-06-23] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [422128 2021-03-09] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3975712 2021-03-09] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [623136 2021-03-09] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1009264 2021-03-30] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [19128 2021-04-01] (Dell Inc -> Dell INC.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2021-01-19] (Dell Inc -> )
R2 IDriveService; C:\Program Files (x86)\IDriveWindows\id_service.exe [334688 2020-02-18] (Pro Softnet Corporation -> Prosoftnet)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [399296 2019-11-28] (Canon Inc. -> )
R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [64848 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64856 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1630576 2020-08-14] (Rivet Networks LLC -> Rivet Networks)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2385256 2020-08-14] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-05-24] (Dell Inc -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\TunesGo\DriverInstall.exe [107624 2018-12-13] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
R1 googledrivefs3301; C:\WINDOWS\System32\DRIVERS\googledrivefs3301.sys [132456 2020-11-19] (Google LLC -> Google, Inc.)
R1 googledrivefs3460; C:\WINDOWS\System32\DRIVERS\googledrivefs3460.sys [389600 2021-05-24] (Google LLC -> Google, Inc.)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [164424 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425184 2021-06-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-13] (Microsoft Windows -> Microsoft Corporation)
S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-27 08:22 - 2021-06-27 08:26 - 000027463 _____ C:\Users\jhauk\Desktop\FRST.txt
2021-06-27 08:20 - 2021-06-27 08:20 - 000000000 ____D C:\SecurityCheck
2021-06-27 08:19 - 2021-06-27 08:19 - 000533439 _____ (glax24 (safezone.cc)) C:\Users\jhauk\Desktop\SecurityCheck.exe
2021-06-27 07:58 - 2021-06-27 07:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2021-06-27 07:52 - 2021-06-27 07:52 - 011049936 _____ (McAfee, LLC) C:\Users\jhauk\Desktop\MCPR.exe
2021-06-26 23:20 - 2021-06-26 23:20 - 000003423 _____ C:\Users\jhauk\Desktop\Current tax map.html
2021-06-26 23:20 - 2021-06-26 23:20 - 000000000 ____D C:\Users\jhauk\Desktop\Current tax map_files
2021-06-26 12:57 - 2021-06-26 12:57 - 002300416 _____ (Farbar) C:\Users\jhauk\Desktop\FRST64.exe
2021-06-26 12:56 - 2021-06-27 08:24 - 000000000 ____D C:\FRST
2021-06-26 00:51 - 2021-06-26 00:51 - 000801767 _____ C:\Users\jhauk\Desktop\Redeemed - Quartet.pdf
2021-06-24 12:53 - 2021-06-24 12:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-06-24 06:59 - 2021-06-24 06:59 - 000724993 _____ C:\Users\jhauk\Desktop\EM-SRL-10.pdf
2021-06-24 06:41 - 2021-06-27 08:00 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-06-23 22:52 - 2021-04-22 01:06 - 006459880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2021-06-23 22:52 - 2021-04-22 00:56 - 045539300 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2021-06-23 22:51 - 2021-04-22 01:08 - 000276832 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTHDASIO64.dll
2021-06-23 22:51 - 2021-04-22 01:08 - 000231264 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RTHDASIO.dll
2021-06-21 10:07 - 2021-06-21 10:07 - 000264533 _____ C:\Users\jhauk\Desktop\Deed.pdf
2021-06-20 14:41 - 2021-06-20 14:41 - 000003396 _____ C:\Users\jhauk\Desktop\W High current map.html
2021-06-17 22:44 - 2021-06-17 22:44 - 011030299 _____ C:\Users\jhauk\Documents\FUNK (2021-06-17).rmgb
2021-06-12 20:31 - 2021-06-12 20:31 - 011028048 _____ C:\Users\jhauk\Documents\FUNK (2021-06-12).rmgb
2021-06-10 11:10 - 2021-06-10 11:10 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-06-09 21:55 - 2021-06-09 21:55 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-09 21:55 - 2021-06-09 21:55 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-09 21:55 - 2021-06-09 21:55 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-09 21:55 - 2021-06-09 21:55 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-06-09 21:55 - 2021-06-09 21:55 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-09 21:55 - 2021-06-09 21:55 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-09 21:55 - 2021-06-09 21:55 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-09 21:55 - 2021-06-09 21:55 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-09 21:55 - 2021-06-09 21:55 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-09 21:55 - 2021-06-09 21:55 - 000011353 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-09 21:54 - 2021-06-09 21:54 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-09 21:54 - 2021-06-09 21:54 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-09 21:54 - 2021-06-09 21:54 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-06-09 21:54 - 2021-06-09 21:54 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-09 21:54 - 2021-06-09 21:54 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-09 21:54 - 2021-06-09 21:54 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-09 21:54 - 2021-06-09 21:54 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-06-09 21:53 - 2021-06-09 21:53 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-02 23:33 - 2021-06-02 23:33 - 011025673 _____ C:\Users\jhauk\Documents\FUNK (2021-06-02).rmgb

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-27 08:27 - 2019-03-18 10:16 - 000000000 ____D C:\ProgramData\IDrive
2021-06-27 08:23 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-27 08:15 - 2021-04-09 08:30 - 000000000 ____D C:\Users\jhauk\AppData\Roaming\5KPlayer
2021-06-27 08:15 - 2019-03-18 09:43 - 000000000 ____D C:\ProgramData\Mozilla
2021-06-27 08:14 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-27 08:14 - 2019-03-18 09:43 - 000000000 ____D C:\Users\jhauk\AppData\LocalLow\Mozilla
2021-06-27 08:13 - 2020-08-05 02:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-27 08:13 - 2020-08-05 02:33 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-27 08:13 - 2018-11-21 03:30 - 000000000 ____D C:\Intel
2021-06-27 08:12 - 2019-12-07 05:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-06-27 08:10 - 2021-04-09 08:16 - 000000000 ____D C:\ProgramData\Norton
2021-06-27 08:07 - 2020-08-05 02:43 - 000842418 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-27 08:00 - 2019-03-18 09:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-06-27 07:38 - 2019-04-09 06:11 - 000000000 ____D C:\Users\jhauk\Desktop\Auk Pics
2021-06-27 01:19 - 2019-03-18 10:23 - 000000000 ____D C:\Users\jhauk\Desktop\Brenda
2021-06-27 01:12 - 2020-08-05 02:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-27 00:12 - 2019-04-08 06:46 - 040681472 _____ C:\Users\jhauk\Documents\FUNK.rmgc
2021-06-26 22:54 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-26 22:54 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-26 10:58 - 2020-06-08 06:52 - 000000000 ____D C:\Users\jhauk\Documents\Outlook Files
2021-06-26 09:26 - 2020-06-20 06:07 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-26 00:59 - 2019-03-18 18:50 - 000000000 ____D C:\Users\jhauk\Documents\Bren
2021-06-25 15:04 - 2019-03-18 09:26 - 000000000 ____D C:\Users\jhauk\AppData\Local\Packages
2021-06-24 22:48 - 2019-07-30 07:16 - 004647936 _____ C:\Users\jhauk\Documents\aukerman20190730.rmgc
2021-06-24 12:53 - 2019-03-18 09:43 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-06-24 01:37 - 2019-03-27 11:34 - 000000000 ____D C:\Users\jhauk\Desktop\Lou Ann - Choruses; Print-Scan, save to comp., doc. (pdf)
2021-06-23 08:22 - 2019-03-18 18:57 - 000000000 ____D C:\Users\jhauk\Desktop\John
2021-06-23 08:19 - 2019-03-19 05:21 - 000000000 ____D C:\Users\Aukerman\Desktop\John
2021-06-23 02:25 - 2019-04-02 08:43 - 000000000 ____D C:\Program Files\Microsoft Office
2021-06-18 09:07 - 2021-01-22 07:13 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-17 21:59 - 2019-03-18 09:35 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-13 07:39 - 2018-11-21 03:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-10 06:53 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-10 01:36 - 2020-08-05 02:33 - 000508560 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-10 01:33 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-10 01:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-10 01:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-10 01:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-10 01:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-10 01:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-10 01:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-06-10 01:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-10 01:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-10 01:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-10 01:33 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-09 22:01 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-09 21:26 - 2019-03-19 06:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-06-09 21:16 - 2019-03-19 06:00 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-06-09 08:10 - 2020-02-13 14:56 - 000000000 ____D C:\ProgramData\CanonIJPLM
2021-06-05 13:41 - 2018-11-21 03:27 - 000000000 ____D C:\ProgramData\Dell
2021-06-05 11:34 - 2018-11-21 03:26 - 000000000 ____D C:\ProgramData\Package Cache
2021-06-05 10:44 - 2020-01-18 18:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2021-05-29 03:13 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

==================== Files in the root of some directories ========

2003-11-10 16:27 - 2003-11-10 16:26 - 000376884 _____ () C:\Program Files\image001.bmp
2021-01-18 13:44 - 2021-01-18 13:44 - 000000171 _____ () C:\Users\jhauk\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0

==================== FLock ==============================

2021-06-05 11:34 C:\Recovery

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-06-2021
Ran by jhauk (27-06-2021 08:32:37)
Running from C:\Users\jhauk\Desktop
Windows 10 Home Version 2004 19041.1052 (X64) (2020-08-05 06:51:15)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1015540938-3996997567-1391499832-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1015540938-3996997567-1391499832-503 - Limited - Disabled)
Guest (S-1-5-21-1015540938-3996997567-1391499832-501 - Limited - Disabled)
jhauk (S-1-5-21-1015540938-3996997567-1391499832-1001 - Administrator - Enabled) => C:\Users\jhauk
WDAGUtilityAccount (S-1-5-21-1015540938-3996997567-1391499832-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 4.8 (HKLM\...\{2FA2F521-494C-4E8F-8C30-3D3E81590413}) (Version: 4.8.0.2852 - Open Media LLC)
5KPlayer (HKLM-x32\...\5KPlayer) (Version: 6.5 - DearMob, Inc.)
AceMoney (HKLM-x32\...\AceMoney_is1) (Version:  - MechCAD Software)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (HKLM\...\{B7626024-53D9-4982-A1EE-64BC9438DFD5}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.10.2 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.30.1.52 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.5.5.3 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.2.0 - Canon Inc.)
Canon MP970 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP970_series) (Version:  - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.2 - Canon Inc.)
Canon TS8300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS8300_series) (Version: 1.01 - Canon Inc.)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 5.59 - NCH Software)
Dell Digital Delivery Service (HKLM-x32\...\{DD47FCB3-5038-40CE-A02A-85F51BA03F37}) (Version: 3.6.1012.0 - Dell Products, LP)
Dell Mobile Connect Drivers (HKLM\...\{04DF02C6-E3D7-4D26-A44C-6F8A2E218D2C}) (Version: 1.3.6844 - Screenovate Technologies Ltd.)
Dell SupportAssist (HKLM\...\{A3E44B1D-1AC1-414F-A7D4-0824E0A49F3A}) (Version: 3.9.1.245 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{900D0BCD-0B86-4DAA-B639-89BE70449569}) (Version: 5.4.1.14954 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{ec40a028-983b-4213-af2c-77ed6f6fe1d5}) (Version: 5.4.1.14954 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{E9E87628-7D88-4557-9A80-49B2B4A81460}) (Version: 5.4.1.14954 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{ef6a1215-d616-4e4f-9453-525ed9903031}) (Version: 5.4.1.14954 - Dell Inc.)
Dell Update for Windows 10 (HKLM\...\{41D2D254-D869-4CD8-B440-5DF49083C4BA}) (Version: 4.1.0 - Dell Inc.)
Dynamic Application Loader Host Interface Service (HKLM\...\{3252E69D-9075-40FD-A9EF-F6D96091B5BF}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Elevated Installer (HKLM-x32\...\{067FCCD5-0DC8-4D84-849C-A82656EFD36C}) (Version: 6.16.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{78B7CE44-6303-4EC8-9A53-B7F3F3F89E24}) (Version: 6.16.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{824324a6-400d-4ee8-9aa0-72a8627a425e}) (Version: 6.16.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.114 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 48.0.13.0 - Google LLC)
hdAlbum EZ (HKLM-x32\...\{014BBF3C-D9C4-4FD0-857D-E7DDC95263C0}) (Version: 1.7.1.6 - Canon Inc.)
IDrive version 6.7.3.6 (HKLM-x32\...\IDrive_is1) (Version: 6.7.3.6 - Pro Softnet Corp)
Intel® Chipset Device Software (HKLM-x32\...\{70281077-96c3-4f75-938c-dc4746110c00}) (Version: 10.1.17903.8106 - Intel® Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1932.12.0.1298 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.8141 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.9.1040 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{05817e4d-5f15-49b4-afec-7edb31fc7dd6}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{C81FD018-F151-460F-B4F9-0D58039503E2}) (Version: 17.2.4.9002 - Intel Corporation)
Jihosoft Phone Transfer version 3.4.2.0 (HKLM-x32\...\{116B8806-B959-4600-8591-35E60440BD3D}_is1) (Version: 3.4.2.0 - HONGKONG JIHO CO., LIMITED)
Logitech Options (HKLM\...\LogiOptions) (Version: 8.10.84 - Logitech)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.14026.20308 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.59 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 91.0.864.59 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movavi Screen Recorder Studio 10 (HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Movavi Screen Recorder Studio 10) (Version: 10.2.0 - Movavi)
Mozilla Firefox 89.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 89.0.2 (x64 en-US)) (Version: 89.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.2 - Mozilla)
MusicTime Deluxe (HKLM-x32\...\MusicTime Deluxe 4.0.4) (Version: 4.0.4 - Passport)
MusicTime Deluxe 3.5.5 (HKLM-x32\...\MusicTime Deluxe 3.5.5) (Version:  - )
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20308 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20308 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Printer Registration (HKLM-x32\...\Canon EISRegistration) (Version: 1.5.0 - Canon Inc.)
Qualcomm WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8791.1 - Realtek Semiconductor Corp.)
RootsMagic 7.6.1.0 (HKLM-x32\...\{D6286873-A757-4A4D-A6EF-0081B3EE32CA}_is1) (Version: RootsMagic 7.6.1.0 - RootsMagic, Inc.)
SmartByte Drivers and Services (HKLM\...\{9668B1BB-D0FE-4C0C-800C-B1555E069A62}) (Version: 3.1.940 - Rivet Networks)
Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 8.18 - NCH Software)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{FBA3961B-D1DF-493C-BC1F-E67D3B832895}) (Version: 2.56.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
VSDC Free Video Editor version 6.3.9.49 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.3.9.49 - Flash-Integro LLC)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Web Launch Recorder (HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\WebLaunchRecorder) (Version: 2.0 - )
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Wondershare TunesGo ( Version 9.7.3 ) (HKLM-x32\...\{0B31C808-8274-460D-8846-C711D40544A0}_is1) (Version: 9.7.3 - Wondershare)
Zoom (HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\ZoomUMX) (Version: 5.4.9 (59931.0110) - Zoom Video Communications, Inc.)

Packages:
=========
Audacity 2 -> C:\Program Files\WindowsApps\42109FactoriaDatacenter.Audacity2_2.3.2.0_neutral__zaf1c6h4vqsbt [2019-05-29] (Repackagerexpress.com)
Baseball Game Pro -> C:\Program Files\WindowsApps\25228GameMotionStudio.BaseballGamePro_1.0.1.0_x64__t5x6bekc08gee [2019-11-22] (Game Motion Studio) [MS Ad]
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.60.1.0_x86__kgqvnymyfvs32 [2021-06-25] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2040.2.0_x86__kgqvnymyfvs32 [2021-06-12] (king.com)
Canon Office Printer Utility -> C:\Program Files\WindowsApps\34791E63.CanonOfficePrinterUtility_12.7.0.0_x64__6e5tt8cgb93ep [2019-08-26] (Canon Inc.)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_12.0.2.0_x86__m9bz608c1b9ra [2021-04-09] (Nordcurrent)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.2.52.0_x64__htrsf667h5kn2 [2021-04-07] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.90.0_x64__htrsf667h5kn2 [2021-05-27] (Dell Inc)
Dell Mobile Connect 3.3 -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9803.0_x64__0vhbc3ng4wbp0 [2021-06-20] (Screenovate Technologies) [Startup Task]
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.9.13.0_x64__htrsf667h5kn2 [2021-06-10] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.1.15.0_x86__htrsf667h5kn2 [2021-02-21] (Dell Inc)
Downloader for YouTube. Free Coverter to MP3, MP4 & AVI. -> C:\Program Files\WindowsApps\13240GoodBuzzMedia.DownloaderforYouTube.FreeCovert_1.1.17.0_x64__pkybfkfh0fpqa [2020-11-03] (Good Buzz Media)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2020-01-17] (Dropbox Inc.)
Express Burn CD and DVD Burner Free -> C:\Program Files\WindowsApps\NCHSoftware.ExpressBurnFree_10.2.0.0_x86__7kedsbyvzns34 [2021-06-18] (NCH Software)
Fitbit -> C:\Program Files\WindowsApps\Fitbit.Fitbit_2.44.1997.0_x64__6mqt6hf9g46tw [2019-11-14] (Fitbit)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-03-18] (Fitbit)
Free Instant Youtube Downloader -> C:\Program Files\WindowsApps\356E5ED5.FreeInstantYoutubeDownloader_1.5.2.0_x64__n9erwrkheyjxe [2020-02-05] (Prospera Software Inc.) [MS Ad]
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.15.0_neutral__8xx8rvfyw5nnt [2021-06-25] (Instagram)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt [2021-05-14] (INTEL CORP) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-17] (INTEL CORP)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa [2021-05-14] (Apple Inc.) [Startup Task]
Libby, by OverDrive -> C:\Program Files\WindowsApps\2FA138F6.LibbybyOverDrive_1.4.2.0_x64__daecb9042jmvt [2019-07-20] (OverDrive Inc.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-03-18] (LinkedIn)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.60.0_x64__wafk5atnkzcwy [2021-02-26] (McAfee LLC.)
Media Player -> C:\Program Files\WindowsApps\YellowElephantProductions.MediaPlayerS_1.175.91.0_x64__p3e1zgp7z7szg [2021-05-27] (Yellow Elephant Productions)
Media Suite Essentials for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.MediaSuiteEssentialsforDell_2.6.4028.0_x86__mcezb6ze687jp [2020-03-27] (CYBERLINK CORPORATION.)
Meme-Generator -> C:\Program Files\WindowsApps\8840NaveenCS.Meme-Generator_3.3.0.0_neutral__20e0kv46hk748 [2019-04-27] (Naveen CS)
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1809.1.0_x64__8wekyb3d8bbwe [2019-11-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1809.1.0_x86__8wekyb3d8bbwe [2019-11-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-20] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.17.201.0_x64__8wekyb3d8bbwe [2021-06-25] (Microsoft Studios)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-24] (Microsoft Corporation)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_1.8.40.0_x64__htrsf667h5kn2 [2021-05-14] (Dell Inc)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-16] (Netflix, Inc.)
OpenShot Video Editor - MS Store Port -> C:\Program Files\WindowsApps\37559StorePorts.OpenShotVideoEditor-MSStorePort_1.1.2.0_x64__gbs9e2cxjv4vj [2020-02-22] (Store Ports)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-01] (Microsoft Corporation)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.27.1.0_x64__nfy108tqq3p12 [2021-02-20] (Thumbmunkeys Ltd)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2019-03-18] (Plex)
Power Media Player for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerMediaPlayerforDell_14.2.3224.0_x86__mcezb6ze687jp [2021-03-09] (CYBERLINK CORPORATION.)
Power2Go for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.Power2GoforDell_11.0.3920.0_x86__mcezb6ze687jp [2020-08-12] (CYBERLINK CORPORATION.) [Startup Task]
PowerDirector for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerDirectorforDell_15.0.4409.0_x64__mcezb6ze687jp [2019-03-18] (CYBERLINK CORPORATION.)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.483.31805.0_x86__55nm5eh3cm0pr [2021-06-20] (ROBLOX Corporation)
Screen Recorder Lite -> C:\Program Files\WindowsApps\YellowElephantProductions.ScreenRecorderLite_1.142.137.0_x64__p3e1zgp7z7szg [2021-05-27] (Yellow Elephant Productions) [Startup Task]
SHARE.it -> C:\Program Files\WindowsApps\30608Paradox.SHAREit81_1.7.18.0_x64__ghshvk1r7eapp [2019-04-30] (SHAREit Technologies Co.Ltd) [MS Ad]
Slack -> C:\Program Files\WindowsApps\91750D7E.Slack_4.17.1.0_x64__8she8kybcnzg4 [2021-06-18] (Slack Technologies Inc.) [Startup Task]
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.971.0_x64__rh07ty8m5nkag [2021-05-17] (Rivet Networks LLC)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation)
Ultra Screen Recorder -> C:\Program Files\WindowsApps\D5BE6627.UltraScreenRecorder_2.0.9.0_x86__9pm2v9747qaaa [2021-03-29] (CompuClever Systems Inc.)
VideoPad Video Editor Free -> C:\Program Files\WindowsApps\NCHSoftware.VideoPadVideoEditorFree_10.5.2.0_x86__7kedsbyvzns34 [2021-06-24] (NCH Software)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2019-10-11] (VideoLAN)
Waves MaxxAudio Pro for Dell -> C:\Program Files\WindowsApps\WavesAudio.WavesMaxxAudioProforDell_1.1.131.0_x64__fh4rh281wavaa [2019-03-18] (Waves Audio)
Windows DVD Player -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer2_10.17091.10381.0_x64__8wekyb3d8bbwe [2021-04-09] (Microsoft Corporation)
Zalo Desktop -> C:\Program Files\WindowsApps\VNGOnline.Zalofordesktop_19.8.1.0_x64__z59ddpn1nx8g0 [2019-08-17] (VNG Online)
ZAPYA -> C:\Program Files\WindowsApps\EBAC32FB.ZAPYA_1.2.6.0_x86__7pjp2xjm0bc9w [2019-04-30] (邻动(北京)技术有限公司)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [          0001IDSIcon1] -> {0FA6DCC0-CF0B-427D-A8AF-97C466AB5769} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2020-02-18] (Pro Softnet Corporation -> Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: [          0001IDSIcon2] -> {66357BBE-D2E5-453C-95FF-8102EB32419D} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2020-02-18] (Pro Softnet Corporation -> Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: [          0001IDSIcon3] -> {904E6336-8B13-43FA-B4C3-5B62C1C91971} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2020-02-18] (Pro Softnet Corporation -> Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\48.0.13.0\drivefsext.dll [2021-05-24] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\48.0.13.0\drivefsext.dll [2021-05-24] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\48.0.13.0\drivefsext.dll [2021-05-24] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\48.0.13.0\drivefsext.dll [2021-05-24] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-25] () [File not signed] [File is in use]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\48.0.13.0\drivefsext.dll [2021-05-24] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2020-02-18] () [File not signed]
ContextMenuHandlers2: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2020-02-18] () [File not signed]
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-25] () [File not signed] [File is in use]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\48.0.13.0\drivefsext.dll [2021-05-24] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2020-02-18] () [File not signed]
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\48.0.13.0\drivefsext.dll [2021-05-24] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_0219cc1c7085a93f\igfxDTCM.dll [2018-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.voxacm160] => C:\WINDOWS\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\WINDOWS\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\WINDOWS\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lame] => C:\WINDOWS\system32\lame.ax [245760 2005-08-01] () [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\WINDOWS\system32\xvidvfw.dll [139264 2004-07-03] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-04-09 08:30 - 2019-06-20 22:12 - 000075264 _____ () [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\libgcc_s_seh-1.dll
2021-04-09 08:30 - 2019-06-20 22:12 - 001430016 _____ () [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\libstdc++-6.dll
2021-04-09 08:30 - 2019-06-20 22:17 - 000215040 _____ () [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\libupnp.dll
2020-02-23 19:04 - 2020-02-18 13:19 - 005034496 _____ () [File not signed] C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll
2020-02-23 19:04 - 2020-02-18 13:19 - 000834048 _____ () [File not signed] C:\Program Files (x86)\IDriveWindows\sqlite3.dll
2019-10-21 08:56 - 2019-10-21 08:56 - 000144896 _____ () [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\libssh2.dll
2019-10-21 08:56 - 2019-10-21 08:56 - 000077824 _____ () [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\zlib.dll
2020-02-13 15:02 - 2016-10-21 17:06 - 000318976 _____ (CANON INC) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\scchmpm.dll
2020-02-13 15:02 - 2017-06-27 11:59 - 000219648 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\cnmpu2.dll
2020-02-13 15:02 - 2017-11-02 16:36 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_ENU.DLL
2020-02-13 15:02 - 2017-11-02 16:36 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2011-08-30 08:06 - 2011-08-30 08:06 - 000267776 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNBLM4.DLL
2019-03-19 05:52 - 2012-08-30 11:18 - 000252416 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2019-03-18 09:21 - 2011-08-30 08:06 - 000084992 _____ (CANON INC.) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\CNBPP4.DLL
2021-04-09 08:30 - 2020-04-01 07:41 - 015414272 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\avcodec-58.dll
2021-04-09 08:30 - 2020-04-01 07:41 - 003311616 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\avformat-58.dll
2021-04-09 08:30 - 2020-04-01 07:41 - 000690688 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\avutil-56.dll
2021-04-09 08:30 - 2020-04-01 07:41 - 000126464 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\swresample-3.dll
2021-04-09 08:30 - 2020-04-01 07:41 - 000544256 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\swscale-5.dll
2020-04-19 13:43 - 2020-04-19 13:43 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-04-19 13:43 - 2020-04-19 13:43 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2021-04-09 08:30 - 2019-06-20 22:16 - 000082944 _____ (Open Source Software community LGPL) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\pthreadVC2.dll
2020-08-14 22:29 - 2020-08-14 22:29 - 000122880 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll
2020-12-01 01:14 - 2020-12-01 01:14 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll
2019-10-21 08:56 - 2019-10-21 08:56 - 000355840 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\LIBCURL.dll
2019-10-21 08:56 - 2019-10-21 08:56 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\LIBEAY32.dll
2019-10-21 08:56 - 2019-10-21 08:56 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\SSLEAY32.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000169984 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\libvlc.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 002197504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\libvlccore.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libaccess_concat_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000051200 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libaccess_imem_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000084992 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libaccess_mms_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000123392 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libaccess_realrtsp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000037376 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libaccess_wasapi_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000018944 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libattachment_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000175104 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libcdda_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000286720 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libdshow_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000284160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libdtv_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000270336 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libdvdnav_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000180224 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libdvdread_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000047616 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libfilesystem_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000105984 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libftp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000053760 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libhttp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000135168 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libhttps_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libidummy_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000019456 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libimem_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 002432512 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\liblibbluray_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000791040 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\liblive555_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000188928 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libnfs_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000653312 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\librtp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000053760 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libsatip_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000027136 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libscreen_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000018944 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libsdp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000832000 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libsftp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libshm_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000046080 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libsmb_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000019456 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libtcp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000043008 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libtimecode_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libudp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000086016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libvcd_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000084480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libvdr_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 002146816 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libvnc_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000018432 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access_output\libaccess_output_dummy_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000022016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access_output\libaccess_output_file_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000024064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access_output\libaccess_output_http_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000657920 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access_output\libaccess_output_livehttp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000443392 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access_output\libaccess_output_shout_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\access_output\libaccess_output_udp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000044032 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libaudio_format_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000048640 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libaudiobargraph_a_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000028672 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libchorus_flanger_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000032256 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libcompressor_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000019456 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000060416 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libequalizer_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000018944 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libgain_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000025088 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libheadphone_channel_mixer_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000019456 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libkaraoke_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000149504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libmad_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000026112 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libmono_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000022528 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libnormvol_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000028160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libparam_eq_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000025600 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libremap_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 001500160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libsamplerate_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000032768 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libscaletempo_pitch_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000028160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libscaletempo_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000027648 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 001048064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libspatialaudio_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000093696 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libspatializer_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000030720 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libspeex_resampler_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000022528 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libstereo_widen_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000034816 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libtospdif_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000020992 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000018944 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libugly_resampler_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000019456 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_mixer\libfloat_mixer_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000022528 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_mixer\libinteger_mixer_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000018432 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_output\libadummy_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000022016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_output\libafile_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000020480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_output\libamem_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000039936 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_output\libdirectsound_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000047104 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_output\libmmdevice_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000036864 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_output\libwasapi_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000036864 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_output\libwaveout_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000088064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\liba52_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000028160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libadpcm_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000020992 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libaes3_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 007614976 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libaom_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000041472 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libaraw_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 026777088 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libavcodec_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000068096 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libcc_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000024576 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libcdg_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000101376 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libcrystalhd_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000024576 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libcvdsub_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000259584 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libd3d11va_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 001253888 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libdav1d_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000191488 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libdca_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000042496 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libddummy_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000037888 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libdmo_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000089088 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libdvbsub_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000218112 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libdxva2_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000018432 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libedummy_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000280064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libfaad_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000429056 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libflac_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000311296 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libfluidsynth_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000032256 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libg711_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000220160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libjpeg_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000075264 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libkate_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 002533376 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\liblibass_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000125952 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\liblibmpeg2_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000029184 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\liblpcm_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000117248 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libmft_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000333824 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libmpg123_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\liboggspots_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000328704 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libopus_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000184320 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libqsv_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\librawvideo_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000018944 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\librtpvideo_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 001435648 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libschroedinger_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000024576 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libscte18_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000037376 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libscte27_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000671744 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libsdl_image_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000018432 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libspdif_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000145408 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libspeex_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000028160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libspudec_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000025088 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libstl_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000055808 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libsubsdec_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000024064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libsubstx3g_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000031744 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libsubsusf_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000024576 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libsvcdsub_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000018432 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libt140_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000023040 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libtextst_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000315392 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libtheora_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000101376 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libttml_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000138240 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libtwolame_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:01 - 000020480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libuleaddvaudio_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000765440 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libvorbis_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 003690496 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libvpx_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000167424 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libwebvtt_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 001010176 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libx264_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 004764160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libx265_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 001494016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libzvbi_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000018432 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\control\libdummy_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000024576 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\control\libgestures_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000064512 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\control\libhotkeys_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\control\libnetsync_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000046080 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\control\libntservice_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000073728 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\control\liboldrc_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000022528 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\control\libwin_hotkeys_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\control\libwin_msg_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000192512 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\d3d11\libdirect3d11_filters_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000142848 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\d3d9\libdirect3d9_filters_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 002265600 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libadaptive_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libaiff_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000097792 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libasf_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000020480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libau_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000113664 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libavi_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000027136 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libcaf_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libdemux_cdg_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000088064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libdemux_chromecast_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000022528 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libdemux_stl_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libdemuxdump_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000020480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libdiracsys_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019456 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libdirectory_demux_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000046080 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libes_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000094720 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libflacsys_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000356352 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libgme_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000124416 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libh26x_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000030720 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libimage_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000025600 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libmjpeg_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 001723392 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libmkv_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000296960 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libmp4_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000085504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libmpc_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libmpgv_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000018432 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libnoseek_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000056832 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libnsc_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000024064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libnsv_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000027136 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libnuv_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000323584 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libogg_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000149504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libplaylist_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000047616 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libps_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000026112 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libpva_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\librawaud_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000022528 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\librawdv_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000024576 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\librawvid_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000039936 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libreal_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 001231872 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libsid_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000026112 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libsmf_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000098304 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libsubtitle_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000304640 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libts_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000020992 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libtta_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000040960 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libty_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000020480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libvc1_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000085504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libvobsub_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libvoc_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000028160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libwav_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libxa_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000049152 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\keystore\libfile_keystore_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000020480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\keystore\libmemory_keystore_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000041472 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\logger\libconsole_logger_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000044544 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\logger\libfile_logger_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000041984 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\meta_engine\libfolder_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 001478656 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\meta_engine\libtaglib_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000086016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\libaddonsfsstorage_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000078848 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\libaddonsvorepository_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000054784 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\libaudioscrobbler_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000050688 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\libexport_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000061440 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\libfingerprinter_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 001379328 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\libgnutls_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000018432 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\liblogger_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\libstats_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000100352 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\libvod_rtsp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 001485312 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\misc\libxml_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000051712 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\mux\libmux_asf_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000037376 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\mux\libmux_avi_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019456 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\mux\libmux_dummy_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000227840 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\mux\libmux_mp4_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000041472 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\mux\libmux_mpjpeg_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000073728 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\mux\libmux_ogg_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000069632 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\mux\libmux_ps_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000144384 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\mux\libmux_ts_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000022528 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\mux\libmux_wav_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000030208 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_a52_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000043008 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_av1_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_copy_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000034816 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_dirac_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000028672 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_dts_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000029184 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_flac_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000153088 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_h264_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000116224 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_hevc_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000036864 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_mlp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000070656 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000033792 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000025088 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_mpegaudio_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000033792 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000040448 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\packetizer\libpacketizer_vc1_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\services_discovery\libmediadirs_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000026112 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\services_discovery\libpodcast_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000132608 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\services_discovery\libsap_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000437248 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\services_discovery\libupnp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\services_discovery\libwindrive_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000028160 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\spu\libaudiobargraph_v_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000027136 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\spu\liblogo_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000026624 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\spu\libmarq_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000034816 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\spu\libmosaic_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000663552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\spu\libremoteosd_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000053248 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\spu\librss_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000031744 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\spu\libsubsdelay_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000400896 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_extractor\libarchive_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libadf_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000047104 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libaribcam_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000022016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libcache_block_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000022016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libcache_read_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000059392 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libhds_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000047616 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libinflate_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libprefetch_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\librecord_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000020480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libskiptags_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019456 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_autodel_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000048640 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_bridge_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 001233920 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_chromaprint_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 001088000 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_chromecast_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_cycle_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019456 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_delay_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000018944 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_description_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_display_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000018432 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_dummy_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000075776 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_duplicate_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000024064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_es_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000020480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_gather_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000027648 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_mosaic_bridge_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000052736 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_record_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000773632 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_rtp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000020992 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_setid_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_smem_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000050688 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_standard_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000044032 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_stats_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000049664 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_out\libstream_out_transcode_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 002077696 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\text_renderer\libfreetype_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000026112 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\text_renderer\libsapi_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000017920 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\text_renderer\libtdummy_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000046592 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libchain_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000023040 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libgrey_yuv_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000109056 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_10_p010_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000111616 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_nv12_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000059904 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_rgb_mmx_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000037888 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_rgb_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000120832 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_rgb_sse2_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000026624 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000037888 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_yuy2_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000035840 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi420_yuy2_sse2_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi422_i420_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000024064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi422_yuy2_mmx_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000032256 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi422_yuy2_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000029696 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000018944 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\librv32_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000821248 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libswscale_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libyuvp_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000034816 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libyuy2_i420_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000028672 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_chroma\libyuy2_i422_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000074752 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libadjust_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000020992 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libalphamask_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000024064 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libanaglyph_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000027136 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libantiflicker_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000039424 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libball_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000166912 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libblend_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000022528 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libblendbench_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000029184 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libbluescreen_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000045056 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libcanvas_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000022016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libcolorthres_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000024576 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libcroppadd_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000136704 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libdeinterlace_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libedgedetection_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000026624 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\liberase_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000024576 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libextract_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libfps_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libfreeze_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000024576 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libgaussianblur_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000029184 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libgradfun_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000042496 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libgradient_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000034304 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libgrain_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000031232 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libhqdn3d_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000022016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libinvert_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libmagnify_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000034304 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libmirror_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000022528 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libmotionblur_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000027648 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libmotiondetect_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000030720 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\liboldmovie_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libposterize_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000121856 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libpostproc_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000022016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libpsychedelic_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000089088 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libpuzzle_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000022016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libripple_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000062464 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\librotate_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libscale_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000045056 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libscene_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000023040 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libsepia_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000020992 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libsharpen_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000035328 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libtransform_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000023552 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libvhs_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000021504 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_filter\libwave_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000818688 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libcaca_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000346624 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libdirect3d11_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000268288 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libdirect3d9_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000246272 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libdirectdraw_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000018944 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libdrawable_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000044544 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libflaschen_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000094720 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libgl_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000304640 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libglwin32_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000020480 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libvdummy_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000022016 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libvmem_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000096768 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libwgl_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000230400 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libwingdi_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000019968 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libwinhibit_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000044032 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libyuv_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000020992 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_splitter\libclone_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000045056 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_splitter\libpanoramix_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000058880 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_splitter\libwall_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000038400 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\visualization\libglspectrum_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000208384 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\visualization\libgoom_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 001702912 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\visualization\libprojectm_plugin.dll
2021-04-09 08:30 - 2020-06-03 22:02 - 000056832 _____ (VideoLAN) [File not signed] C:\Program Files (x86)\DearMob\5KPlayer\plugins\visualization\libvisual_plugin.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-1015540938-3996997567-1391499832-1001 -> DefaultScope {43B1B2E9-843B-4459-8E32-95BA5A2117FD} URL =
SearchScopes: HKU\S-1-5-21-1015540938-3996997567-1391499832-1001 -> {43B1B2E9-843B-4459-8E32-95BA5A2117FD} URL =
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\oldnational.com -> hxxps://www.oldnational.com
IE trusted site: HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\pnc.com -> hxxps://www.onlinebanking.pnc.com
IE trusted site: HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\sharepoint.com -> hxxps://anderson0-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-11 19:38 - 2018-04-11 19:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jhauk\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\2020 08 07 The boys.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "DellMobileConnectWelcome"
HKLM\...\StartupApproved\Run: => "WavesSvc"
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\StartupApproved\Run: => "Zalo"
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\StartupApproved\Run: => "GarminExpress"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{0BF25BA8-8276-4A70-9625-7D0BC5C469D6}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{3AA89511-D6C1-4D99-B70B-6B07A506BA62}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{01124C22-FC05-4808-BC13-12C076DDC76E}] => (Allow) C:\Users\jhauk\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{05D6B342-78F3-482C-B53E-0D3E4467F99D}] => (Allow) C:\Users\jhauk\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{7E348CD9-0918-40FB-9C58-0C7176627CA5}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{482CD256-9F6B-400E-B563-E6821169580F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C2006FCD-AD51-45E0-B4A4-B874E7474F91}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{55DBA7B1-5982-433F-8D38-DE7E7E51F490}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{D545A722-3337-485D-BDC1-704C1A98AB82}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{88D6118D-6A11-4619-897E-735523227F99}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{7023B499-2448-4724-8081-517C15763D1F}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{3F2A6D7E-9815-45CF-B176-9C8BC9FA27E0}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{D8DD128A-FB4A-448A-85E4-37BFF4E1E1A5}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector -> Flash-Integro LLC)
FirewallRules: [TCP Query User{96B8CB64-96D9-4BF8-AC6A-0438EF3926A0}C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.1.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\launch.exe] => (Allow) C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.1.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\launch.exe => No File
FirewallRules: [UDP Query User{5EA0394E-C7E0-45AF-BDD8-C319EED2B8AA}C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.1.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\launch.exe] => (Allow) C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.1.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\launch.exe => No File
FirewallRules: [TCP Query User{786C4EF5-F340-416B-BECF-3C0690788894}C:\program files\dvdfab\dvdfab 12\dvdfab64.exe] => (Allow) C:\program files\dvdfab\dvdfab 12\dvdfab64.exe => No File
FirewallRules: [UDP Query User{8FA259D2-1508-4210-A52E-FA1B2F95C0AA}C:\program files\dvdfab\dvdfab 12\dvdfab64.exe] => (Allow) C:\program files\dvdfab\dvdfab 12\dvdfab64.exe => No File
FirewallRules: [TCP Query User{565B4B4A-B93A-4ECA-975E-380E884EDBFF}C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.2.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\openshot-qt.exe] => (Allow) C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.2.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [UDP Query User{6E23B3D1-7A4F-4AF6-9719-0D263E97DE6D}C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.2.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\openshot-qt.exe] => (Allow) C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.2.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [TCP Query User{0937C031-7424-4A22-A065-9A9E1D396F17}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Allow) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe (Digiarty Software, Inc. -> DearMob)
FirewallRules: [UDP Query User{37020B62-4258-4ABC-9472-2368C60CE78C}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Allow) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe (Digiarty Software, Inc. -> DearMob)
FirewallRules: [{77D9FBF5-0004-4276-9006-B49E3FEE8F98}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9514920F-C25B-4AD1-B7C8-DB1E0490E178}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E6AEE2EB-DCE2-47DC-B07F-F07EEDABA27A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{669EE4AF-EDC7-4D82-8EBD-E2A33BE16E1B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{645A3D14-83C3-48D9-9F97-C1C940B18BB0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B7DBB186-6373-444E-AD5B-E06C6D18C1AA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BB024AD8-CF94-4AF8-8FCB-3AB7C4673C91}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1FFB60A2-85F0-4AAF-ABEF-BA34ACA52327}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{96A4AB91-C986-4767-AF64-47FCDD1BCE83}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{520FDAF8-DD3A-4EE1-A365-A35C704FEF5E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{49A6E846-62A1-4B03-8267-0F9992A2DC72}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C3587CD2-52D5-4885-A8E2-0D01D208EF31}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{12DDBAF2-7814-472B-9A68-F0F7CE80A621}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1487664C-7571-4710-A980-D5E6B43C2D74}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{9466FDD6-4604-4200-8A14-248087F11BBE}] => (Allow) C:\Program Files\WindowsApps\91750D7E.Slack_4.17.1.0_x64__8she8kybcnzg4\app\Slack.exe (Slack Technologies, Inc. -> Slack Technologies Inc.)
FirewallRules: [{040A4BBE-5FAC-48F8-88BC-535DCFAAAFCE}] => (Allow) C:\Program Files\WindowsApps\91750D7E.Slack_4.17.1.0_x64__8she8kybcnzg4\app\Slack.exe (Slack Technologies, Inc. -> Slack Technologies Inc.)
FirewallRules: [{4463B185-C0FA-46C6-B744-2AED2F374A76}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9803.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{6E459C1C-9939-4077-AEEA-00B6EB94115A}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9803.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{27A394FC-9359-4648-A2BC-24C77F68C5B4}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\91.0.864.59\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

26-06-2021 11:09:25 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/27/2021 07:58:51 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.

Error: (06/27/2021 07:58:51 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (06/27/2021 07:58:50 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.
.

Error: (06/27/2021 07:58:50 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (06/26/2021 01:58:29 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {6d4bd2e3-f197-4e91-af79-dcc6ff13954a}

Error: (06/26/2021 01:26:16 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {6d4bd2e3-f197-4e91-af79-dcc6ff13954a}

Error: (06/25/2021 11:51:17 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {6d4bd2e3-f197-4e91-af79-dcc6ff13954a}

Error: (06/25/2021 08:38:33 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {6d4bd2e3-f197-4e91-af79-dcc6ff13954a}


System errors:
=============
Error: (06/27/2021 08:19:27 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Dell Data Vault Processor service hung on starting.

Error: (06/27/2021 08:16:00 AM) (Source: googledrivefs3301) (EventID: 2) (User: )
Description: The driver version of the disk does not match.

Error: (06/27/2021 08:12:08 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Delivery Optimization service did not shut down properly after receiving a preshutdown control.

Error: (06/27/2021 08:11:42 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-6JBP3L9)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

Error: (06/27/2021 08:11:41 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-6JBP3L9)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

Error: (06/27/2021 08:03:44 AM) (Source: googledrivefs3301) (EventID: 2) (User: )
Description: The driver version of the disk does not match.

Error: (06/27/2021 07:03:14 AM) (Source: googledrivefs3301) (EventID: 2) (User: )
Description: The driver version of the disk does not match.

Error: (06/26/2021 09:18:39 AM) (Source: googledrivefs3301) (EventID: 2) (User: )
Description: The driver version of the disk does not match.


Windows Defender:
================
Date: 2021-06-26 10:52:21
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-25 07:58:21
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-24 07:51:26
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-23 08:36:41
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-22 10:28:41
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-27 08:11:52
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.341.1522.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18200.4
Error code: 0x80240022
Error description: The program can't check for definition updates.

Date: 2021-06-27 08:11:52
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.341.1522.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18200.4
Error code: 0x80240022
Error description: The program can't check for definition updates.

Date: 2021-06-04 07:04:32
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.341.40.0
Previous security intelligence Version: 1.339.1944.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

Date: 2021-06-04 07:04:32
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.341.40.0
Previous security intelligence Version: 1.339.1944.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

Date: 2021-06-04 07:04:32
Description:
Microsoft Defender Antivirus has encountered an error trying to update the engine.
New Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error Code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.

==================== Memory info ===========================

BIOS: Dell Inc. 2.15.0 02/21/2020
Motherboard: Dell Inc. 0H4VK7
Processor: Intel® Core™ i3-8100 CPU @ 3.60GHz
Percentage of memory in use: 80%
Total physical RAM: 8006.97 MB
Available physical RAM: 1526.37 MB
Total Virtual: 14662.97 MB
Available Virtual: 7211.96 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:917.05 GB) (Free:559.08 GB) NTFS
Drive g: (Google Drive) (Fixed) (Total:917.05 GB) (Free:531.12 GB) FAT32

\\?\Volume{ddeb6c84-810c-46a1-aec6-44f8c7ccad3a}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.45 GB) NTFS
\\?\Volume{df0a5467-a661-4a6f-af6f-55c9d5055271}\ (Image) (Fixed) (Total:11.66 GB) (Free:0.22 GB) NTFS
\\?\Volume{5da840b2-c364-4272-bd43-d66afc350687}\ (DELLSUPPORT) (Fixed) (Total:1.07 GB) (Free:0.21 GB) NTFS
\\?\Volume{7f86ac07-f133-4645-b879-12d32c99ea96}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.56 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 926B0D78)

Partition: GPT.

==================== End of Addition.txt =======================


  • 0

#4
icotonev

icotonev

    Trusted Helper

  • Malware Removal
  • 230 posts

Farbar Recovery Scan Tool - Fix

 

  • Highlight the contents of the below code box and press Ctrl + C on your keyboard:
Start::

CreateRestorePoint:
CloseProcesses:

ShortcutTarget: Indiana FB Posts.docx - Shortcut.lnk -> C:\Users\jhauk\Desktop\Indiana FB Posts.docx (No File)
ShortcutTarget: Trail Life.docx - Shortcut.lnk -> C:\Users\jhauk\Desktop\Trail Life.docx (No File)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
FirewallRules: [{01124C22-FC05-4808-BC13-12C076DDC76E}] => (Allow) C:\Users\jhauk\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{96B8CB64-96D9-4BF8-AC6A-0438EF3926A0}C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.1.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\launch.exe] => (Allow) C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.1.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\launch.exe => No File
FirewallRules: [UDP Query User{5EA0394E-C7E0-45AF-BDD8-C319EED2B8AA}C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.1.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\launch.exe] => (Allow) C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.1.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\launch.exe => No File
FirewallRules: [TCP Query User{786C4EF5-F340-416B-BECF-3C0690788894}C:\program files\dvdfab\dvdfab 12\dvdfab64.exe] => (Allow) C:\program files\dvdfab\dvdfab 12\dvdfab64.exe => No File
FirewallRules: [UDP Query User{8FA259D2-1508-4210-A52E-FA1B2F95C0AA}C:\program files\dvdfab\dvdfab 12\dvdfab64.exe] => (Allow) C:\program files\dvdfab\dvdfab 12\dvdfab64.exe => No File

cmd: ECHO Y|CHKDSK C: /F
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: sfc /scannow

EmptyTemp:
Reboot:
End::

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

  • Double-click FRST.exe/FRST64.exe to run it.
  • Press the Fix button just once and wait.
    Note: No need to paste the script into FRST.
  • Restart the computer if prompted.
  • When the fix is complete FRST will generate a log in the same location it was run from (Fixlog.txt)
  • Please copy and paste its contents into your reply.

---------------------------------------------------

In your next reply, please include:

  • Fixlog.txt

  • 0

#5
John Aukerman

John Aukerman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 255 posts

I did what you said. But I don't understand why I highlighted and copied without pasting the script into FRST

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 26-06-2021
Ran by jhauk (27-06-2021 16:01:55) Run:1
Running from C:\Users\jhauk\Desktop
Loaded Profiles: jhauk
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
ShortcutTarget: Indiana FB Posts.docx - Shortcut.lnk -> C:\Users\jhauk\Desktop\Indiana FB Posts.docx (No File)
ShortcutTarget: Trail Life.docx - Shortcut.lnk -> C:\Users\jhauk\Desktop\Trail Life.docx (No File)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
FirewallRules: [{01124C22-FC05-4808-BC13-12C076DDC76E}] => (Allow) C:\Users\jhauk\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{96B8CB64-96D9-4BF8-AC6A-0438EF3926A0}C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.1.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\launch.exe] => (Allow) C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.1.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\launch.exe => No File
FirewallRules: [UDP Query User{5EA0394E-C7E0-45AF-BDD8-C319EED2B8AA}C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.1.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\launch.exe] => (Allow) C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.1.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\launch.exe => No File
FirewallRules: [TCP Query User{786C4EF5-F340-416B-BECF-3C0690788894}C:\program files\dvdfab\dvdfab 12\dvdfab64.exe] => (Allow) C:\program files\dvdfab\dvdfab 12\dvdfab64.exe => No File
FirewallRules: [UDP Query User{8FA259D2-1508-4210-A52E-FA1B2F95C0AA}C:\program files\dvdfab\dvdfab 12\dvdfab64.exe] => (Allow) C:\program files\dvdfab\dvdfab 12\dvdfab64.exe => No File
cmd: ECHO Y|CHKDSK C: /F
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: sfc /scannow
EmptyTemp:
Reboot:

*****************

Restore point was successfully created.
Processes closed successfully.
"C:\Users\jhauk\Desktop\Indiana FB Posts.docx" => not found
"C:\Users\jhauk\Desktop\Trail Life.docx" => not found
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\System\CurrentControlSet\Services\DBUtilDrv2 => removed successfully
DBUtilDrv2 => service removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{01124C22-FC05-4808-BC13-12C076DDC76E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{96B8CB64-96D9-4BF8-AC6A-0438EF3926A0}C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.1.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\launch.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5EA0394E-C7E0-45AF-BDD8-C319EED2B8AA}C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.1.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\launch.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{786C4EF5-F340-416B-BECF-3C0690788894}C:\program files\dvdfab\dvdfab 12\dvdfab64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8FA259D2-1508-4210-A52E-FA1B2F95C0AA}C:\program files\dvdfab\dvdfab 12\dvdfab64.exe" => removed successfully

========= ECHO Y|CHKDSK C: /F =========

The type of the file system is NTFS.
Cannot lock current drive.

Chkdsk cannot run because the volume is in use by another
process.  Would you like to schedule this volume to be
checked the next time the system restarts? (Y/N) Y

This volume will be checked the next time the system restarts.

========= End of CMD: =========


========= DISM /Online /Cleanup-Image /RestoreHealth =========


Deployment Image Servicing and Management tool
Version: 10.0.19041.844

Image Version: 10.0.19041.1052


[==                         3.8%                           ]

[==                         3.8%                           ]

[==                         3.8%                           ]

[==                         3.9%                           ]

[==                         4.0%                           ]

[==                         4.1%                           ]

[==                         4.2%                           ]

[==                         4.2%                           ]

[==                         4.4%                           ]

[==                         4.5%                           ]

[==                         4.6%                           ]

[==                         4.8%                           ]

[==                         4.8%                           ]

[==                         5.0%                           ]

[==                         5.1%                           ]

[===                        5.2%                           ]

[===                        5.3%                           ]

[===                        5.4%                           ]

[===                        5.4%                           ]

[===                        5.5%                           ]

[===                        5.5%                           ]

[===                        5.6%                           ]

[===                        5.7%                           ]

[===                        5.9%                           ]

[===                        6.0%                           ]

[===                        6.1%                           ]

[===                        6.2%                           ]

[===                        6.3%                           ]

[===                        6.3%                           ]

[===                        6.4%                           ]

[===                        6.5%                           ]

[===                        6.6%                           ]

[===                        6.7%                           ]

[===                        6.7%                           ]

[====                       6.9%                           ]

[====                       7.0%                           ]

[====                       7.2%                           ]

[====                       7.2%                           ]

[====                       7.3%                           ]

[====                       7.5%                           ]

[====                       7.5%                           ]

[====                       7.7%                           ]

[====                       7.8%                           ]

[====                       7.8%                           ]

[====                       8.1%                           ]

[====                       8.2%                           ]

[====                       8.2%                           ]

[====                       8.3%                           ]

[====                       8.4%                           ]

[====                       8.5%                           ]

[====                       8.6%                           ]

[=====                      8.7%                           ]

[=====                      8.8%                           ]

[=====                      9.0%                           ]

[=====                      9.4%                           ]

[=====                      9.6%                           ]

[=====                      9.8%                           ]

[=====                      9.9%                           ]

[=====                      10.1%                          ]

[=====                      10.2%                          ]

[======                     10.4%                          ]

[======                     10.6%                          ]

[======                     10.9%                          ]

[======                     11.0%                          ]

[======                     11.2%                          ]

[======                     11.3%                          ]

[======                     11.5%                          ]

[======                     11.6%                          ]

[======                     11.7%                          ]

[======                     11.8%                          ]

[======                     12.0%                          ]

[=======                    12.2%                          ]

[=======                    12.3%                          ]

[=======                    12.7%                          ]

[=======                    12.8%                          ]

[=======                    12.8%                          ]

[=======                    13.0%                          ]

[=======                    13.1%                          ]

[=======                    13.3%                          ]

[=======                    13.6%                          ]

[========                   14.0%                          ]

[========                   14.0%                          ]

[========                   14.2%                          ]

[========                   14.3%                          ]

[========                   14.3%                          ]

[========                   14.6%                          ]

[========                   14.8%                          ]

[========                   14.9%                          ]

[========                   15.0%                          ]

[========                   15.2%                          ]

[========                   15.4%                          ]

[=========                  15.5%                          ]

[=========                  15.6%                          ]

[=========                  15.7%                          ]

[=========                  16.0%                          ]

[=========                  16.2%                          ]

[=========                  16.2%                          ]

[=========                  16.3%                          ]

[=========                  16.5%                          ]

[=========                  16.6%                          ]

[=========                  17.0%                          ]

[=========                  17.2%                          ]

[==========                 17.5%                          ]

[==========                 17.8%                          ]

[==========                 18.8%                          ]

[===========                19.5%                          ]

[===========                20.3%                          ]

[===========                20.7%                          ]

[============               21.1%                          ]

[============               21.4%                          ]

[============               21.8%                          ]

[============               22.0%                          ]

[=============              22.7%                          ]

[=============              23.2%                          ]

[=============              23.8%                          ]

[==============             24.5%                          ]

[==============             25.2%                          ]

[==============             25.7%                          ]

[==============             25.8%                          ]

[===============            26.3%                          ]

[===============            26.5%                          ]

[===============            26.7%                          ]

[===============            27.0%                          ]

[===============            27.4%                          ]

[================           27.6%                          ]

[================           27.9%                          ]

[================           28.1%                          ]

[================           28.2%                          ]

[================           28.2%                          ]

[================           28.3%                          ]

[================           28.7%                          ]

[================           28.8%                          ]

[================           29.1%                          ]

[=================          29.5%                          ]

[=================          29.9%                          ]

[=================          30.1%                          ]

[=================          30.6%                          ]

[=================          30.9%                          ]

[==================         31.2%                          ]

[==================         31.5%                          ]

[==================         31.8%                          ]

[==================         32.1%                          ]

[==================         32.5%                          ]

[==================         32.8%                          ]

[===================        32.8%                          ]

[===================        33.0%                          ]

[===================        33.2%                          ]

[===================        33.4%                          ]

[===================        33.7%                          ]

[===================        33.7%                          ]

[===================        34.0%                          ]

[===================        34.1%                          ]

[===================        34.3%                          ]

[====================       34.5%                          ]

[====================       34.8%                          ]

[====================       34.9%                          ]

[====================       35.3%                          ]

[====================       35.4%                          ]

[====================       35.7%                          ]

[====================       35.9%                          ]

[====================       36.1%                          ]

[====================       36.1%                          ]

[=====================      36.3%                          ]

[=====================      36.6%                          ]

[=====================      36.8%                          ]

[=====================      37.1%                          ]

[=====================      37.3%                          ]

[=====================      37.5%                          ]

[=====================      37.7%                          ]

[=====================      37.7%                          ]

[=====================      37.8%                          ]

[======================     38.0%                          ]

[======================     38.0%                          ]

[======================     38.1%                          ]

[======================     38.3%                          ]

[======================     38.3%                          ]

[======================     38.4%                          ]

[======================     38.8%                          ]

[======================     38.9%                          ]

[======================     39.0%                          ]

[======================     39.0%                          ]

[======================     39.0%                          ]

[======================     39.1%                          ]

[======================     39.2%                          ]

[======================     39.2%                          ]

[======================     39.2%                          ]

[======================     39.3%                          ]

[======================     39.3%                          ]

[======================     39.4%                          ]

[======================     39.4%                          ]

[======================     39.5%                          ]

[======================     39.5%                          ]

[======================     39.5%                          ]

[======================     39.6%                          ]

[=======================    39.7%                          ]

[=======================    39.7%                          ]

[=======================    39.7%                          ]

[=======================    39.8%                          ]

[=======================    39.8%                          ]

[=======================    39.8%                          ]

[=======================    39.8%                          ]

[=======================    39.9%                          ]

[=======================    39.9%                          ]

[=======================    40.0%                          ]

[=======================    40.2%                          ]

[=======================    40.2%                          ]

[=======================    40.2%                          ]

[=======================    40.3%                          ]

[=======================    40.4%                          ]

[=======================    40.5%                          ]

[=======================    40.6%                          ]

[=======================    40.7%                          ]

[=======================    40.8%                          ]

[=======================    40.8%                          ]

[=======================    41.1%                          ]

[=======================    41.3%                          ]

[========================   41.6%                          ]

[========================   41.7%                          ]

[========================   41.9%                          ]

[========================   42.0%                          ]

[========================   42.3%                          ]

[========================   42.3%                          ]

[========================   42.4%                          ]

[========================   42.6%                          ]

[========================   42.9%                          ]

[========================   43.0%                          ]

[========================   43.0%                          ]

[=========================  43.2%                          ]

[=========================  43.2%                          ]

[=========================  43.3%                          ]

[=========================  43.4%                          ]

[=========================  43.4%                          ]

[=========================  43.5%                          ]

[=========================  43.7%                          ]

[=========================  43.7%                          ]

[=========================  43.8%                          ]

[=========================  43.8%                          ]

[=========================  44.0%                          ]

[=========================  44.1%                          ]

[=========================  44.2%                          ]

[=========================  44.4%                          ]

[=========================  44.4%                          ]

[=========================  44.4%                          ]

[=========================  44.5%                          ]

[=========================  44.5%                          ]

[=========================  44.5%                          ]

[=========================  44.6%                          ]

[=========================  44.8%                          ]

[========================== 44.8%                          ]

[========================== 44.9%                          ]

[========================== 45.0%                          ]

[========================== 45.1%                          ]

[========================== 45.2%                          ]

[========================== 45.4%                          ]

[========================== 45.4%                          ]

[========================== 45.6%                          ]

[========================== 45.6%                          ]

[========================== 45.7%                          ]

[========================== 45.7%                          ]

[========================== 45.8%                          ]

[========================== 45.8%                          ]

[========================== 46.0%                          ]

[========================== 46.0%                          ]

[========================== 46.2%                          ]

[========================== 46.3%                          ]

[========================== 46.4%                          ]

[========================== 46.5%                          ]

[===========================46.6%                          ]

[===========================46.6%                          ]

[===========================46.7%                          ]

[===========================46.7%                          ]

[===========================46.9%                          ]

[===========================46.9%                          ]

[===========================47.1%                          ]

[===========================47.2%                          ]

[===========================47.3%                          ]

[===========================47.4%                          ]

[===========================47.5%                          ]

[===========================47.7%                          ]

[===========================47.7%                          ]

[===========================47.8%                          ]

[===========================48.1%                          ]

[===========================48.4%                          ]

[===========================48.8%                          ]

[===========================48.9%                          ]

[===========================49.1%                          ]

[===========================49.1%                          ]

[===========================49.7%                          ]

[===========================50.3%                          ]

[===========================50.5%                          ]

[===========================51.0%                          ]

[===========================51.4%                          ]

[===========================51.8%                          ]

[===========================52.2%                          ]

[===========================52.4%                          ]

[===========================52.6%                          ]

[===========================52.8%                          ]

[===========================53.3%                          ]

[===========================53.6%                          ]

[===========================53.8%                          ]

[===========================53.9%                          ]

[===========================53.9%                          ]

[===========================53.9%                          ]

[===========================54.0%                          ]

[===========================54.0%                          ]

[===========================54.0%                          ]

[===========================54.0%                          ]

[===========================54.1%                          ]

[===========================54.2%                          ]

[===========================54.2%                          ]

[===========================54.3%                          ]

[===========================54.3%                          ]

[===========================54.3%                          ]

[===========================54.3%                          ]

[===========================54.3%                          ]

[===========================54.3%                          ]

[===========================54.3%                          ]

[===========================54.4%                          ]

[===========================54.4%                          ]

[===========================54.4%                          ]

[===========================54.5%                          ]

[===========================54.5%                          ]

[===========================54.5%                          ]

[===========================54.6%                          ]

[===========================54.6%                          ]

[===========================54.6%                          ]

[===========================54.6%                          ]

[===========================54.7%                          ]

[===========================54.7%                          ]

[===========================54.7%                          ]

[===========================54.7%                          ]

[===========================54.8%                          ]

[===========================54.8%                          ]

[===========================54.9%                          ]

[===========================54.9%                          ]

[===========================54.9%                          ]

[===========================55.0%                          ]

[===========================55.0%                          ]

[===========================55.1%                          ]

[===========================55.1%                          ]

[===========================55.1%                          ]

[===========================55.2%                          ]

[===========================55.2%                          ]

[===========================55.2%                          ]

[===========================55.3%                          ]

[===========================55.3%                          ]

[===========================55.3%                          ]

[===========================55.4%                          ]

[===========================55.4%                          ]

[===========================55.4%                          ]

[===========================55.5%                          ]

[===========================55.5%                          ]

[===========================55.5%                          ]

[===========================55.5%                          ]

[===========================55.5%                          ]

[===========================55.5%                          ]

[===========================55.6%                          ]

[===========================55.6%                          ]

[===========================55.6%                          ]

[===========================55.7%                          ]

[===========================55.7%                          ]

[===========================55.7%                          ]

[===========================55.7%                          ]

[===========================55.8%                          ]

[===========================55.8%                          ]

[===========================55.8%                          ]

[===========================55.8%                          ]

[===========================55.8%                          ]

[===========================55.9%                          ]

[===========================55.9%                          ]

[===========================56.0%                          ]

[===========================56.0%                          ]

[===========================56.1%                          ]

[===========================56.1%                          ]

[===========================56.2%                          ]

[===========================56.2%                          ]

[===========================56.2%                          ]

[===========================56.3%                          ]

[===========================56.4%                          ]

[===========================56.4%                          ]

[===========================56.4%                          ]

[===========================56.4%                          ]

[===========================56.5%                          ]

[===========================56.5%                          ]

[===========================56.5%                          ]

[===========================56.5%                          ]

[===========================56.5%                          ]

[===========================56.6%                          ]

[===========================56.6%                          ]

[===========================56.6%                          ]

[===========================56.8%                          ]

[===========================56.8%                          ]

[===========================56.8%                          ]

[===========================56.8%                          ]

[===========================56.8%                          ]

[===========================56.8%                          ]

[===========================57.1%=                         ]

[===========================57.2%=                         ]

[===========================57.3%=                         ]

[===========================57.4%=                         ]

[===========================57.4%=                         ]

[===========================57.4%=                         ]

[===========================57.5%=                         ]

[===========================57.7%=                         ]

[===========================57.7%=                         ]

[===========================58.2%=                         ]

[===========================58.2%=                         ]

[===========================58.8%==                        ]

[===========================59.4%==                        ]

[===========================59.6%==                        ]

[===========================59.7%==                        ]

[===========================60.0%==                        ]

[===========================60.1%==                        ]

[===========================62.3%====                      ]

[===========================84.9%=================         ]

[==========================100.0%==========================]
The restore operation completed successfully.
The operation completed successfully.

========= End of CMD: =========


========= sfc /scannow =========



Beginning system scan.  This process will take some time.



Beginning verification phase of system scan.


Verification 0% complete.
Verification 1% complete.
Verification 1% complete.
Verification 2% complete.
Verification 3% complete.
Verification 3% complete.
Verification 4% complete.
Verification 5% complete.
Verification 5% complete.
Verification 6% complete.
Verification 7% complete.
Verification 7% complete.
Verification 8% complete.
Verification 9% complete.
Verification 9% complete.
Verification 10% complete.
Verification 11% complete.
Verification 11% complete.
Verification 12% complete.
Verification 12% complete.
Verification 13% complete.
Verification 14% complete.
Verification 14% complete.
Verification 15% complete.
Verification 16% complete.
Verification 16% complete.
Verification 17% complete.
Verification 18% complete.
Verification 18% complete.
Verification 19% complete.
Verification 20% complete.
Verification 20% complete.
Verification 21% complete.
Verification 22% complete.
Verification 22% complete.
Verification 23% complete.
Verification 24% complete.
Verification 24% complete.
Verification 25% complete.
Verification 25% complete.
Verification 26% complete.
Verification 27% complete.
Verification 27% complete.
Verification 28% complete.
Verification 29% complete.
Verification 29% complete.
Verification 30% complete.
Verification 31% complete.
Verification 31% complete.
Verification 32% complete.
Verification 33% complete.
Verification 33% complete.
Verification 34% complete.
Verification 35% complete.
Verification 35% complete.
Verification 36% complete.
Verification 37% complete.
Verification 37% complete.
Verification 38% complete.
Verification 38% complete.
Verification 39% complete.
Verification 40% complete.
Verification 40% complete.
Verification 41% complete.
Verification 42% complete.
Verification 42% complete.
Verification 43% complete.
Verification 44% complete.
Verification 44% complete.
Verification 45% complete.
Verification 46% complete.
Verification 46% complete.
Verification 47% complete.
Verification 48% complete.
Verification 48% complete.
Verification 49% complete.
Verification 50% complete.
Verification 50% complete.
Verification 51% complete.
Verification 51% complete.
Verification 52% complete.
Verification 53% complete.
Verification 53% complete.
Verification 54% complete.
Verification 55% complete.
Verification 55% complete.
Verification 56% complete.
Verification 57% complete.
Verification 57% complete.
Verification 58% complete.
Verification 59% complete.
Verification 59% complete.
Verification 60% complete.
Verification 61% complete.
Verification 61% complete.
Verification 62% complete.
Verification 63% complete.
Verification 63% complete.
Verification 64% complete.
Verification 64% complete.
Verification 65% complete.
Verification 66% complete.
Verification 66% complete.
Verification 67% complete.
Verification 68% complete.
Verification 68% complete.
Verification 69% complete.
Verification 70% complete.
Verification 70% complete.
Verification 71% complete.
Verification 72% complete.
Verification 72% complete.
Verification 73% complete.
Verification 74% complete.
Verification 74% complete.
Verification 75% complete.
Verification 75% complete.
Verification 76% complete.
Verification 77% complete.
Verification 77% complete.
Verification 78% complete.
Verification 79% complete.
Verification 79% complete.
Verification 80% complete.
Verification 81% complete.
Verification 81% complete.
Verification 82% complete.
Verification 83% complete.
Verification 83% complete.
Verification 84% complete.
Verification 85% complete.
Verification 85% complete.
Verification 86% complete.
Verification 87% complete.
Verification 87% complete.
Verification 88% complete.
Verification 88% complete.
Verification 89% complete.
Verification 90% complete.
Verification 90% complete.
Verification 91% complete.
Verification 92% complete.
Verification 92% complete.
Verification 93% complete.
Verification 94% complete.
Verification 94% complete.
Verification 95% complete.
Verification 96% complete.
Verification 96% complete.
Verification 97% complete.
Verification 98% complete.
Verification 98% complete.
Verification 99% complete.
Verification 100% complete.


Windows Resource Protection found corrupt files and successfully repaired them.

For online repairs, details are included in the CBS log file located at

windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. For offline

repairs, details are included in the log file provided by the /OFFLOGFILE flag.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 12869632 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1532347515 B
Java, Flash, Steam htmlcache => 2493816 B
Windows/system/drivers => 26930438 B
Edge => 1049346 B

 


  • 0

#6
John Aukerman

John Aukerman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 255 posts

Hello?


  • 0

#7
John Aukerman

John Aukerman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 255 posts

What's next?


  • 0

#8
John Aukerman

John Aukerman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 255 posts

Hello. We need to complete malware removal. Thanks.


  • 0

#9
icotonev

icotonev

    Trusted Helper

  • Malware Removal
  • 230 posts

Hi , John Aukerman..! :)  I am sorry for the late answer..! I was not online for personal reasons ..! 

Tell me what problems do you see at this stage ..?

 

After that, I will need fresh FRST logs.

 

Fresh FRST logs

 

  • Double-click on the FRST icon to run it, as you did before. When the tool opens click Yes to disclaimer.
  • Press Scan button and wait for a while.
  • The scanner will produced two logs on your Desktop: FRST.txt and Addition.txt.
  • Please attach the content of these two logs in your next reply

  • 0

#10
John Aukerman

John Aukerman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 255 posts

Good to see that you're back - thanks!

 

Computer continues to run too slow. Programs take excessively long to open. Websites load slowly.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-08-2021
Ran by jhauk (administrator) on DESKTOP-6JBP3L9 (Dell Inc. Inspiron 3670) (15-08-2021 07:33:17)
Running from C:\Users\jhauk\Desktop
Loaded Profiles: jhauk
Platform: Windows 10 Home Version 21H1 19043.1165 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc -> Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\50.0.11.0\crashpad_handler.exe <4>
(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe <7>
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_efb119a73d6b56f6\igfxCUIService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_577b4722c749a41f\OneApp.IGCC.WinService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9a914baee86356a0\IntelCpHDCPSvc.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9a914baee86356a0\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_9c788f1d162b1224\RstMwService.exe
(Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\laclient.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <9>
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe
(Pro Softnet Corporation -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe
(Pro Softnet Corporation -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_service.exe
(Pro Softnet Corporation -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_tray.exe
(Qualcomm Atheros -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_18c775e07a6aaafd\RtkAudUService64.exe <3>
(Rivet Networks LLC -> DELL) C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RAPS.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Rivet Networks LLC -> Rivet Networks, LLC.) C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_444d52e511fbcc11\WavesSysSvc64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_18c775e07a6aaafd\RtkAudUService64.exe [1257032 2021-04-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWStartup.exe [313064 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320056 2019-12-10] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [WSVCUUpdateHelper.exe] => C:\Program Files\Wondershare\Wondershare UniConverter (CPC)\WSVCUUpdateHelper.exe
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_9e45e2d5613ef7ef\WavesSvc64.exe [1237920 2019-09-05] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1668000 2021-06-09] (Logitech Inc -> Logitech, Inc.)
HKLM-x32\...\Run: [IDrive Background process] => C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe [78176 2020-02-18] (Pro Softnet Corporation -> Prosoftnet)
HKLM-x32\...\Run: [IDrive Tray] => C:\Program Files (x86)\IDriveWindows\id_tray.exe [1977696 2020-02-18] (Pro Softnet Corporation -> Prosoftnet)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [uupdate] => C:\ProgramData\wDcLibs\uhelper.exe [512280 2019-11-28] (Shenzhen Yi Xing Investment Co., Ltd. -> )
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [271496 2017-11-02] (Canon Inc. -> CANON INC.)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30862320 2019-07-25] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\BJ Print Processor4: C:\Windows\System32\spool\prtprocs\x64\CNBPP4.DLL [84992 2011-08-30] (CANON INC.) [File not signed]
HKLM\...\Windows x64\Print Processors\Canon MP970 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD91.DLL [27648 2007-05-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon TS8300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDFT.DLL [529408 2020-06-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\BJ Language Monitor4: C:\WINDOWS\system32\CNBLM4.DLL [267776 2011-08-30] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP970 series: C:\WINDOWS\system32\CNMLM91.DLL [258560 2007-05-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS8300 series: C:\WINDOWS\system32\CNMLMFT.DLL [959488 2020-06-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [252416 2012-08-30] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.131\Installer\chrmstp.exe [2021-08-02] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NotificationTool.lnk [2020-02-13]
ShortcutTarget: NotificationTool.lnk -> C:\Program Files (x86)\Canon\hdAlbum EZ\NotificationTool.exe (Canon Inc. -> CANON INC.)
Startup: C:\Users\jhauk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\firefox.exe - Shortcut.lnk [2019-10-12]
ShortcutTarget: firefox.exe - Shortcut.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
Startup: C:\Users\jhauk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Indiana FB Posts.docx - Shortcut.lnk [2019-10-21]
ShortcutTarget: Indiana FB Posts.docx - Shortcut.lnk -> C:\Users\jhauk\Desktop\Indiana FB Posts.docx (No File)
Startup: C:\Users\jhauk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trail Life.docx - Shortcut.lnk [2019-11-21]
ShortcutTarget: Trail Life.docx - Shortcut.lnk -> C:\Users\jhauk\Desktop\Trail Life.docx (No File)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00B2E2EF-1A5C-4BB5-B9B8-272D8DC5F71E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1684B791-B395-4DD1-A66B-D08FE33B62CE} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\Explorer.exe /NOUACCHECK
Task: {183B7B61-47E1-41C0-A371-30B1DE4336AC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253888 2021-08-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {270E99CF-94DD-4F75-8E84-BAB98E5FEE55} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2B8870A4-60F4-4C5C-A693-802D68644B37} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4C26AFD1-5C37-4F8A-BC2C-27E939578E35} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-18] (Google Inc -> Google Inc.)
Task: {54C58EB4-72BD-462A-9CD0-611510CB59BA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {63B8AE8D-E141-4881-9AA8-79C4D84B2FA6} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139112 2021-08-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {6FA09C71-734B-4CAB-AAAB-489DFCB79B41} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139112 2021-08-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {82C37CD8-60F8-447B-BBD5-3B11FB416215} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {88F1048A-E883-4F12-9D28-98A5C8C00B37} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [95072 2020-08-14] (Rivet Networks LLC -> DELL)
Task: {8AD99930-B90F-4E03-B6D9-14AF5D0E76CB} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1060384 2021-07-17] (Dell Inc -> Dell Inc.)
Task: {B1DFA3C8-E80C-4219-A482-A461ADCFE7A4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253888 2021-08-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {D84D1083-CFBE-4D21-BBDC-6BBCDAE9FE06} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [673720 2021-08-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {DC24A639-C495-4029-8875-650BD3169F6A} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2019-07-25] (Garmin International, Inc. -> )
Task: {EDFF0B54-722B-4DB3-93E5-B0A4BC32CA25} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1546112 2021-08-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {FCA6206D-B840-474E-8114-64E82E20DEBF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-18] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{e6d416ea-722e-4537-9bf4-49c06dbe3514}: [DhcpNameServer] 192.168.1.254

Edge:
=======
DownloadDir: C:\Users\jhauk\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\jhauk\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-15]
Edge DownloadDir: Default -> C:\Users\jhauk\Downloads
Edge StartupUrls: Default -> "hxxps://www.onlinebanking.pnc.com/alservlet/PNCOnlineBankingServletLogin"

FireFox:
========
FF DefaultProfile: ou4ydgfb.default-1553941110074
FF ProfilePath: C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074 [2021-08-15]
FF DownloadDir: C:\Users\jhauk\Desktop
FF Homepage: Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074 -> hxxps://www.facebook.com/|hxxps://mail.google.com/mail/u/0/?ui=2#inbox|hxxps://calendar.google.com/calendar/u/0/r/day?tab=mc
FF Notifications: Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074 -> hxxps://www.facebook.com; hxxps://usa.life; hxxps://mail.google.com
FF HomepageOverride: Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074 -> Disabled: [email protected]
FF NewTabOverride: Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074 -> Disabled: [email protected]
FF Extension: (F.B Purity - Cleans up Facebook) - C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074\Extensions\[email protected] [2021-05-11] [UpdateUrl:hxxps://www.fbpurity.com/FF-FBP-Ext-Updates.json]
FF Extension: (Gaming Assassin) - C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074\Extensions\[email protected] [2019-11-22] [UpdateUrl:hxxps:\/\/updates.tb.ask.com\/updateXpi.json?id=224233761&version=8.924.16.56986&track=TTAB02&trackRevision=1&fromId=_e7Members_%40free.gamingassassin.com&isBridgeExtension=false]
FF Extension: (MediaPlayer Search) - C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074\Extensions\{b779151f-7a4c-46b2-83e4-3dbad231a9b9}.xpi [2019-12-06] [UpdateUrl:hxxps://cdn.mediaplayer10-cdn.com/xpi/mediaplayer10/settings_Api/0919/no_ba/updates.json]
FF Extension: (Zoom Scheduler) - C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074\Extensions\{bf855ead-d7c3-4c7b-9f88-9a7e75c0efdf}.xpi [2021-07-27]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default [2021-08-15]
CHR DownloadDir: C:\Users\jhauk\Desktop
CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/u/0/#inbox","hxxps://calendar.google.com/calendar/r?tab=mc","hxxps://www.facebook.com/"
CHR NewTab: Default ->  Not-active:"chrome-extension://bcedopgbjnjfngcejdmkppbcmcgndpkg/newtab/quicknewtabpage.html"
CHR Extension: (Slides) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-18]
CHR Extension: (Docs) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-18]
CHR Extension: (Google Drive) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (Satellite Earth) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcedopgbjnjfngcejdmkppbcmcgndpkg [2019-07-25]
CHR Extension: (YouTube) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-18]
CHR Extension: (Sheets) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-18]
CHR Extension: (Google Docs Offline) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-29]
CHR Extension: (Mountain River) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\hldnnpdpbcplkacehcbafmncblojlead [2020-05-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-28]
CHR Extension: (Gmail) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-27]
CHR HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9142128 2021-08-05] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [426528 2021-07-13] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3834400 2021-07-13] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [452640 2021-07-13] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1020584 2021-07-05] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [19128 2021-07-08] (Dell Inc -> Dell INC.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38600 2021-07-20] (Dell Inc -> )
R2 IDriveService; C:\Program Files (x86)\IDriveWindows\id_service.exe [334688 2020-02-18] (Pro Softnet Corporation -> Prosoftnet)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [443344 2020-05-25] (Canon Inc. -> )
R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [64848 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64856 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1630576 2020-08-14] (Rivet Networks LLC -> Rivet Networks)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2385256 2020-08-14] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-07-17] (Dell Inc -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\TunesGo\DriverInstall.exe [107624 2018-12-13] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
R1 googledrivefs3514; C:\WINDOWS\System32\DRIVERS\googledrivefs3514.sys [389144 2021-06-25] (Google LLC -> Google, Inc.)
R1 googledrivefs3525; C:\WINDOWS\System32\DRIVERS\googledrivefs3525.sys [389640 2021-08-09] (Google LLC -> Google, Inc.)
R3 MpKsle827940a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{37BFA8E3-2189-4503-B219-FCFD1B89BD56}\MpKslDrv.sys [123112 2021-08-14] (Microsoft Windows -> Microsoft Corporation)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [164424 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-15 07:33 - 2021-08-15 07:36 - 000027222 _____ C:\Users\jhauk\Desktop\FRST.txt
2021-08-15 07:33 - 2021-08-15 07:33 - 002300416 _____ (Farbar) C:\Users\jhauk\Desktop\FRST64.exe
2021-08-15 07:33 - 2021-08-15 07:33 - 000000000 ____D C:\Users\jhauk\Desktop\FRST-OlderVersion
2021-08-12 23:53 - 2021-08-12 23:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-08-12 16:54 - 2021-08-13 00:56 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-08-12 06:45 - 2021-08-12 06:45 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-12 06:44 - 2021-08-12 06:44 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-12 06:44 - 2021-08-12 06:44 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-12 06:44 - 2021-08-12 06:44 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-12 06:43 - 2021-08-12 06:43 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-12 06:43 - 2021-08-12 06:43 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-12 06:43 - 2021-08-12 06:43 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-12 06:19 - 2021-08-12 06:19 - 001500480 _____ C:\Users\jhauk\Documents\IMG_20210812_0001.pdf
2021-08-12 06:09 - 2021-08-12 06:09 - 000000000 ___HD C:\$WinREAgent
2021-08-11 11:59 - 2021-08-09 14:57 - 000389640 _____ (Google, Inc.) C:\WINDOWS\system32\Drivers\googledrivefs3525.sys
2021-08-11 11:52 - 2021-08-11 11:52 - 000000000 ____D C:\WINDOWS\{427AB09C-B3AD-4EB7-9D73-6D584684FE91}
2021-08-11 01:58 - 2021-08-11 01:58 - 000298092 _____ C:\Users\jhauk\Documents\Kirk (2021-08-11).rmgb
2021-08-10 02:12 - 2021-08-10 02:12 - 000292640 _____ C:\Users\jhauk\Documents\Kirk (2021-08-10).rmgb
2021-08-09 01:13 - 2021-08-09 01:13 - 000290856 _____ C:\Users\jhauk\Documents\Kirk (2021-08-09).rmgb
2021-08-06 13:39 - 2021-08-06 13:39 - 000000000 ____D C:\Users\jhauk\AppData\Local\Deployment
2021-08-06 13:39 - 2021-08-06 13:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2021-08-06 13:37 - 2021-08-06 13:37 - 000000000 ____D C:\Program Files\Logitech
2021-08-05 07:19 - 2021-08-05 07:19 - 011999962 _____ C:\Users\jhauk\Desktop\YEARBOOK 2019-Interactive-update 01-2020-FINAL.pdf
2021-08-04 21:10 - 2021-08-04 21:10 - 000003916 _____ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate
2021-08-03 07:01 - 2021-08-03 07:01 - 000037678 _____ C:\Users\jhauk\Desktop\APA Blue Silver Days.pdf
2021-08-02 08:49 - 2021-08-02 08:49 - 000647132 _____ C:\Users\jhauk\Documents\IMG_20210802_0004.pdf
2021-08-02 08:41 - 2021-08-02 08:41 - 000932330 _____ C:\Users\jhauk\Documents\IMG_20210802_0003.pdf
2021-07-31 00:53 - 2021-07-31 00:53 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-15 07:36 - 2019-03-18 10:16 - 000000000 ____D C:\ProgramData\IDrive
2021-08-15 07:36 - 2019-03-18 09:34 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-15 07:35 - 2021-06-26 12:56 - 000000000 ____D C:\FRST
2021-08-15 07:30 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-15 06:39 - 2019-03-18 09:43 - 000000000 ____D C:\ProgramData\Mozilla
2021-08-15 06:38 - 2019-03-18 09:43 - 000000000 ____D C:\Users\jhauk\AppData\LocalLow\Mozilla
2021-08-15 00:17 - 2020-06-08 06:52 - 000000000 ____D C:\Users\jhauk\Documents\Outlook Files
2021-08-15 00:03 - 2019-03-18 18:50 - 000000000 ____D C:\Users\jhauk\Documents\Bren
2021-08-14 22:47 - 2019-04-02 08:43 - 000000000 ____D C:\Program Files\Microsoft Office
2021-08-14 22:19 - 2021-01-22 07:13 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-14 21:28 - 2020-08-05 02:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-14 21:18 - 2020-06-20 06:07 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-14 21:18 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-14 21:18 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-14 21:04 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-13 06:27 - 2019-04-09 06:11 - 000000000 ____D C:\Users\jhauk\Desktop\Auk Pics
2021-08-13 06:09 - 2020-08-05 02:43 - 000842418 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-13 06:03 - 2020-08-05 02:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-13 06:03 - 2020-08-05 02:33 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-13 06:03 - 2018-11-21 03:30 - 000000000 ____D C:\Intel
2021-08-13 01:03 - 2019-12-07 05:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-13 00:57 - 2020-08-05 02:33 - 000508560 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-13 00:56 - 2019-03-18 09:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-08-13 00:53 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-13 00:53 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-13 00:53 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-13 00:53 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-13 00:53 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-13 00:53 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-13 00:53 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-13 00:53 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-13 00:53 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-12 23:53 - 2019-03-18 09:43 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-08-12 06:54 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-12 05:57 - 2019-03-19 06:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-12 05:54 - 2019-03-19 06:00 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-12 03:24 - 2019-03-18 09:26 - 000000000 ____D C:\Users\jhauk\AppData\Local\Packages
2021-08-11 11:59 - 2021-02-03 14:32 - 000002030 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2021-08-11 07:08 - 2019-03-18 18:57 - 000000000 ____D C:\Users\jhauk\Desktop\John
2021-08-11 01:58 - 2021-07-08 22:15 - 001555456 _____ C:\Users\jhauk\Documents\Kirk.rmgc
2021-08-09 07:00 - 2019-03-19 05:21 - 000000000 ____D C:\Users\Aukerman\Desktop\John
2021-08-08 17:35 - 2019-04-08 06:46 - 040710144 _____ C:\Users\jhauk\Documents\FUNK.rmgc
2021-08-04 21:26 - 2018-11-21 03:26 - 000000000 ____D C:\ProgramData\Package Cache
2021-08-04 21:14 - 2020-01-18 18:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2021-08-04 13:40 - 2018-11-21 03:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-08-03 05:05 - 2019-03-18 09:35 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-03 01:41 - 2020-08-04 18:38 - 000000000 ____D C:\Users\jhauk
2021-08-02 21:31 - 2020-08-05 02:50 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-02 21:31 - 2020-08-05 02:50 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-02 08:39 - 2020-02-13 14:56 - 000000000 ____D C:\ProgramData\CanonIJPLM
2021-08-02 08:13 - 2020-08-05 02:50 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-02 08:13 - 2020-08-05 02:50 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-07-29 22:27 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-07-29 00:53 - 2019-03-27 11:34 - 000000000 ____D C:\Users\jhauk\Desktop\Lou Ann - Choruses; Print-Scan, save to comp., doc. (pdf)
2021-07-28 06:40 - 2019-10-16 07:27 - 000000000 ___HD C:\ProgramData\CyberLink
2021-07-16 09:45 - 2021-01-22 07:13 - 000740152 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-07-16 09:45 - 2021-01-22 07:13 - 000486712 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll

==================== Files in the root of some directories ========

2003-11-10 16:27 - 2003-11-10 16:26 - 000376884 _____ () C:\Program Files\image001.bmp
2021-01-18 13:44 - 2021-01-18 13:44 - 000000171 _____ () C:\Users\jhauk\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0

==================== FLock ==============================

2021-06-05 11:34 C:\Recovery

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-08-2021
Ran by jhauk (15-08-2021 07:39:14)
Running from C:\Users\jhauk\Desktop
Windows 10 Home Version 21H1 19043.1165 (X64) (2020-08-05 06:51:15)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1015540938-3996997567-1391499832-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1015540938-3996997567-1391499832-503 - Limited - Disabled)
Guest (S-1-5-21-1015540938-3996997567-1391499832-501 - Limited - Disabled)
jhauk (S-1-5-21-1015540938-3996997567-1391499832-1001 - Administrator - Enabled) => C:\Users\jhauk
WDAGUtilityAccount (S-1-5-21-1015540938-3996997567-1391499832-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 4.8 (HKLM\...\{2FA2F521-494C-4E8F-8C30-3D3E81590413}) (Version: 4.8.0.2852 - Open Media LLC)
AceMoney (HKLM-x32\...\AceMoney_is1) (Version:  - MechCAD Software)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.005.20060 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (HKLM\...\{B7626024-53D9-4982-A1EE-64BC9438DFD5}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.10.2 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.30.1.52 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.5.5.3 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.3.0 - Canon Inc.)
Canon MP970 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP970_series) (Version:  - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.2 - Canon Inc.)
Canon TS8300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS8300_series) (Version: 1.02 - Canon Inc.)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 5.59 - NCH Software)
Dell Digital Delivery Service (HKLM-x32\...\{DD47FCB3-5038-40CE-A02A-85F51BA03F37}) (Version: 3.6.1012.0 - Dell Products, LP)
Dell Mobile Connect Drivers (HKLM\...\{04DF02C6-E3D7-4D26-A44C-6F8A2E218D2C}) (Version: 1.3.6844 - Screenovate Technologies Ltd.)
Dell SupportAssist (HKLM\...\{3A0ECCB6-1034-440E-8672-C4E14CCB7689}) (Version: 3.10.1.23 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{900D0BCD-0B86-4DAA-B639-89BE70449569}) (Version: 5.4.1.14954 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{ec40a028-983b-4213-af2c-77ed6f6fe1d5}) (Version: 5.4.1.14954 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{795931D8-2EBF-4969-A678-4219B161F676}) (Version: 5.4.3.15135 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{555298fa-14a9-48f2-a7a0-9602f31785da}) (Version: 5.4.3.15135 - Dell Inc.)
Dell Update for Windows 10 (HKLM\...\{41D2D254-D869-4CD8-B440-5DF49083C4BA}) (Version: 4.3.0 - Dell Inc.)
Dynamic Application Loader Host Interface Service (HKLM\...\{3252E69D-9075-40FD-A9EF-F6D96091B5BF}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Elevated Installer (HKLM-x32\...\{067FCCD5-0DC8-4D84-849C-A82656EFD36C}) (Version: 6.16.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{78B7CE44-6303-4EC8-9A53-B7F3F3F89E24}) (Version: 6.16.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{824324a6-400d-4ee8-9aa0-72a8627a425e}) (Version: 6.16.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.131 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 50.0.11.0 - Google LLC)
hdAlbum EZ (HKLM-x32\...\{014BBF3C-D9C4-4FD0-857D-E7DDC95263C0}) (Version: 1.7.1.6 - Canon Inc.)
IDrive version 6.7.3.6 (HKLM-x32\...\IDrive_is1) (Version: 6.7.3.6 - Pro Softnet Corp)
Intel® Chipset Device Software (HKLM-x32\...\{70281077-96c3-4f75-938c-dc4746110c00}) (Version: 10.1.17903.8106 - Intel® Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1932.12.0.1298 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.8141 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.9.1040 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{05817e4d-5f15-49b4-afec-7edb31fc7dd6}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{C81FD018-F151-460F-B4F9-0D58039503E2}) (Version: 17.2.4.9002 - Intel Corporation)
Jihosoft Phone Transfer version 3.4.2.0 (HKLM-x32\...\{116B8806-B959-4600-8591-35E60440BD3D}_is1) (Version: 3.4.2.0 - HONGKONG JIHO CO., LIMITED)
Logitech Options (HKLM\...\LogiOptions) (Version: 8.54.161 - Logitech)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.14228.20250 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.73 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 92.0.902.73 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movavi Screen Recorder Studio 10 (HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Movavi Screen Recorder Studio 10) (Version: 10.2.0 - Movavi)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 91.0 (x64 en-US)) (Version: 91.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.2 - Mozilla)
MusicTime Deluxe (HKLM-x32\...\MusicTime Deluxe 4.0.4) (Version: 4.0.4 - Passport)
MusicTime Deluxe 3.5.5 (HKLM-x32\...\MusicTime Deluxe 3.5.5) (Version:  - )
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14228.20250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14228.20250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Printer Registration (HKLM-x32\...\Canon EISRegistration) (Version: 1.7.5 - Canon Inc.)
Qualcomm WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8791.1 - Realtek Semiconductor Corp.)
RootsMagic 7.6.1.0 (HKLM-x32\...\{D6286873-A757-4A4D-A6EF-0081B3EE32CA}_is1) (Version: RootsMagic 7.6.1.0 - RootsMagic, Inc.)
SmartByte Drivers and Services (HKLM\...\{9668B1BB-D0FE-4C0C-800C-B1555E069A62}) (Version: 3.1.940 - Rivet Networks)
Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 8.18 - NCH Software)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{FBA3961B-D1DF-493C-BC1F-E67D3B832895}) (Version: 2.56.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
VSDC Free Video Editor version 6.3.9.49 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.3.9.49 - Flash-Integro LLC)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Web Launch Recorder (HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\WebLaunchRecorder) (Version: 2.0 - )
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Wondershare TunesGo ( Version 9.7.3 ) (HKLM-x32\...\{0B31C808-8274-460D-8846-C711D40544A0}_is1) (Version: 9.7.3 - Wondershare)
Zoom (HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\ZoomUMX) (Version: 5.4.9 (59931.0110) - Zoom Video Communications, Inc.)

Packages:
=========
Audacity 2 -> C:\Program Files\WindowsApps\42109FactoriaDatacenter.Audacity2_2.3.2.0_neutral__zaf1c6h4vqsbt [2019-05-29] (Repackagerexpress.com)
Baseball Game Pro -> C:\Program Files\WindowsApps\25228GameMotionStudio.BaseballGamePro_1.0.1.0_x64__t5x6bekc08gee [2019-11-22] (Game Motion Studio) [MS Ad]
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.62.4.0_x86__kgqvnymyfvs32 [2021-08-06] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2080.1.0_x86__kgqvnymyfvs32 [2021-08-09] (king.com)
Canon Office Printer Utility -> C:\Program Files\WindowsApps\34791E63.CanonOfficePrinterUtility_12.7.0.0_x64__6e5tt8cgb93ep [2019-08-26] (Canon Inc.)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_13.0.10.0_x86__m9bz608c1b9ra [2021-07-28] (Nordcurrent)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.3.0.0_x64__htrsf667h5kn2 [2021-08-06] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.92.0_x64__htrsf667h5kn2 [2021-08-10] (Dell Inc)
Dell Mobile Connect 3.3 -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9803.0_x64__0vhbc3ng4wbp0 [2021-06-20] (Screenovate Technologies) [Startup Task]
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.10.4.0_x64__htrsf667h5kn2 [2021-08-04] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.3.12.0_x86__htrsf667h5kn2 [2021-08-11] (Dell Inc)
Downloader for YouTube. Free Coverter to MP3, MP4 & AVI. -> C:\Program Files\WindowsApps\13240GoodBuzzMedia.DownloaderforYouTube.FreeCovert_1.1.17.0_x64__pkybfkfh0fpqa [2020-11-03] (Good Buzz Media)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2020-01-17] (Dropbox Inc.)
Express Burn CD and DVD Burner Free -> C:\Program Files\WindowsApps\NCHSoftware.ExpressBurnFree_10.2.0.0_x86__7kedsbyvzns34 [2021-06-18] (NCH Software)
Fitbit -> C:\Program Files\WindowsApps\Fitbit.Fitbit_2.44.1997.0_x64__6mqt6hf9g46tw [2019-11-14] (Fitbit)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-03-18] (Fitbit)
Free Instant Youtube Downloader -> C:\Program Files\WindowsApps\356E5ED5.FreeInstantYoutubeDownloader_1.5.2.0_x64__n9erwrkheyjxe [2020-02-05] (Prospera Software Inc.) [MS Ad]
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.15.0_neutral__8xx8rvfyw5nnt [2021-06-25] (Instagram)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-07-21] (INTEL CORP) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-17] (INTEL CORP)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12114.15.53119.0_x64__nzyj5cx40ttqa [2021-08-10] (Apple Inc.) [Startup Task]
Libby, by OverDrive -> C:\Program Files\WindowsApps\2FA138F6.LibbybyOverDrive_1.4.2.0_x64__daecb9042jmvt [2019-07-20] (OverDrive Inc.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-03-18] (LinkedIn)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.60.0_x64__wafk5atnkzcwy [2021-02-26] (McAfee LLC.)
Media Player -> C:\Program Files\WindowsApps\YellowElephantProductions.MediaPlayerS_1.175.91.0_x64__p3e1zgp7z7szg [2021-05-27] (Yellow Elephant Productions)
Media Suite Essentials for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.MediaSuiteEssentialsforDell_2.6.4028.0_x86__mcezb6ze687jp [2020-03-27] (CYBERLINK CORPORATION.)
Meme-Generator -> C:\Program Files\WindowsApps\8840NaveenCS.Meme-Generator_3.3.0.0_neutral__20e0kv46hk748 [2019-04-27] (Naveen CS)
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1809.1.0_x64__8wekyb3d8bbwe [2019-11-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1809.1.0_x86__8wekyb3d8bbwe [2019-11-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-04] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.17.1101.0_x64__8wekyb3d8bbwe [2021-08-10] (Microsoft Studios)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-11] (Microsoft Corporation)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_1.91.7.0_x64__htrsf667h5kn2 [2021-08-06] (Dell Inc)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-16] (Netflix, Inc.)
OpenShot Video Editor - MS Store Port -> C:\Program Files\WindowsApps\37559StorePorts.OpenShotVideoEditor-MSStorePort_1.1.2.0_x64__gbs9e2cxjv4vj [2020-02-22] (Store Ports)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-01] (Microsoft Corporation)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.27.1.0_x64__nfy108tqq3p12 [2021-02-20] (Thumbmunkeys Ltd)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2019-03-18] (Plex)
Power Media Player for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerMediaPlayerforDell_14.2.3708.0_x86__mcezb6ze687jp [2021-07-14] (CYBERLINK CORPORATION.)
Power2Go for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.Power2GoforDell_11.0.3920.0_x86__mcezb6ze687jp [2020-08-12] (CYBERLINK CORPORATION.) [Startup Task]
PowerDirector for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerDirectorforDell_15.0.4409.0_x64__mcezb6ze687jp [2019-03-18] (CYBERLINK CORPORATION.)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.490.34744.0_x86__55nm5eh3cm0pr [2021-08-13] (ROBLOX Corporation)
Screen Recorder Lite -> C:\Program Files\WindowsApps\YellowElephantProductions.ScreenRecorderLite_1.142.137.0_x64__p3e1zgp7z7szg [2021-05-27] (Yellow Elephant Productions) [Startup Task]
SHARE.it -> C:\Program Files\WindowsApps\30608Paradox.SHAREit81_1.7.18.0_x64__ghshvk1r7eapp [2019-04-30] (SHAREit Technologies Co.Ltd) [MS Ad]
Slack -> C:\Program Files\WindowsApps\91750D7E.Slack_4.18.0.0_x64__8she8kybcnzg4 [2021-07-28] (Slack Technologies Inc.) [Startup Task]
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.995.0_x64__rh07ty8m5nkag [2021-08-14] (Rivet Networks LLC)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation)
Ultra Screen Recorder -> C:\Program Files\WindowsApps\D5BE6627.UltraScreenRecorder_2.0.9.0_x86__9pm2v9747qaaa [2021-03-29] (CompuClever Systems Inc.)
VideoPad Video Editor Free -> C:\Program Files\WindowsApps\NCHSoftware.VideoPadVideoEditorFree_10.6.4.0_x86__7kedsbyvzns34 [2021-08-06] (NCH Software)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2019-10-11] (VideoLAN)
Waves MaxxAudio Pro for Dell -> C:\Program Files\WindowsApps\WavesAudio.WavesMaxxAudioProforDell_1.1.131.0_x64__fh4rh281wavaa [2019-03-18] (Waves Audio)
Zalo Desktop -> C:\Program Files\WindowsApps\VNGOnline.Zalofordesktop_19.8.1.0_x64__z59ddpn1nx8g0 [2019-08-17] (VNG Online)
ZAPYA -> C:\Program Files\WindowsApps\EBAC32FB.ZAPYA_1.2.6.0_x86__7pjp2xjm0bc9w [2019-04-30] (邻动(北京)技术有限公司)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [          0001IDSIcon1] -> {0FA6DCC0-CF0B-427D-A8AF-97C466AB5769} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2020-02-18] (Pro Softnet Corporation -> Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: [          0001IDSIcon2] -> {66357BBE-D2E5-453C-95FF-8102EB32419D} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2020-02-18] (Pro Softnet Corporation -> Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: [          0001IDSIcon3] -> {904E6336-8B13-43FA-B4C3-5B62C1C91971} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2020-02-18] (Pro Softnet Corporation -> Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\50.0.11.0\drivefsext.dll [2021-08-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\50.0.11.0\drivefsext.dll [2021-08-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\50.0.11.0\drivefsext.dll [2021-08-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\50.0.11.0\drivefsext.dll [2021-08-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-25] () [File not signed] [File is in use]
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\50.0.11.0\drivefsext.dll [2021-08-09] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2020-02-18] () [File not signed]
ContextMenuHandlers2: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2020-02-18] () [File not signed]
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-25] () [File not signed] [File is in use]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\50.0.11.0\drivefsext.dll [2021-08-09] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2020-02-18] () [File not signed]
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\50.0.11.0\drivefsext.dll [2021-08-09] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_0219cc1c7085a93f\igfxDTCM.dll [2018-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.voxacm160] => C:\WINDOWS\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\WINDOWS\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\WINDOWS\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lame] => C:\WINDOWS\system32\lame.ax [245760 2005-08-01] () [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\WINDOWS\system32\xvidvfw.dll [139264 2004-07-03] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-02-23 19:04 - 2020-02-18 13:19 - 000834048 _____ () [File not signed] C:\Program Files (x86)\IDriveWindows\sqlite3.dll
2021-05-27 10:29 - 2021-05-27 10:29 - 000144896 _____ () [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\libssh2.dll
2021-05-27 10:29 - 2021-05-27 10:29 - 000077824 _____ () [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\zlib.dll
2021-06-27 16:45 - 2016-10-21 16:06 - 000318976 _____ (CANON INC) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\scchmpm.dll
2021-06-27 16:45 - 2017-06-27 10:59 - 000219648 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\cnmpu2.dll
2021-06-27 16:45 - 2017-11-02 15:36 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_ENU.DLL
2021-06-27 16:45 - 2017-11-02 15:36 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2011-08-30 08:06 - 2011-08-30 08:06 - 000267776 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNBLM4.DLL
2019-03-19 05:52 - 2012-08-30 11:18 - 000252416 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2019-03-18 09:21 - 2011-08-30 08:06 - 000084992 _____ (CANON INC.) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\CNBPP4.DLL
2020-08-14 22:29 - 2020-08-14 22:29 - 000122880 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll
2020-12-01 01:14 - 2020-12-01 01:14 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll
2021-05-27 10:29 - 2021-05-27 10:29 - 000355840 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\LIBCURL.dll
2021-05-27 10:29 - 2021-05-27 10:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\LIBEAY32.dll
2021-05-27 10:29 - 2021-05-27 10:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\SSLEAY32.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-1015540938-3996997567-1391499832-1001 -> DefaultScope {43B1B2E9-843B-4459-8E32-95BA5A2117FD} URL =
SearchScopes: HKU\S-1-5-21-1015540938-3996997567-1391499832-1001 -> {43B1B2E9-843B-4459-8E32-95BA5A2117FD} URL =
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-29] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\oldnational.com -> hxxps://www.oldnational.com
IE trusted site: HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\pnc.com -> hxxps://www.onlinebanking.pnc.com
IE trusted site: HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\sharepoint.com -> hxxps://anderson0-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-11 19:38 - 2018-04-11 19:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2021-07-12 06:56 - 2021-07-12 06:56 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jhauk\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\2020 08 07 The boys.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "DellMobileConnectWelcome"
HKLM\...\StartupApproved\Run: => "WavesSvc"
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\StartupApproved\Run: => "Zalo"
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\StartupApproved\Run: => "GarminExpress"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{0BF25BA8-8276-4A70-9625-7D0BC5C469D6}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{3AA89511-D6C1-4D99-B70B-6B07A506BA62}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{05D6B342-78F3-482C-B53E-0D3E4467F99D}] => (Allow) C:\Users\jhauk\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{482CD256-9F6B-400E-B563-E6821169580F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C2006FCD-AD51-45E0-B4A4-B874E7474F91}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{55DBA7B1-5982-433F-8D38-DE7E7E51F490}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{D545A722-3337-485D-BDC1-704C1A98AB82}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{88D6118D-6A11-4619-897E-735523227F99}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{7023B499-2448-4724-8081-517C15763D1F}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{3F2A6D7E-9815-45CF-B176-9C8BC9FA27E0}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{D8DD128A-FB4A-448A-85E4-37BFF4E1E1A5}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector -> Flash-Integro LLC)
FirewallRules: [TCP Query User{565B4B4A-B93A-4ECA-975E-380E884EDBFF}C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.2.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\openshot-qt.exe] => (Allow) C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.2.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [UDP Query User{6E23B3D1-7A4F-4AF6-9719-0D263E97DE6D}C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.2.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\openshot-qt.exe] => (Allow) C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.2.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [TCP Query User{0937C031-7424-4A22-A065-9A9E1D396F17}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Allow) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe => No File
FirewallRules: [UDP Query User{37020B62-4258-4ABC-9472-2368C60CE78C}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Allow) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe => No File
FirewallRules: [{4463B185-C0FA-46C6-B744-2AED2F374A76}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9803.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{6E459C1C-9939-4077-AEEA-00B6EB94115A}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9803.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{D81A318B-15E1-46EB-B78E-A18AAF4AB65F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B9BDEE47-6F93-4C66-84AC-576D8F251DD5}] => (Allow) C:\Program Files\WindowsApps\91750D7E.Slack_4.18.0.0_x64__8she8kybcnzg4\app\Slack.exe (Slack Technologies, Inc. -> Slack Technologies Inc.)
FirewallRules: [{6BD0860C-EE43-47D1-9A6D-39E398B1D2D8}] => (Allow) C:\Program Files\WindowsApps\91750D7E.Slack_4.18.0.0_x64__8she8kybcnzg4\app\Slack.exe (Slack Technologies, Inc. -> Slack Technologies Inc.)
FirewallRules: [{B80D4319-75F0-4858-A1F9-DD98E3EA2D14}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{036C20CF-D6E6-4B34-B413-9459073ED26F}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{2468C69D-8417-4526-90E0-2E465723B704}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12114.15.53119.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{220C269A-8EE6-48E6-A323-BFCD540BF849}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12114.15.53119.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{111804C0-BC80-4D8F-A24F-804D8022E50B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12114.15.53119.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6E25750B-2BE7-42C6-94C6-095F33BC3349}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12114.15.53119.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3E5F313E-5DDE-4B1E-8C23-51676920165C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12114.15.53119.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5E4FFFC6-AC5C-4DCD-93F5-D4B9F06A75E1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12114.15.53119.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D4DBA234-D20D-483E-A5DC-E0BEF3B55E2F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12114.15.53119.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1B342F75-4AED-4336-A93B-6F4927E3FC31}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12114.15.53119.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EA0541AA-188D-482E-83CE-1B5D1E6088BC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EB4638D4-0529-4A69-ABDC-EEAA55206CCD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C180F0BC-51F0-4711-BA5C-ADCAF2E0AC4E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D23297D9-2C23-4791-A150-F494EB045B8A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1D09C328-DFA3-42E7-8948-DA72ADDEDFB7}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\92.0.902.73\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

12-08-2021 06:06:26 Windows Modules Installer
12-08-2021 06:08:31 Windows Modules Installer
12-08-2021 06:10:09 Windows Modules Installer

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/12/2021 04:51:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.1110 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 7df8

Start Time: 01d78f5eecf13861

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

Report Id: db5a2d8d-c5a0-468f-9964-47763504ae0f

Faulting package full name: Microsoft.Windows.Search_1.14.2.19041_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: CortanaUI

Hang type: Quiesce

Error: (08/11/2021 11:52:09 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid.
.


Operation:
   Executing Asynchronous Operation

Context:
   Current State: DoSnapshotSet

Error: (08/09/2021 06:24:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 10.0.19041.1081 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1eec

Start Time: 01d78d089b97db44

Termination Time: 4294967295

Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

Report Id: 589e382c-2182-460b-b287-ee227b442ecc

Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel

Hang type: Quiesce

Error: (08/07/2021 06:44:04 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.19041.1110 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1874

Start Time: 01d78b77ce2b7b2c

Termination Time: 0

Application Path: C:\Windows\explorer.exe

Report Id: ac4aea7b-7387-41b3-b7b5-fca21e7504eb

Faulting package full name:

Faulting package-relative application ID:

Hang type: Cross-process

Error: (08/06/2021 01:39:05 PM) (Source: VSTO 4.0) (EventID: 4096) (User: )
Description: Customization URI: file:///C:/ProgramData/Logishrd/LogiOptions/Plugins/ca7c0911-fbf7-4e87-9c23-25987358303b/Content/publish/LogiOptionsWordAddin.vsto
Exception: Attempting to uninstall a customization that has not been installed on this computer or has already been uninstalled from this computer. Please correct the parameter values and try again.


************** Exception Text **************
Microsoft.VisualStudio.Tools.Office.Runtime.SolutionInstallerException: Attempting to uninstall a customization that has not been installed on this computer or has already been uninstalled from this computer. Please correct the parameter values and try again.
   at Microsoft.VisualStudio.Tools.Office.Runtime.SolutionInstaller.ProcessInstallerOperation(ClickOnceAddInDeploymentManager clickOnceAddInDeploymentManager, OfficeAddInDeploymentManager officeAddInDeploymentManager, AddInInformation& info)
   at Microsoft.VisualStudio.Tools.Office.Runtime.SolutionInstaller.ProcessInstallerOperation(Boolean uninstall, Boolean silent, Uri manifest, Int32& errorCode, String& errorMessage)


************** Loaded Assemblies **************
mscorlib
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4390.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Office.Runtime
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.60828.0
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Office.Runtime/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Office.Runtime.dll
----------------------------------------
System.Core
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4390.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll
----------------------------------------
System
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4360.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.Hosting
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.60828.0
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Hosting/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Hosting.dll
----------------------------------------
System.Windows.Forms
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4390.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll
----------------------------------------
System.Drawing
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4390.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.ServerDocument
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.60828.0
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.ServerDocument/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.ServerDocument.dll
----------------------------------------
System.Deployment
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4270.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Deployment/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Deployment.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.Runtime
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.60828.0
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Runtime/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Runtime.dll
----------------------------------------

Error: (08/06/2021 01:39:03 PM) (Source: VSTO 4.0) (EventID: 4096) (User: )
Description: Customization URI: file:///C:/ProgramData/Logishrd/LogiOptions/Plugins/abc9594a-1092-4a3a-8a1d-d05e602a10b8/Content/publish/LogiOptionsPowerPointAddin.vsto
Exception: Attempting to uninstall a customization that has not been installed on this computer or has already been uninstalled from this computer. Please correct the parameter values and try again.


************** Exception Text **************
Microsoft.VisualStudio.Tools.Office.Runtime.SolutionInstallerException: Attempting to uninstall a customization that has not been installed on this computer or has already been uninstalled from this computer. Please correct the parameter values and try again.
   at Microsoft.VisualStudio.Tools.Office.Runtime.SolutionInstaller.ProcessInstallerOperation(ClickOnceAddInDeploymentManager clickOnceAddInDeploymentManager, OfficeAddInDeploymentManager officeAddInDeploymentManager, AddInInformation& info)
   at Microsoft.VisualStudio.Tools.Office.Runtime.SolutionInstaller.ProcessInstallerOperation(Boolean uninstall, Boolean silent, Uri manifest, Int32& errorCode, String& errorMessage)


************** Loaded Assemblies **************
mscorlib
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4390.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Office.Runtime
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.60828.0
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Office.Runtime/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Office.Runtime.dll
----------------------------------------
System.Core
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4390.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll
----------------------------------------
System
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4360.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.Hosting
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.60828.0
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Hosting/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Hosting.dll
----------------------------------------
System.Windows.Forms
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4390.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll
----------------------------------------
System.Drawing
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4390.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.ServerDocument
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.60828.0
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.ServerDocument/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.ServerDocument.dll
----------------------------------------
System.Deployment
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4270.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Deployment/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Deployment.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.Runtime
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.60828.0
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Runtime/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Runtime.dll
----------------------------------------

Error: (08/06/2021 01:39:00 PM) (Source: VSTO 4.0) (EventID: 4096) (User: )
Description: Customization URI: file:///C:/ProgramData/Logishrd/LogiOptions/Plugins/4caa44eb-cdf0-4ecd-b823-38b28187e59a/Content/publish/LogiOptionsExcelAddin.vsto
Exception: Attempting to uninstall a customization that has not been installed on this computer or has already been uninstalled from this computer. Please correct the parameter values and try again.


************** Exception Text **************
Microsoft.VisualStudio.Tools.Office.Runtime.SolutionInstallerException: Attempting to uninstall a customization that has not been installed on this computer or has already been uninstalled from this computer. Please correct the parameter values and try again.
   at Microsoft.VisualStudio.Tools.Office.Runtime.SolutionInstaller.ProcessInstallerOperation(ClickOnceAddInDeploymentManager clickOnceAddInDeploymentManager, OfficeAddInDeploymentManager officeAddInDeploymentManager, AddInInformation& info)
   at Microsoft.VisualStudio.Tools.Office.Runtime.SolutionInstaller.ProcessInstallerOperation(Boolean uninstall, Boolean silent, Uri manifest, Int32& errorCode, String& errorMessage)


************** Loaded Assemblies **************
mscorlib
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4390.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Office.Runtime
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.60828.0
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Office.Runtime/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Office.Runtime.dll
----------------------------------------
System.Core
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4390.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll
----------------------------------------
System
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4360.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.Hosting
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.60828.0
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Hosting/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Hosting.dll
----------------------------------------
System.Windows.Forms
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4390.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll
----------------------------------------
System.Drawing
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4390.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.ServerDocument
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.60828.0
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.ServerDocument/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.ServerDocument.dll
----------------------------------------
System.Deployment
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4270.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Deployment/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Deployment.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.Runtime
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.60828.0
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Runtime/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Runtime.dll
----------------------------------------

Error: (08/04/2021 09:21:28 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid.
.


Operation:
   Executing Asynchronous Operation

Context:
   Current State: DoSnapshotSet


System errors:
=============
Error: (08/15/2021 07:06:37 AM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.

Error: (08/15/2021 06:40:23 AM) (Source: googledrivefs3514) (EventID: 2) (User: )
Description: The driver version of the disk does not match.

Error: (08/14/2021 09:06:05 PM) (Source: googledrivefs3514) (EventID: 2) (User: )
Description: The driver version of the disk does not match.

Error: (08/13/2021 06:12:50 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Dell Digital Delivery Service service hung on starting.

Error: (08/13/2021 06:09:47 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Dell Data Vault Processor service hung on starting.

Error: (08/13/2021 06:06:47 AM) (Source: googledrivefs3514) (EventID: 2) (User: )
Description: The driver version of the disk does not match.

Error: (08/13/2021 01:03:09 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} did not register with DCOM within the required timeout.

Error: (08/13/2021 01:02:42 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.


Windows Defender:
================
Date: 2021-08-14 22:49:21
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-08-14 22:43:48
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-08-14 21:28:01
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-08-12 17:02:39
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-08-11 21:11:45
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===============
Date: 2021-08-09 06:23:37
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume3\Program Files\Google\Drive File Stream\49.0.11.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. 2.15.0 02/21/2020
Motherboard: Dell Inc. 0H4VK7
Processor: Intel® Core™ i3-8100 CPU @ 3.60GHz
Percentage of memory in use: 85%
Total physical RAM: 8006.97 MB
Available physical RAM: 1144.91 MB
Total Virtual: 11846.97 MB
Available Virtual: 3021.07 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:917.05 GB) (Free:563.29 GB) NTFS
Drive g: (Google Drive) (Fixed) (Total:917.05 GB) (Free:535.12 GB) FAT32

\\?\Volume{ddeb6c84-810c-46a1-aec6-44f8c7ccad3a}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.45 GB) NTFS
\\?\Volume{df0a5467-a661-4a6f-af6f-55c9d5055271}\ (Image) (Fixed) (Total:11.66 GB) (Free:0.22 GB) NTFS
\\?\Volume{5da840b2-c364-4272-bd43-d66afc350687}\ (DELLSUPPORT) (Fixed) (Total:1.07 GB) (Free:0.21 GB) NTFS
\\?\Volume{7f86ac07-f133-4645-b879-12d32c99ea96}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.56 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 926B0D78)

Partition: GPT.

==================== End of Addition.txt =======================


  • 0

Advertisements


#11
icotonev

icotonev

    Trusted Helper

  • Malware Removal
  • 230 posts

Тhanks..!   So far, everything looks fine ..! Let's do more checks ..!

 

 

Malwarebytes Anti-Malware

 

  • If you already have Malwarebytes installed then open Malwarebytes and click on the Scan button. It will automatically check for updates and run a Threat Scan.
  • If you don't have Malwarebytes installed yet please download it from here and install it.
  • Once installed then open Malwarebytes and select Scan and let it run.
  • Once the scan is completed make sure you have it quarantine any detections it finds.
  • If no detections were found click on the Save results drop-down, then the Export to TXT  button, and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply.
  • If there were detections then once the quarantine has completed click on the View report button, Then click the Export drop-down, then the Export to TXT  button, and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply.
  • If the computer restarted to quarantine you can access the logs from the Detection History, then the History tab. Highlight the most recent scan and double-click to open it. Then click the Export drop-down, then the Export to TXT  button, and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply.
  • If Malwarebytes won't run then please skip to the next step and let me know in your next reply that the scanner would not run.

 

 

 Run AdwCleaner (Scan mode)

 

Download AdwCleaner and save it to your desktop.

  • Double click AdwCleaner.exe to run it.
  • Click Scan Now.
    • When the scan has finished, a Scan Results window will open.
    • Click Cancel (at this point do not attempt to Quarantine anything that is found)
  • Now click the Log Filestab.
    • Double click on the latest scan log (Scan logs have a [S0*] suffix, where * is replaced by a number. The latest scan will have the largest number)
    • A Notepad file will open containing the results of the scan.
    • Please post the contents of the file in your next reply.

  • 0

#12
John Aukerman

John Aukerman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 255 posts

Nalwarebytes log attached.

 

Adwcleaner scan log:

 

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build:    06-29-2021
# Database: 2021-08-09.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    08-15-2021
# Duration: 00:00:51
# OS:       Windows 10 Home
# Scanned:  32000
# Detected: 28


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

PUP.Optional.DriverUpdatePlus   C:\Users\jhauk\Downloads\DRIVERUPDATE.EXE

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
PUP.Optional.Legacy             HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com
PUP.Optional.ReviverSoft        HKLM\Software\Classes\TypeLib\{A520B992-6390-4231-9C89-F06B3587AB80}
PUP.Optional.SafeFinder         HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\usnpl.com
PUP.Optional.SafeFinder         HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.usnpl.com
PUP.Optional.TheBrightTag       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\thebrighttag.com
PUP.Optional.TheBrightTag       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\thebrighttag.com
PUP.Optional.TheBrightTag       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\thebrighttag.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.DellDigitalDelivery   Folder   C:\Program Files (x86)\DELL DIGITAL DELIVERY
Preinstalled.DellSupportAssistAgent   Folder   C:\Program Files\DELL\SAREMEDIATION\AGENT
Preinstalled.DellSupportAssistAgent   Folder   C:\Program Files\DELL\SAREMEDIATION\AUDIT
Preinstalled.DellSupportAssistAgent   Folder   C:\Program Files\DELL\SAREMEDIATION\PLUGIN
Preinstalled.DellSupportAssistAgent   Folder   C:\Program Files\DELL\SUPPORTASSISTAGENT
Preinstalled.DellSupportAssistAgent   Folder   C:\ProgramData\DELL\SAREMEDIATION\AGENT
Preinstalled.DellSupportAssistAgent   Folder   C:\ProgramData\DELL\SAREMEDIATION\PLUGIN
Preinstalled.DellSupportAssistAgent   Folder   C:\ProgramData\SUPPORTASSIST\CLIENT\TECHNICIANTOOLKIT
Preinstalled.DellSupportAssistAgent   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8AD99930-B90F-4E03-B6D9-14AF5D0E76CB}  
Preinstalled.DellSupportAssistAgent   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8AD99930-B90F-4E03-B6D9-14AF5D0E76CB}  
Preinstalled.DellSupportAssistAgent   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dell SupportAssistAgent AutoUpdate
Preinstalled.DellSupportAssistAgent   Task   C:\Windows\System32\Tasks\DELL SUPPORTASSISTAGENT AUTOUPDATE
Preinstalled.DellUpdateforWindows10   Folder   C:\Program Files (x86)\DELL\UPDATESERVICE
Preinstalled.DellUpdateforWindows10   Folder   C:\Program Files\DELL\UPDATE
Preinstalled.DellUpdateforWindows10   Folder   C:\ProgramData\DELL\UPDATESERVICE
Preinstalled.SmartByte   Folder   C:\Program Files\RIVET NETWORKS
Preinstalled.SmartByte   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88F1048A-E883-4F12-9D28-98A5C8C00B37}  
Preinstalled.SmartByte   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartByte Telemetry
Preinstalled.SmartByte   Task   C:\Windows\System32\Tasks\SMARTBYTE TELEMETRY



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

 

Attached Files


  • 0

#13
icotonev

icotonev

    Trusted Helper

  • Malware Removal
  • 230 posts

Thanks..!  :)

 

AdwCleaner (Clean mode)

  • Double click AdwCleaner.exe on your Desktop, to run it as you did before.
  • Click Scan Now.
  • When the scan has finished a Scan Results window will open.
  • Please check all the boxes and then click Quarantine.
  • Click Next.
    • If any pre-installed software was found on your machine, a prompt window will open. Click OK to close it.
    • Check any pre-installed software items you want to remove.
    • Click Quarantine.
  • A prompt to save your work will appear.
    • Click Continue when you're ready to proceed.
  • A prompt to restart your computer will appear.
    • Click Restart Now.
  • Once your computer has restarted:
    • If it doesn't open automatically, please start AdwCleaner.
    • Click the Log Files tab.
    • Double click on the latest Clean log (Clean logs have a [C0*] suffix, where * is replaced by a number, the latest scan will have the largest number)
    • A Notepad file will open containing the results of the removal.
    • Please post the contents of the file in your next reply.

 

In your next reply, please post:

  1. The AdwCleaner[C0*].txt

  • 0

#14
icotonev

icotonev

    Trusted Helper

  • Malware Removal
  • 230 posts

 

Fresh FRST logs

 

  • Double-click on the FRST icon to run it, as you did before. When the tool opens click Yes to disclaimer.
  • Press Scan button and wait for a while.
  • The scanner will produced two logs on your Desktop: FRST.txt and Addition.txt.
  • Please attach the content of these two logs in your next reply

  • 0

#15
John Aukerman

John Aukerman

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 255 posts

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build:    06-29-2021
# Database: 2021-08-09.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    08-16-2021
# Duration: 00:00:45
# OS:       Windows 10 Home
# Cleaned:  28
# Awaiting reboot:6
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted       C:\Users\jhauk\Downloads\DRIVERUPDATE.EXE

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\thebrighttag.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com
Deleted       HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\thebrighttag.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\thebrighttag.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\usnpl.com
Deleted       HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.usnpl.com
Deleted       HKLM\Software\Classes\TypeLib\{A520B992-6390-4231-9C89-F06B3587AB80}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.DellSupportAssistAgent   Folder   C:\Program Files\DELL\SAREMEDIATION\AGENT
Deleted       Preinstalled.DellSupportAssistAgent   Folder   C:\Program Files\DELL\SAREMEDIATION\AUDIT
Deleted       Preinstalled.DellSupportAssistAgent   Folder   C:\ProgramData\DELL\SAREMEDIATION\AGENT
Deleted       Preinstalled.DellSupportAssistAgent   Folder   C:\ProgramData\DELL\SAREMEDIATION\PLUGIN
Deleted       Preinstalled.DellSupportAssistAgent   Folder   C:\ProgramData\SUPPORTASSIST\CLIENT\TECHNICIANTOOLKIT
Deleted       Preinstalled.DellSupportAssistAgent   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8AD99930-B90F-4E03-B6D9-14AF5D0E76CB}
Deleted       Preinstalled.DellSupportAssistAgent   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8AD99930-B90F-4E03-B6D9-14AF5D0E76CB}
Deleted       Preinstalled.DellSupportAssistAgent   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dell SupportAssistAgent AutoUpdate
Deleted       Preinstalled.DellSupportAssistAgent   Task   C:\Windows\System32\Tasks\DELL SUPPORTASSISTAGENT AUTOUPDATE
Deleted       Preinstalled.DellUpdateforWindows10   Folder   C:\Program Files\DELL\UPDATE
Deleted       Preinstalled.SmartByte   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88F1048A-E883-4F12-9D28-98A5C8C00B37}
Deleted       Preinstalled.SmartByte   Registry   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartByte Telemetry
Deleted       Preinstalled.SmartByte   Task   C:\Windows\System32\Tasks\SMARTBYTE TELEMETRY
Needs Reboot  Preinstalled.DellDigitalDelivery   Folder   C:\Program Files (x86)\DELL DIGITAL DELIVERY
Needs Reboot  Preinstalled.DellSupportAssistAgent   Folder   C:\Program Files\DELL\SAREMEDIATION\PLUGIN
Needs Reboot  Preinstalled.DellSupportAssistAgent   Folder   C:\Program Files\DELL\SUPPORTASSISTAGENT
Needs Reboot  Preinstalled.DellUpdateforWindows10   Folder   C:\Program Files (x86)\DELL\UPDATESERVICE
Needs Reboot  Preinstalled.DellUpdateforWindows10   Folder   C:\ProgramData\DELL\UPDATESERVICE
Needs Reboot  Preinstalled.SmartByte   Folder   C:\Program Files\RIVET NETWORKS


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

***** Reboot Required to Complete *****


***** [ Folders ] *****

Cleaning failed   C:\Program Files (x86)\DELL DIGITAL DELIVERY
Cleaning failed   C:\Program Files (x86)\DELL\UPDATESERVICE
Cleaning failed   C:\Program Files\DELL\SAREMEDIATION\PLUGIN
Cleaning failed   C:\Program Files\DELL\SUPPORTASSISTAGENT
Cleaning failed   C:\Program Files\RIVET NETWORKS
Cleaning failed   C:\ProgramData\DELL\UPDATESERVICE

*************************

AdwCleaner[S00].txt - [4757 octets] - [15/08/2021 17:51:03]
AdwCleaner[S01].txt - [4818 octets] - [16/08/2021 14:22:06]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-08-2021
Ran by jhauk (administrator) on DESKTOP-6JBP3L9 (Dell Inc. Inspiron 3670) (16-08-2021 18:12:01)
Running from C:\Users\jhauk\Desktop
Loaded Profiles: jhauk
Platform: Windows 10 Home Version 21H1 19043.1165 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc -> Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\50.0.11.0\crashpad_handler.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <23>
(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe <7>
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_efb119a73d6b56f6\igfxCUIService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_577b4722c749a41f\OneApp.IGCC.WinService.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9a914baee86356a0\IntelCpHDCPSvc.exe
(Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9a914baee86356a0\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_9c788f1d162b1224\RstMwService.exe
(Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\laclient.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.6282.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.6282.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <6>
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe
(Pro Softnet Corporation -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe
(Pro Softnet Corporation -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_service.exe
(Pro Softnet Corporation -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_tray.exe
(Qualcomm Atheros -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_18c775e07a6aaafd\RtkAudUService64.exe <3>
(Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RAPS.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Rivet Networks LLC -> Rivet Networks, LLC.) C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_444d52e511fbcc11\WavesSysSvc64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_18c775e07a6aaafd\RtkAudUService64.exe [1257032 2021-04-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWStartup.exe [313064 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320056 2019-12-10] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [WSVCUUpdateHelper.exe] => C:\Program Files\Wondershare\Wondershare UniConverter (CPC)\WSVCUUpdateHelper.exe
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_9e45e2d5613ef7ef\WavesSvc64.exe [1237920 2019-09-05] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1668000 2021-06-09] (Logitech Inc -> Logitech, Inc.)
HKLM-x32\...\Run: [IDrive Background process] => C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe [78176 2020-02-18] (Pro Softnet Corporation -> Prosoftnet)
HKLM-x32\...\Run: [IDrive Tray] => C:\Program Files (x86)\IDriveWindows\id_tray.exe [1977696 2020-02-18] (Pro Softnet Corporation -> Prosoftnet)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [uupdate] => C:\ProgramData\wDcLibs\uhelper.exe [512280 2019-11-28] (Shenzhen Yi Xing Investment Co., Ltd. -> )
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [271496 2017-11-02] (Canon Inc. -> CANON INC.)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30862320 2019-07-25] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\BJ Print Processor4: C:\Windows\System32\spool\prtprocs\x64\CNBPP4.DLL [84992 2011-08-30] (CANON INC.) [File not signed]
HKLM\...\Windows x64\Print Processors\Canon MP970 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD91.DLL [27648 2007-05-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon TS8300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDFT.DLL [529408 2020-06-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\BJ Language Monitor4: C:\WINDOWS\system32\CNBLM4.DLL [267776 2011-08-30] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP970 series: C:\WINDOWS\system32\CNMLM91.DLL [258560 2007-05-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS8300 series: C:\WINDOWS\system32\CNMLMFT.DLL [959488 2020-06-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [252416 2012-08-30] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.131\Installer\chrmstp.exe [2021-08-02] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NotificationTool.lnk [2020-02-13]
ShortcutTarget: NotificationTool.lnk -> C:\Program Files (x86)\Canon\hdAlbum EZ\NotificationTool.exe (Canon Inc. -> CANON INC.)
Startup: C:\Users\jhauk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\firefox.exe - Shortcut.lnk [2019-10-12]
ShortcutTarget: firefox.exe - Shortcut.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
Startup: C:\Users\jhauk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Indiana FB Posts.docx - Shortcut.lnk [2019-10-21]
ShortcutTarget: Indiana FB Posts.docx - Shortcut.lnk -> C:\Users\jhauk\Desktop\Indiana FB Posts.docx (No File)
Startup: C:\Users\jhauk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trail Life.docx - Shortcut.lnk [2019-11-21]
ShortcutTarget: Trail Life.docx - Shortcut.lnk -> C:\Users\jhauk\Desktop\Trail Life.docx (No File)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1684B791-B395-4DD1-A66B-D08FE33B62CE} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\Explorer.exe /NOUACCHECK
Task: {183B7B61-47E1-41C0-A371-30B1DE4336AC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253888 2021-08-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {4C26AFD1-5C37-4F8A-BC2C-27E939578E35} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-18] (Google Inc -> Google Inc.)
Task: {63B8AE8D-E141-4881-9AA8-79C4D84B2FA6} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139112 2021-08-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {6FA09C71-734B-4CAB-AAAB-489DFCB79B41} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139112 2021-08-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {82C37CD8-60F8-447B-BBD5-3B11FB416215} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {B1DFA3C8-E80C-4219-A482-A461ADCFE7A4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253888 2021-08-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {D84D1083-CFBE-4D21-BBDC-6BBCDAE9FE06} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [673720 2021-08-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {DC24A639-C495-4029-8875-650BD3169F6A} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2019-07-25] (Garmin International, Inc. -> )
Task: {EDFF0B54-722B-4DB3-93E5-B0A4BC32CA25} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1546112 2021-08-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {FCA6206D-B840-474E-8114-64E82E20DEBF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-18] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{e6d416ea-722e-4537-9bf4-49c06dbe3514}: [DhcpNameServer] 192.168.1.254

Edge:
=======
DownloadDir: C:\Users\jhauk\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\jhauk\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-16]
Edge DownloadDir: Default -> C:\Users\jhauk\Downloads
Edge StartupUrls: Default -> "hxxps://www.onlinebanking.pnc.com/alservlet/PNCOnlineBankingServletLogin"
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\jhauk\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-08-16]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: ou4ydgfb.default-1553941110074
FF ProfilePath: C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074 [2021-08-16]
FF DownloadDir: C:\Users\jhauk\Desktop
FF Homepage: Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074 -> hxxps://www.facebook.com/|hxxps://mail.google.com/mail/u/0/?ui=2#inbox|hxxps://calendar.google.com/calendar/u/0/r/day?tab=mc
FF Notifications: Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074 -> hxxps://www.facebook.com; hxxps://usa.life; hxxps://mail.google.com
FF Extension: (F.B Purity - Cleans up Facebook) - C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074\Extensions\[email protected] [2021-05-11] [UpdateUrl:hxxps://www.fbpurity.com/FF-FBP-Ext-Updates.json]
FF Extension: (Zoom Scheduler) - C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074\Extensions\{bf855ead-d7c3-4c7b-9f88-9a7e75c0efdf}.xpi [2021-07-27]
FF Extension: (Add-ons Search Detection) - C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074\features\{60a9f794-d0a9-4e4d-8aef-de4e73b7bb9c}\[email protected] [2021-08-15]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default [2021-08-16]
CHR DownloadDir: C:\Users\jhauk\Desktop
CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/u/0/#inbox","hxxps://calendar.google.com/calendar/r?tab=mc","hxxps://www.facebook.com/"
CHR Extension: (Slides) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-18]
CHR Extension: (Docs) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-18]
CHR Extension: (Google Drive) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-18]
CHR Extension: (Sheets) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-18]
CHR Extension: (Google Docs Offline) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-29]
CHR Extension: (Mountain River) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\hldnnpdpbcplkacehcbafmncblojlead [2020-05-19]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-08-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-28]
CHR Extension: (Gmail) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-27]
CHR HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9142128 2021-08-05] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [426528 2021-07-13] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3834400 2021-07-13] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [452640 2021-07-13] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCD\SupportAssist\Dsapi.exe [1020584 2021-07-05] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
S2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38600 2021-07-20] (Dell Inc -> )
R2 IDriveService; C:\Program Files (x86)\IDriveWindows\id_service.exe [334688 2020-02-18] (Pro Softnet Corporation -> Prosoftnet)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [443344 2020-05-25] (Canon Inc. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7477704 2021-08-15] (Malwarebytes Inc -> Malwarebytes)
R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [64848 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64856 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1630576 2020-08-14] (Rivet Networks LLC -> Rivet Networks)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2385256 2020-08-14] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39968 2021-07-17] (Dell Inc -> Dell Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\TunesGo\DriverInstall.exe [107624 2018-12-13] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 Dell SupportAssist Remediation; "C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-08-15] (Malwarebytes Inc -> Malwarebytes)
R1 googledrivefs3514; C:\WINDOWS\System32\DRIVERS\googledrivefs3514.sys [389144 2021-06-25] (Google LLC -> Google, Inc.)
R1 googledrivefs3525; C:\WINDOWS\System32\DRIVERS\googledrivefs3525.sys [389640 2021-08-09] (Google LLC -> Google, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-08-15] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-08-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-08-16] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69016 2021-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-08-15] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156880 2021-08-16] (Malwarebytes Inc -> Malwarebytes)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [164424 2020-08-14] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2021-08-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [434424 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-04] (Microsoft Windows -> Microsoft Corporation)
S4 DBUtilDrv2; \SystemRoot\System32\drivers\DBUtilDrv2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-16 18:12 - 2021-08-16 18:15 - 000025808 _____ C:\Users\jhauk\Desktop\FRST.txt
2021-08-16 14:32 - 2021-08-16 14:32 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-08-16 14:32 - 2021-08-16 14:32 - 000156880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-08-16 14:32 - 2021-08-16 14:32 - 000069016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-08-16 14:32 - 2021-08-16 14:32 - 000000000 ____D C:\Users\jhauk\AppData\LocalLow\IGDump
2021-08-15 17:50 - 2021-08-16 14:24 - 000000000 ____D C:\AdwCleaner
2021-08-15 17:49 - 2021-08-15 17:49 - 008553680 _____ (Malwarebytes) C:\Users\jhauk\Desktop\AdwCleaner.exe
2021-08-15 17:36 - 2021-08-15 17:36 - 000000000 ____D C:\Users\jhauk\AppData\Local\mbam
2021-08-15 17:35 - 2021-08-15 17:35 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-08-15 17:35 - 2021-08-15 17:35 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-08-15 17:35 - 2021-08-15 17:35 - 000002003 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-08-15 17:35 - 2021-08-15 17:35 - 000001991 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-08-15 17:35 - 2021-08-15 17:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-08-15 17:35 - 2021-08-15 17:34 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-08-15 17:35 - 2021-08-15 17:34 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-08-15 17:34 - 2021-08-15 17:34 - 000000000 ____D C:\Program Files\Malwarebytes
2021-08-15 07:33 - 2021-08-15 07:33 - 002300416 _____ (Farbar) C:\Users\jhauk\Desktop\FRST64.exe
2021-08-12 23:53 - 2021-08-12 23:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-08-12 16:54 - 2021-08-13 00:56 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-08-12 06:45 - 2021-08-12 06:45 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-12 06:44 - 2021-08-12 06:44 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-12 06:44 - 2021-08-12 06:44 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-12 06:44 - 2021-08-12 06:44 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-12 06:43 - 2021-08-12 06:43 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-12 06:43 - 2021-08-12 06:43 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-12 06:43 - 2021-08-12 06:43 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-12 06:19 - 2021-08-12 06:19 - 001500480 _____ C:\Users\jhauk\Documents\IMG_20210812_0001.pdf
2021-08-12 06:09 - 2021-08-12 06:09 - 000000000 ___HD C:\$WinREAgent
2021-08-11 11:59 - 2021-08-09 14:57 - 000389640 _____ (Google, Inc.) C:\WINDOWS\system32\Drivers\googledrivefs3525.sys
2021-08-11 11:52 - 2021-08-11 11:52 - 000000000 ____D C:\WINDOWS\{427AB09C-B3AD-4EB7-9D73-6D584684FE91}
2021-08-11 01:58 - 2021-08-11 01:58 - 000298092 _____ C:\Users\jhauk\Documents\Kirk (2021-08-11).rmgb
2021-08-10 02:12 - 2021-08-10 02:12 - 000292640 _____ C:\Users\jhauk\Documents\Kirk (2021-08-10).rmgb
2021-08-09 01:13 - 2021-08-09 01:13 - 000290856 _____ C:\Users\jhauk\Documents\Kirk (2021-08-09).rmgb
2021-08-06 13:39 - 2021-08-06 13:39 - 000000000 ____D C:\Users\jhauk\AppData\Local\Deployment
2021-08-06 13:39 - 2021-08-06 13:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2021-08-06 13:37 - 2021-08-06 13:37 - 000000000 ____D C:\Program Files\Logitech
2021-08-05 07:19 - 2021-08-05 07:19 - 011999962 _____ C:\Users\jhauk\Desktop\YEARBOOK 2019-Interactive-update 01-2020-FINAL.pdf
2021-08-03 07:01 - 2021-08-03 07:01 - 000037678 _____ C:\Users\jhauk\Desktop\APA Blue Silver Days.pdf
2021-08-02 08:49 - 2021-08-02 08:49 - 000647132 _____ C:\Users\jhauk\Documents\IMG_20210802_0004.pdf
2021-08-02 08:41 - 2021-08-02 08:41 - 000932330 _____ C:\Users\jhauk\Documents\IMG_20210802_0003.pdf
2021-07-31 00:53 - 2021-07-31 00:53 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-16 18:16 - 2019-03-18 10:16 - 000000000 ____D C:\ProgramData\IDrive
2021-08-16 18:14 - 2021-06-26 12:56 - 000000000 ____D C:\FRST
2021-08-16 18:11 - 2020-08-05 02:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-16 18:11 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-16 18:11 - 2019-03-18 09:34 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-16 14:38 - 2020-08-05 02:43 - 000842418 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-16 14:38 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-16 14:34 - 2019-03-18 09:43 - 000000000 ____D C:\ProgramData\Mozilla
2021-08-16 14:33 - 2019-03-18 09:43 - 000000000 ____D C:\Users\jhauk\AppData\LocalLow\Mozilla
2021-08-16 14:31 - 2020-08-05 02:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-16 14:31 - 2020-08-05 02:33 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-16 14:31 - 2018-11-21 03:30 - 000000000 ____D C:\Intel
2021-08-16 14:30 - 2019-12-07 05:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-16 14:24 - 2018-11-21 03:25 - 000000000 ____D C:\Program Files\Dell
2021-08-16 07:42 - 2020-06-08 06:52 - 000000000 ____D C:\Users\jhauk\Documents\Outlook Files
2021-08-16 07:37 - 2019-04-09 06:11 - 000000000 ____D C:\Users\jhauk\Desktop\Auk Pics
2021-08-16 00:48 - 2021-07-08 22:15 - 001555456 _____ C:\Users\jhauk\Documents\Kirk.rmgc
2021-08-15 22:49 - 2019-03-18 18:50 - 000000000 ____D C:\Users\jhauk\Documents\Bren
2021-08-15 22:38 - 2019-04-08 06:46 - 040710144 _____ C:\Users\jhauk\Documents\FUNK.rmgc
2021-08-15 17:35 - 2019-12-07 05:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-08-14 22:47 - 2019-04-02 08:43 - 000000000 ____D C:\Program Files\Microsoft Office
2021-08-14 22:19 - 2021-01-22 07:13 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-14 21:18 - 2020-06-20 06:07 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-14 21:18 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-14 21:18 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-13 00:57 - 2020-08-05 02:33 - 000508560 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-13 00:56 - 2019-03-18 09:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-08-13 00:53 - 2019-12-07 05:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-13 00:53 - 2019-12-07 05:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-13 00:53 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-13 00:53 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-13 00:53 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-13 00:53 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-13 00:53 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-13 00:53 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-13 00:53 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-12 23:53 - 2019-03-18 09:43 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-08-12 06:54 - 2019-12-07 05:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-12 05:57 - 2019-03-19 06:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-12 05:54 - 2019-03-19 06:00 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-12 03:24 - 2019-03-18 09:26 - 000000000 ____D C:\Users\jhauk\AppData\Local\Packages
2021-08-11 11:59 - 2021-02-03 14:32 - 000002030 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2021-08-11 07:08 - 2019-03-18 18:57 - 000000000 ____D C:\Users\jhauk\Desktop\John
2021-08-09 07:00 - 2019-03-19 05:21 - 000000000 ____D C:\Users\Aukerman\Desktop\John
2021-08-04 21:26 - 2018-11-21 03:26 - 000000000 ____D C:\ProgramData\Package Cache
2021-08-04 21:14 - 2020-01-18 18:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2021-08-04 13:40 - 2018-11-21 03:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-08-03 05:05 - 2019-03-18 09:35 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-03 01:41 - 2020-08-04 18:38 - 000000000 ____D C:\Users\jhauk
2021-08-02 21:31 - 2020-08-05 02:50 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-02 21:31 - 2020-08-05 02:50 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-02 08:39 - 2020-02-13 14:56 - 000000000 ____D C:\ProgramData\CanonIJPLM
2021-08-02 08:13 - 2020-08-05 02:50 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-02 08:13 - 2020-08-05 02:50 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-07-29 22:27 - 2019-12-07 05:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-07-29 00:53 - 2019-03-27 11:34 - 000000000 ____D C:\Users\jhauk\Desktop\Lou Ann - Choruses; Print-Scan, save to comp., doc. (pdf)
2021-07-28 06:40 - 2019-10-16 07:27 - 000000000 ___HD C:\ProgramData\CyberLink

==================== Files in the root of some directories ========

2003-11-10 16:27 - 2003-11-10 16:26 - 000376884 _____ () C:\Program Files\image001.bmp
2021-01-18 13:44 - 2021-01-18 13:44 - 000000171 _____ () C:\Users\jhauk\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0

==================== FLock ==============================

2021-06-05 11:34 C:\Recovery

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-08-2021
Ran by jhauk (16-08-2021 18:17:39)
Running from C:\Users\jhauk\Desktop
Windows 10 Home Version 21H1 19043.1165 (X64) (2020-08-05 06:51:15)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1015540938-3996997567-1391499832-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1015540938-3996997567-1391499832-503 - Limited - Disabled)
Guest (S-1-5-21-1015540938-3996997567-1391499832-501 - Limited - Disabled)
jhauk (S-1-5-21-1015540938-3996997567-1391499832-1001 - Administrator - Enabled) => C:\Users\jhauk
WDAGUtilityAccount (S-1-5-21-1015540938-3996997567-1391499832-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 4.8 (HKLM\...\{2FA2F521-494C-4E8F-8C30-3D3E81590413}) (Version: 4.8.0.2852 - Open Media LLC)
AceMoney (HKLM-x32\...\AceMoney_is1) (Version:  - MechCAD Software)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.005.20060 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (HKLM\...\{B7626024-53D9-4982-A1EE-64BC9438DFD5}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.10.2 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.30.1.52 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.5.5.3 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.3.0 - Canon Inc.)
Canon MP970 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP970_series) (Version:  - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.2 - Canon Inc.)
Canon TS8300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS8300_series) (Version: 1.02 - Canon Inc.)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 5.59 - NCH Software)
Dell Digital Delivery Service (HKLM-x32\...\{DD47FCB3-5038-40CE-A02A-85F51BA03F37}) (Version: 3.6.1012.0 - Dell Products, LP)
Dell Mobile Connect Drivers (HKLM\...\{04DF02C6-E3D7-4D26-A44C-6F8A2E218D2C}) (Version: 1.3.6844 - Screenovate Technologies Ltd.)
Dell SupportAssist (HKLM\...\{3A0ECCB6-1034-440E-8672-C4E14CCB7689}) (Version: 3.10.1.23 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{900D0BCD-0B86-4DAA-B639-89BE70449569}) (Version: 5.4.1.14954 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{ec40a028-983b-4213-af2c-77ed6f6fe1d5}) (Version: 5.4.1.14954 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{795931D8-2EBF-4969-A678-4219B161F676}) (Version: 5.4.3.15135 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{555298fa-14a9-48f2-a7a0-9602f31785da}) (Version: 5.4.3.15135 - Dell Inc.)
Dell Update for Windows 10 (HKLM\...\{41D2D254-D869-4CD8-B440-5DF49083C4BA}) (Version: 4.3.0 - Dell Inc.)
Dynamic Application Loader Host Interface Service (HKLM\...\{3252E69D-9075-40FD-A9EF-F6D96091B5BF}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Elevated Installer (HKLM-x32\...\{067FCCD5-0DC8-4D84-849C-A82656EFD36C}) (Version: 6.16.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{78B7CE44-6303-4EC8-9A53-B7F3F3F89E24}) (Version: 6.16.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{824324a6-400d-4ee8-9aa0-72a8627a425e}) (Version: 6.16.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.131 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 50.0.11.0 - Google LLC)
hdAlbum EZ (HKLM-x32\...\{014BBF3C-D9C4-4FD0-857D-E7DDC95263C0}) (Version: 1.7.1.6 - Canon Inc.)
IDrive version 6.7.3.6 (HKLM-x32\...\IDrive_is1) (Version: 6.7.3.6 - Pro Softnet Corp)
Intel® Chipset Device Software (HKLM-x32\...\{70281077-96c3-4f75-938c-dc4746110c00}) (Version: 10.1.17903.8106 - Intel® Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1932.12.0.1298 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.8141 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.9.1040 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{05817e4d-5f15-49b4-afec-7edb31fc7dd6}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{C81FD018-F151-460F-B4F9-0D58039503E2}) (Version: 17.2.4.9002 - Intel Corporation)
Jihosoft Phone Transfer version 3.4.2.0 (HKLM-x32\...\{116B8806-B959-4600-8591-35E60440BD3D}_is1) (Version: 3.4.2.0 - HONGKONG JIHO CO., LIMITED)
Logitech Options (HKLM\...\LogiOptions) (Version: 8.54.161 - Logitech)
Malwarebytes version 4.4.4.126 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.4.126 - Malwarebytes)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.14228.20250 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.73 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 92.0.902.73 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movavi Screen Recorder Studio 10 (HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Movavi Screen Recorder Studio 10) (Version: 10.2.0 - Movavi)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 91.0 (x64 en-US)) (Version: 91.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.2 - Mozilla)
MusicTime Deluxe (HKLM-x32\...\MusicTime Deluxe 4.0.4) (Version: 4.0.4 - Passport)
MusicTime Deluxe 3.5.5 (HKLM-x32\...\MusicTime Deluxe 3.5.5) (Version:  - )
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14228.20250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14228.20250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Printer Registration (HKLM-x32\...\Canon EISRegistration) (Version: 1.7.5 - Canon Inc.)
Qualcomm WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.18362.31252 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8791.1 - Realtek Semiconductor Corp.)
RootsMagic 7.6.1.0 (HKLM-x32\...\{D6286873-A757-4A4D-A6EF-0081B3EE32CA}_is1) (Version: RootsMagic 7.6.1.0 - RootsMagic, Inc.)
SmartByte Drivers and Services (HKLM\...\{9668B1BB-D0FE-4C0C-800C-B1555E069A62}) (Version: 3.1.940 - Rivet Networks)
Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 8.18 - NCH Software)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{FBA3961B-D1DF-493C-BC1F-E67D3B832895}) (Version: 2.56.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
VSDC Free Video Editor version 6.3.9.49 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.3.9.49 - Flash-Integro LLC)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Web Launch Recorder (HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\WebLaunchRecorder) (Version: 2.0 - )
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Wondershare TunesGo ( Version 9.7.3 ) (HKLM-x32\...\{0B31C808-8274-460D-8846-C711D40544A0}_is1) (Version: 9.7.3 - Wondershare)
Zoom (HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\ZoomUMX) (Version: 5.4.9 (59931.0110) - Zoom Video Communications, Inc.)

Packages:
=========
Audacity 2 -> C:\Program Files\WindowsApps\42109FactoriaDatacenter.Audacity2_2.3.2.0_neutral__zaf1c6h4vqsbt [2019-05-29] (Repackagerexpress.com)
Baseball Game Pro -> C:\Program Files\WindowsApps\25228GameMotionStudio.BaseballGamePro_1.0.1.0_x64__t5x6bekc08gee [2019-11-22] (Game Motion Studio) [MS Ad]
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.62.4.0_x86__kgqvnymyfvs32 [2021-08-06] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2080.1.0_x86__kgqvnymyfvs32 [2021-08-09] (king.com)
Canon Office Printer Utility -> C:\Program Files\WindowsApps\34791E63.CanonOfficePrinterUtility_12.7.0.0_x64__6e5tt8cgb93ep [2019-08-26] (Canon Inc.)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_13.0.10.0_x86__m9bz608c1b9ra [2021-07-28] (Nordcurrent)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.3.0.0_x64__htrsf667h5kn2 [2021-08-06] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.92.0_x64__htrsf667h5kn2 [2021-08-10] (Dell Inc)
Dell Mobile Connect 3.3 -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9803.0_x64__0vhbc3ng4wbp0 [2021-06-20] (Screenovate Technologies) [Startup Task]
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.10.4.0_x64__htrsf667h5kn2 [2021-08-04] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.3.12.0_x86__htrsf667h5kn2 [2021-08-11] (Dell Inc)
Downloader for YouTube. Free Coverter to MP3, MP4 & AVI. -> C:\Program Files\WindowsApps\13240GoodBuzzMedia.DownloaderforYouTube.FreeCovert_1.1.17.0_x64__pkybfkfh0fpqa [2020-11-03] (Good Buzz Media)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2020-01-17] (Dropbox Inc.)
Express Burn CD and DVD Burner Free -> C:\Program Files\WindowsApps\NCHSoftware.ExpressBurnFree_10.2.0.0_x86__7kedsbyvzns34 [2021-06-18] (NCH Software)
Fitbit -> C:\Program Files\WindowsApps\Fitbit.Fitbit_2.44.1997.0_x64__6mqt6hf9g46tw [2019-11-14] (Fitbit)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-03-18] (Fitbit)
Free Instant Youtube Downloader -> C:\Program Files\WindowsApps\356E5ED5.FreeInstantYoutubeDownloader_1.5.2.0_x64__n9erwrkheyjxe [2020-02-05] (Prospera Software Inc.) [MS Ad]
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.15.0_neutral__8xx8rvfyw5nnt [2021-06-25] (Instagram)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-07-21] (INTEL CORP) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-17] (INTEL CORP)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12114.15.53119.0_x64__nzyj5cx40ttqa [2021-08-10] (Apple Inc.) [Startup Task]
Libby, by OverDrive -> C:\Program Files\WindowsApps\2FA138F6.LibbybyOverDrive_1.4.2.0_x64__daecb9042jmvt [2019-07-20] (OverDrive Inc.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-03-18] (LinkedIn)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.60.0_x64__wafk5atnkzcwy [2021-02-26] (McAfee LLC.)
Media Player -> C:\Program Files\WindowsApps\YellowElephantProductions.MediaPlayerS_1.175.91.0_x64__p3e1zgp7z7szg [2021-05-27] (Yellow Elephant Productions)
Media Suite Essentials for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.MediaSuiteEssentialsforDell_2.6.4028.0_x86__mcezb6ze687jp [2020-03-27] (CYBERLINK CORPORATION.)
Meme-Generator -> C:\Program Files\WindowsApps\8840NaveenCS.Meme-Generator_3.3.0.0_neutral__20e0kv46hk748 [2019-04-27] (Naveen CS)
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1809.1.0_x64__8wekyb3d8bbwe [2019-11-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1809.1.0_x86__8wekyb3d8bbwe [2019-11-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-04] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.17.1101.0_x64__8wekyb3d8bbwe [2021-08-10] (Microsoft Studios)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-11] (Microsoft Corporation)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_1.91.7.0_x64__htrsf667h5kn2 [2021-08-06] (Dell Inc)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-16] (Netflix, Inc.)
OpenShot Video Editor - MS Store Port -> C:\Program Files\WindowsApps\37559StorePorts.OpenShotVideoEditor-MSStorePort_1.1.2.0_x64__gbs9e2cxjv4vj [2020-02-22] (Store Ports)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-01] (Microsoft Corporation)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.27.1.0_x64__nfy108tqq3p12 [2021-02-20] (Thumbmunkeys Ltd)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2019-03-18] (Plex)
Power Media Player for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerMediaPlayerforDell_14.2.3708.0_x86__mcezb6ze687jp [2021-07-14] (CYBERLINK CORPORATION.)
Power2Go for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.Power2GoforDell_11.0.3920.0_x86__mcezb6ze687jp [2020-08-12] (CYBERLINK CORPORATION.) [Startup Task]
PowerDirector for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerDirectorforDell_15.0.4409.0_x64__mcezb6ze687jp [2019-03-18] (CYBERLINK CORPORATION.)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.490.34744.0_x86__55nm5eh3cm0pr [2021-08-13] (ROBLOX Corporation)
Screen Recorder Lite -> C:\Program Files\WindowsApps\YellowElephantProductions.ScreenRecorderLite_1.142.137.0_x64__p3e1zgp7z7szg [2021-05-27] (Yellow Elephant Productions) [Startup Task]
SHARE.it -> C:\Program Files\WindowsApps\30608Paradox.SHAREit81_1.7.18.0_x64__ghshvk1r7eapp [2019-04-30] (SHAREit Technologies Co.Ltd) [MS Ad]
Slack -> C:\Program Files\WindowsApps\91750D7E.Slack_4.18.0.0_x64__8she8kybcnzg4 [2021-07-28] (Slack Technologies Inc.) [Startup Task]
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.995.0_x64__rh07ty8m5nkag [2021-08-14] (Rivet Networks LLC)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation)
Ultra Screen Recorder -> C:\Program Files\WindowsApps\D5BE6627.UltraScreenRecorder_2.0.9.0_x86__9pm2v9747qaaa [2021-03-29] (CompuClever Systems Inc.)
VideoPad Video Editor Free -> C:\Program Files\WindowsApps\NCHSoftware.VideoPadVideoEditorFree_10.6.4.0_x86__7kedsbyvzns34 [2021-08-06] (NCH Software)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2019-10-11] (VideoLAN)
Waves MaxxAudio Pro for Dell -> C:\Program Files\WindowsApps\WavesAudio.WavesMaxxAudioProforDell_1.1.131.0_x64__fh4rh281wavaa [2019-03-18] (Waves Audio)
Zalo Desktop -> C:\Program Files\WindowsApps\VNGOnline.Zalofordesktop_19.8.1.0_x64__z59ddpn1nx8g0 [2019-08-17] (VNG Online)
ZAPYA -> C:\Program Files\WindowsApps\EBAC32FB.ZAPYA_1.2.6.0_x86__7pjp2xjm0bc9w [2019-04-30] (邻动(北京)技术有限公司)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [          0001IDSIcon1] -> {0FA6DCC0-CF0B-427D-A8AF-97C466AB5769} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2020-02-18] (Pro Softnet Corporation -> Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: [          0001IDSIcon2] -> {66357BBE-D2E5-453C-95FF-8102EB32419D} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2020-02-18] (Pro Softnet Corporation -> Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: [          0001IDSIcon3] -> {904E6336-8B13-43FA-B4C3-5B62C1C91971} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2020-02-18] (Pro Softnet Corporation -> Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\50.0.11.0\drivefsext.dll [2021-08-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\50.0.11.0\drivefsext.dll [2021-08-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\50.0.11.0\drivefsext.dll [2021-08-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\50.0.11.0\drivefsext.dll [2021-08-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-25] () [File not signed] [File is in use]
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\50.0.11.0\drivefsext.dll [2021-08-09] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2020-02-18] () [File not signed]
ContextMenuHandlers2: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2020-02-18] () [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-08-15] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-25] () [File not signed] [File is in use]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\50.0.11.0\drivefsext.dll [2021-08-09] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2020-02-18] () [File not signed]
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\50.0.11.0\drivefsext.dll [2021-08-09] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_0219cc1c7085a93f\igfxDTCM.dll [2018-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-08-15] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.voxacm160] => C:\WINDOWS\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\WINDOWS\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\WINDOWS\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lame] => C:\WINDOWS\system32\lame.ax [245760 2005-08-01] () [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-19] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\WINDOWS\system32\xvidvfw.dll [139264 2004-07-03] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-02-23 19:04 - 2020-02-18 13:19 - 000834048 _____ () [File not signed] C:\Program Files (x86)\IDriveWindows\sqlite3.dll
2021-05-27 10:29 - 2021-05-27 10:29 - 000144896 _____ () [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\libssh2.dll
2021-05-27 10:29 - 2021-05-27 10:29 - 000077824 _____ () [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\zlib.dll
2021-06-27 16:45 - 2016-10-21 16:06 - 000318976 _____ (CANON INC) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\scchmpm.dll
2021-06-27 16:45 - 2017-06-27 10:59 - 000219648 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\cnmpu2.dll
2021-06-27 16:45 - 2017-11-02 15:36 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_ENU.DLL
2021-06-27 16:45 - 2017-11-02 15:36 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2011-08-30 08:06 - 2011-08-30 08:06 - 000267776 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNBLM4.DLL
2019-03-19 05:52 - 2012-08-30 11:18 - 000252416 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2019-03-18 09:21 - 2011-08-30 08:06 - 000084992 _____ (CANON INC.) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\CNBPP4.DLL
2020-12-01 01:14 - 2020-12-01 01:14 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\x64\SQLite.Interop.dll
2021-05-27 10:29 - 2021-05-27 10:29 - 000355840 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\LIBCURL.dll
2021-05-27 10:29 - 2021-05-27 10:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\LIBEAY32.dll
2021-05-27 10:29 - 2021-05-27 10:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\SSLEAY32.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-1015540938-3996997567-1391499832-1001 -> DefaultScope {43B1B2E9-843B-4459-8E32-95BA5A2117FD} URL =
SearchScopes: HKU\S-1-5-21-1015540938-3996997567-1391499832-1001 -> {43B1B2E9-843B-4459-8E32-95BA5A2117FD} URL =
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-29] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\oldnational.com -> hxxps://www.oldnational.com
IE trusted site: HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\pnc.com -> hxxps://www.onlinebanking.pnc.com
IE trusted site: HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\sharepoint.com -> hxxps://anderson0-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-11 19:38 - 2018-04-11 19:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2021-07-12 06:56 - 2021-07-12 06:56 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jhauk\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\2020 08 07 The boys.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "DellMobileConnectWelcome"
HKLM\...\StartupApproved\Run: => "WavesSvc"
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\StartupApproved\Run: => "Zalo"
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\StartupApproved\Run: => "GarminExpress"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{0BF25BA8-8276-4A70-9625-7D0BC5C469D6}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{3AA89511-D6C1-4D99-B70B-6B07A506BA62}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{05D6B342-78F3-482C-B53E-0D3E4467F99D}] => (Allow) C:\Users\jhauk\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{482CD256-9F6B-400E-B563-E6821169580F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C2006FCD-AD51-45E0-B4A4-B874E7474F91}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{55DBA7B1-5982-433F-8D38-DE7E7E51F490}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{D545A722-3337-485D-BDC1-704C1A98AB82}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{88D6118D-6A11-4619-897E-735523227F99}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{7023B499-2448-4724-8081-517C15763D1F}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{3F2A6D7E-9815-45CF-B176-9C8BC9FA27E0}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector -> Flash-Integro LLC)
FirewallRules: [{D8DD128A-FB4A-448A-85E4-37BFF4E1E1A5}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector -> Flash-Integro LLC)
FirewallRules: [TCP Query User{565B4B4A-B93A-4ECA-975E-380E884EDBFF}C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.2.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\openshot-qt.exe] => (Allow) C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.2.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [UDP Query User{6E23B3D1-7A4F-4AF6-9719-0D263E97DE6D}C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.2.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\openshot-qt.exe] => (Allow) C:\program files\windowsapps\37559storeports.openshotvideoeditor-msstoreport_1.1.2.0_x64__gbs9e2cxjv4vj\vfs\programfilesx64\openshot video editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [TCP Query User{0937C031-7424-4A22-A065-9A9E1D396F17}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Allow) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe => No File
FirewallRules: [UDP Query User{37020B62-4258-4ABC-9472-2368C60CE78C}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Allow) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe => No File
FirewallRules: [{4463B185-C0FA-46C6-B744-2AED2F374A76}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9803.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{6E459C1C-9939-4077-AEEA-00B6EB94115A}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9803.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{D81A318B-15E1-46EB-B78E-A18AAF4AB65F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B9BDEE47-6F93-4C66-84AC-576D8F251DD5}] => (Allow) C:\Program Files\WindowsApps\91750D7E.Slack_4.18.0.0_x64__8she8kybcnzg4\app\Slack.exe (Slack Technologies, Inc. -> Slack Technologies Inc.)
FirewallRules: [{6BD0860C-EE43-47D1-9A6D-39E398B1D2D8}] => (Allow) C:\Program Files\WindowsApps\91750D7E.Slack_4.18.0.0_x64__8she8kybcnzg4\app\Slack.exe (Slack Technologies, Inc. -> Slack Technologies Inc.)
FirewallRules: [{B80D4319-75F0-4858-A1F9-DD98E3EA2D14}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{036C20CF-D6E6-4B34-B413-9459073ED26F}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{2468C69D-8417-4526-90E0-2E465723B704}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12114.15.53119.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{220C269A-8EE6-48E6-A323-BFCD540BF849}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12114.15.53119.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{111804C0-BC80-4D8F-A24F-804D8022E50B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12114.15.53119.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6E25750B-2BE7-42C6-94C6-095F33BC3349}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12114.15.53119.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3E5F313E-5DDE-4B1E-8C23-51676920165C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12114.15.53119.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5E4FFFC6-AC5C-4DCD-93F5-D4B9F06A75E1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12114.15.53119.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D4DBA234-D20D-483E-A5DC-E0BEF3B55E2F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12114.15.53119.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1B342F75-4AED-4336-A93B-6F4927E3FC31}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12114.15.53119.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EA0541AA-188D-482E-83CE-1B5D1E6088BC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EB4638D4-0529-4A69-ABDC-EEAA55206CCD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C180F0BC-51F0-4711-BA5C-ADCAF2E0AC4E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D23297D9-2C23-4791-A150-F494EB045B8A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1D09C328-DFA3-42E7-8948-DA72ADDEDFB7}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\92.0.902.73\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

16-08-2021 08:00:59 Scheduled Checkpoint
16-08-2021 14:23:45 AdwCleaner_BeforeCleaning_16/08/2021_14:23:44

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/16/2021 02:44:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ServiceShell.exe, version: 2.3.0.36, time stamp: 0x60f69f04
Faulting module name: KERNELBASE.dll, version: 10.0.19041.1151, time stamp: 0x891df6d3
Exception code: 0xe0434352
Fault offset: 0x0000000000034ed9
Faulting process id: 0x20e0
Faulting application start time: 0x01d792cd735ff0a5
Faulting application path: C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 17520b53-b377-4fc4-a71d-da94270b0678
Faulting package full name:
Faulting package-relative application ID:

Error: (08/16/2021 02:44:45 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: ServiceShell.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.Remoting.RemotingException
   at Dell.Asimov.FrameworkCore.ApplicationModel.TaskBridge`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].SetException(System.Exception)
   at Dell.Asimov.FrameworkCore.ApplicationModel.MarshalTask+<CallActualAsync>d__7`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].MoveNext()
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()

Error: (08/16/2021 06:56:07 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Microsoft.Photos.exe version 2021.21070.22007.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2bd0

Start Time: 01d7928ad1cc1688

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2021.21070.22007.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

Report Id: 85ed025a-0d6a-4eb0-9391-463caba39320

Faulting package full name: Microsoft.Windows.Photos_2021.21070.22007.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: App

Hang type: Quiesce

Error: (08/12/2021 04:51:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchApp.exe version 10.0.19041.1110 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 7df8

Start Time: 01d78f5eecf13861

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe

Report Id: db5a2d8d-c5a0-468f-9964-47763504ae0f

Faulting package full name: Microsoft.Windows.Search_1.14.2.19041_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: CortanaUI

Hang type: Quiesce

Error: (08/11/2021 11:52:09 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid.
.


Operation:
   Executing Asynchronous Operation

Context:
   Current State: DoSnapshotSet

Error: (08/09/2021 06:24:10 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 10.0.19041.1081 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1eec

Start Time: 01d78d089b97db44

Termination Time: 4294967295

Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

Report Id: 589e382c-2182-460b-b287-ee227b442ecc

Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel

Hang type: Quiesce

Error: (08/07/2021 06:44:04 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.19041.1110 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1874

Start Time: 01d78b77ce2b7b2c

Termination Time: 0

Application Path: C:\Windows\explorer.exe

Report Id: ac4aea7b-7387-41b3-b7b5-fca21e7504eb

Faulting package full name:

Faulting package-relative application ID:

Hang type: Cross-process

Error: (08/06/2021 01:39:05 PM) (Source: VSTO 4.0) (EventID: 4096) (User: )
Description: Customization URI: file:///C:/ProgramData/Logishrd/LogiOptions/Plugins/ca7c0911-fbf7-4e87-9c23-25987358303b/Content/publish/LogiOptionsWordAddin.vsto
Exception: Attempting to uninstall a customization that has not been installed on this computer or has already been uninstalled from this computer. Please correct the parameter values and try again.


************** Exception Text **************
Microsoft.VisualStudio.Tools.Office.Runtime.SolutionInstallerException: Attempting to uninstall a customization that has not been installed on this computer or has already been uninstalled from this computer. Please correct the parameter values and try again.
   at Microsoft.VisualStudio.Tools.Office.Runtime.SolutionInstaller.ProcessInstallerOperation(ClickOnceAddInDeploymentManager clickOnceAddInDeploymentManager, OfficeAddInDeploymentManager officeAddInDeploymentManager, AddInInformation& info)
   at Microsoft.VisualStudio.Tools.Office.Runtime.SolutionInstaller.ProcessInstallerOperation(Boolean uninstall, Boolean silent, Uri manifest, Int32& errorCode, String& errorMessage)


************** Loaded Assemblies **************
mscorlib
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4390.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v4.0.30319/mscorlib.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Office.Runtime
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.60828.0
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Office.Runtime/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Office.Runtime.dll
----------------------------------------
System.Core
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4390.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Core/v4.0_4.0.0.0__b77a5c561934e089/System.Core.dll
----------------------------------------
System
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4360.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System/v4.0_4.0.0.0__b77a5c561934e089/System.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.Hosting
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.60828.0
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Hosting/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Hosting.dll
----------------------------------------
System.Windows.Forms
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4390.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Windows.Forms/v4.0_4.0.0.0__b77a5c561934e089/System.Windows.Forms.dll
----------------------------------------
System.Drawing
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4390.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Drawing/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.ServerDocument
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.60828.0
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.ServerDocument/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.ServerDocument.dll
----------------------------------------
System.Deployment
    Assembly Version: 4.0.0.0
    Win32 Version: 4.8.4270.0 built by: NET48REL1LAST_C
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/System.Deployment/v4.0_4.0.0.0__b03f5f7f11d50a3a/System.Deployment.dll
----------------------------------------
Microsoft.VisualStudio.Tools.Applications.Runtime
    Assembly Version: 10.0.0.0
    Win32 Version: 10.0.60828.0
    CodeBase: file:///C:/WINDOWS/Microsoft.Net/assembly/GAC_MSIL/Microsoft.VisualStudio.Tools.Applications.Runtime/v4.0_10.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualStudio.Tools.Applications.Runtime.dll
----------------------------------------


System errors:
=============
Error: (08/16/2021 02:44:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Client Management Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (08/16/2021 02:41:07 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Downloaded Maps Manager service hung on starting.

Error: (08/16/2021 02:38:43 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Delivery Optimization service hung on starting.

Error: (08/16/2021 02:35:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dell SupportAssist Remediation service failed to start due to the following error:
The system cannot find the file specified.

Error: (08/16/2021 02:35:02 PM) (Source: googledrivefs3514) (EventID: 2) (User: )
Description: The driver version of the disk does not match.

Error: (08/16/2021 02:25:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dell SupportAssist Remediation service failed to start due to the following error:
The system cannot find the file specified.

Error: (08/16/2021 02:25:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Microsoft Office Click-to-Run Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (08/16/2021 02:25:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Dell Hardware Support service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.


Windows Defender:
================
Date: 2021-08-15 07:58:02
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-08-14 22:49:21
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-08-14 22:43:48
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-08-14 21:28:01
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-08-12 17:02:39
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===============
Date: 2021-08-15 17:39:34
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2021-08-15 17:37:14
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2021-08-09 06:23:37
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume3\Program Files\Google\Drive File Stream\49.0.11.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. 2.15.0 02/21/2020
Motherboard: Dell Inc. 0H4VK7
Processor: Intel® Core™ i3-8100 CPU @ 3.60GHz
Percentage of memory in use: 73%
Total physical RAM: 8006.97 MB
Available physical RAM: 2086.14 MB
Total Virtual: 11846.97 MB
Available Virtual: 3431.77 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:917.05 GB) (Free:569.31 GB) NTFS
Drive g: (Google Drive) (Fixed) (Total:917.05 GB) (Free:540.84 GB) FAT32

\\?\Volume{ddeb6c84-810c-46a1-aec6-44f8c7ccad3a}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.45 GB) NTFS
\\?\Volume{df0a5467-a661-4a6f-af6f-55c9d5055271}\ (Image) (Fixed) (Total:11.66 GB) (Free:0.22 GB) NTFS
\\?\Volume{5da840b2-c364-4272-bd43-d66afc350687}\ (DELLSUPPORT) (Fixed) (Total:1.07 GB) (Free:0.21 GB) NTFS
\\?\Volume{7f86ac07-f133-4645-b879-12d32c99ea96}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.56 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 926B0D78)

Partition: GPT.

==================== End of Addition.txt =======================


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP