My Windows 10 laptop is running slow not sure if due to virus, malware or something else. Here are the results of FRST.txt and Addition.txt:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-11-2022 01
Ran by denis (administrator) on DENIS-HPLAPTOP (HP HP Laptop 15-bs0xx) (11-11-2022 13:57:51)
Running from C:\Users\denis\Desktop
Loaded Profiles: denis
Platform: Microsoft Windows 10 Home Version 22H2 19045.2251 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(C:\Program Files\WD Desktop App\kdd.exe ->) (Western Digital Technologies, Inc. -> ) C:\Program Files\WD Desktop App\wdsync.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCopyAccelerator.exe
(C:\Windows\SysWOW64\cmd.exe ->) (Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files\WD Desktop App\kdd.exe
(DriverStore\FileRepository\ki135422.inf_amd64_819df826076efbf4\igfxCUIService.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki135422.inf_amd64_819df826076efbf4\igfxEM.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <7>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(IDrive, Inc. -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe
(IDrive, Inc. -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_tray.exe
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <11>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe
(services.exe ->) (HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (IDrive, Inc. -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_service.exe
(services.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki135422.inf_amd64_819df826076efbf4\igfxCUIService.exe
(services.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki135422.inf_amd64_819df826076efbf4\IntelCpHDCPSvc.exe
(services.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki135422.inf_amd64_819df826076efbf4\IntelCpHeciSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(svchost.exe ->) (HP Inc. -> ) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Western Digital Technologies, Inc. -> ) C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe
(svchost.exe ->) (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe <4>
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WDDiscoveryMonitor.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-04-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [231640 2016-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1074600 2016-08-28] (Heidi Computers Ltd -> The Eraser Project)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11209952 2022-11-08] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [81379600 2022-07-21] (Western Digital Technologies, Inc. -> Western Digital Corporation)
HKLM-x32\...\Run: [IDrive Background process] => C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe [81920 2022-11-07] (IDrive, Inc. -> Prosoftnet)
HKLM-x32\...\Run: [IDrive Tray] => C:\Program Files (x86)\IDriveWindows\id_tray.exe [1999360 2022-11-07] (IDrive, Inc. -> Prosoftnet)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-494053625-944044607-777972334-1001\...\Run: [Microsoft Edge Update] => C:\Users\denis\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\MicrosoftEdgeUpdateCore.exe [263640 2022-11-07] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\BJ Print Processor4: C:\Windows\System32\spool\prtprocs\x64\CNBPP4.DLL [84992 2011-08-30] (CANON INC.) [File not signed]
HKLM\...\Windows x64\Print Processors\Canon MG6600 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDC9.DLL [30208 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\BJ Language Monitor4: C:\WINDOWS\system32\CNBLM4.DLL [267776 2011-08-30] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG6600 series: C:\WINDOWS\system32\CNMLMC9.DLL [406016 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG6600 series XPS: C:\WINDOWS\system32\CNMXLMC9.DLL [408576 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [375296 2014-03-17] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Nitro PDF Port Monitor: C:\WINDOWS\system32\nitrolocalmon11.dll [31944 2017-03-09] (Nitro Software, Inc. -> Nitro Software, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\107.0.5304.107\Installer\chrmstp.exe [2022-11-10] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03C711A2-3407-407E-84D9-AA777D0B7C9D} - System32\Tasks\WD Discovery Service Task denis => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [78608 2022-07-21] (Western Digital Technologies, Inc. -> )
Task: {0E184DB2-0111-498F-8527-105042E54F85} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-08] (Google Inc -> Google Inc.)
Task: {15D16A18-9ECD-42D3-AD46-AF38A0AF3808} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-494053625-944044607-777972334-1001UA => C:\Users\denis\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-07-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {22554D47-D0E9-42D7-B922-F921292511E2} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {22BB2B09-5540-41D5-B633-06B549B8FAD4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2022-10-26] (HP Inc. -> HP Inc.)
Task: {2E9DAD5B-514B-4E54-B885-D6F1F0C81FF1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-08] (Google Inc -> Google Inc.)
Task: {47410AE0-C70D-47D9-A5AE-CEBEBBA42C71} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {6435B68D-64B0-45BF-B035-E3FE94C9F31B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154960 2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {652BA998-D3BA-40E9-98DE-2741045CCF97} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114600 2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {76D2CFB5-3FEA-40DD-B4FB-0155FAA93D6F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1149512 2022-10-26] (HP Inc. -> HP Inc.)
Task: {7CE88213-A5FD-48EE-AB39-1F6AC5017B39} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {83905423-80BC-4349-AD90-D216ED48DDBF} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {8811EC4C-FE83-4429-B0B2-FCB521FD79E4} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {960ADBEB-8190-4095-8351-DA0EEACF1446} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [459264 2017-02-01] (HP Inc. -> )
Task: {AB3BA3AE-F343-41B4-AC61-C6FFDD071DEA} - System32\Tasks\WD Device Agent Task denis => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe [723728 2022-07-21] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {AE8DF72B-2DF6-4DB4-8096-801999B764B1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114600 2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {B169EDD5-D87C-4753-A69D-DA3A242E1351} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {C4529DC9-286A-467F-B5DC-9EE0EC06912A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D6A57077-A673-4215-A6C7-73A844BF7CF3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (No File)
Task: {D6E98111-0C53-45F1-8CC2-1B6A56179EFB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (No File)
Task: {DE34FB6B-0603-44FE-A8A0-63B721AABB0C} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {E9A41083-49E4-4FD6-B838-FEC32ADFB8A2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26154960 2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {EB4D8336-C744-4CBB-AE4F-6997FAF13CB8} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-494053625-944044607-777972334-1001Core => C:\Users\denis\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-07-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {EDFFA0C7-2405-4346-AF2F-1B909075C316} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F2D26E5E-6F26-46DD-A925-9678BA5A6BCC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FBAEF35A-542B-4A5F-95AE-8255944AD2B4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{2ea36f8f-d3aa-4e25-a9ab-92bef204ab0e}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{47e09115-c3f4-4921-8d67-2540f3ce0479}: [DhcpNameServer] 192.168.1.1
Edge:
=======
DownloadDir: C:\Users\denis\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\denis\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-04]
Edge DownloadDir: Default -> C:\Users\denis\Downloads
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\denis\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-09-08]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 9rjnt6yf.default-1605649514060
FF ProfilePath: C:\Users\denis\AppData\Roaming\Mozilla\Firefox\Profiles\9rjnt6yf.default-1605649514060 [2022-11-11]
FF Notifications: Mozilla\Firefox\Profiles\9rjnt6yf.default-1605649514060 -> hxxps://calendar.google.com
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\denis\AppData\Roaming\Mozilla\Firefox\Profiles\9rjnt6yf.default-1605649514060\Extensions\[email protected] [2022-11-03]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\denis\AppData\Roaming\Mozilla\Firefox\Profiles\9rjnt6yf.default-1605649514060\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-10-10]
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2018-06-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2018-06-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-10-16] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2016-11-22] (WildTangent Inc -> )
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\denis\AppData\Local\Google\Chrome\User Data\Default [2022-11-04]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://drive.google.com; hxxps://mail.google.com
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultNewTabURL: Default -> hxxps://duckduckgo.com/chrome_newtab
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\denis\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-07-22]
CHR Extension: (Google Docs Offline) - C:\Users\denis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-14]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\denis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-07-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\denis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-10]
CHR Extension: (Pluto TV – Watch Free TV And Movies) - C:\Users\denis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdkimnjejgchcbcapfjpdaaiigdkocmh [2020-07-07]
CHR Profile: C:\Users\denis\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-11-04]
CHR Profile: C:\Users\denis\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-11-04]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\denis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-11-02]
CHR Extension: (Google Docs Offline) - C:\Users\denis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-02]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\denis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-11-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\denis\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-16]
CHR Profile: C:\Users\denis\AppData\Local\Google\Chrome\User Data\System Profile [2022-11-04]
CHR HKLM-x32\...\Chrome\Extension: [dofoafnmdocgkdphpkdooahjkhpmakjd]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\denis\AppData\Roaming\Opera Software\Opera Stable [2021-06-28]
OPR DefaultSuggestURL: Opera Stable -> hxxps://ac.duckduckgo.com/ac/?q={searchTerms}&type=list&t={opera:vpnClient}
OPR Extension: (Rich Hints Agent) - C:\Users\denis\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-06-25]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [126944 2017-03-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12516280 2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2022-11-08] (Dropbox, Inc -> Dropbox, Inc.)
S3 dcsvc; C:\WINDOWS\system32\dcsvc.dll [785408 2022-11-08] (Microsoft Windows -> Microsoft Corporation)
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350064 2016-11-22] (WildTangent Inc -> WildTangent)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [File not signed]
R2 HP Orbit Service; C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe [3421616 2017-06-20] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [787512 2022-10-26] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [786512 2022-10-26] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [782904 2022-10-26] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [787016 2022-10-26] (HP Inc. -> HP Inc.)
S2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc. -> HP Inc.)
R2 IDriveService; C:\Program Files (x86)\IDriveWindows\id_service.exe [416768 2022-11-07] (IDrive, Inc. -> Prosoftnet)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [8019640 2022-03-03] (Malwarebytes Inc -> Malwarebytes)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe [3191272 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe [133544 2022-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 HPSupportSolutionsFrameworkService; "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [221096 2022-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-03-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [194480 2022-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-03-03] (Malwarebytes Inc -> Malwarebytes)
R3 MpKslfe38c7ce; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5A43B6EA-EB6D-42FC-AA61-5DA7B0D75634}\MpKslDrv.sys [214280 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-11-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [469288 2022-11-10] (Microsoft Windows -> Microsoft Corporation)
R1 wdfsconnect2017; C:\WINDOWS\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-10] (Microsoft Windows -> Microsoft Corporation)
R3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
S3 Ser2pl; \SystemRoot\system32\DRIVERS\ser2pl64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-11-11 13:57 - 2022-11-11 14:00 - 000031123 _____ C:\Users\denis\Desktop\FRST.txt
2022-11-11 13:57 - 2022-11-11 13:57 - 000000000 ____D C:\Users\denis\Desktop\FRST-OlderVersion
2022-11-11 13:56 - 2022-11-11 13:59 - 000000000 ____D C:\FRST
2022-11-11 13:54 - 2022-11-11 13:57 - 002375168 _____ (Farbar) C:\Users\denis\Desktop\FRST64.exe
2022-11-11 13:01 - 2022-11-11 13:01 - 007690078 _____ C:\Users\denis\Downloads\November 2022 ENGC Newsletter.pdf
2022-11-11 12:55 - 2022-11-11 12:55 - 013283443 _____ C:\Users\denis\Downloads\October 2022 ENGC Newsletter.pdf
2022-11-11 12:53 - 2022-11-11 12:53 - 004711175 _____ C:\Users\denis\Downloads\September 2022 ENGC Newsletter.pdf
2022-11-11 12:48 - 2022-11-11 12:48 - 000105828 _____ C:\Users\denis\Downloads\Smallbore Discipline 2022 Bulletin.pdf
2022-11-10 20:05 - 2022-11-10 20:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-11-08 18:44 - 2022-11-08 18:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-11-08 18:44 - 2022-11-08 18:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-11-08 18:44 - 2022-11-08 18:44 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-11-08 18:44 - 2022-11-08 18:44 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-11-08 17:49 - 2022-11-08 17:49 - 000000000 ___HD C:\ProgramData\temp
2022-11-08 15:08 - 2022-11-08 15:08 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-08 15:08 - 2022-11-08 15:08 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-08 15:08 - 2022-11-08 15:08 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-08 15:05 - 2022-11-08 15:05 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-08 14:23 - 2022-11-08 14:23 - 000000000 ___HD C:\$WinREAgent
2022-11-07 19:53 - 2022-11-07 19:53 - 000001140 _____ C:\Users\Public\Desktop\IDrive.lnk
2022-11-07 19:53 - 2022-11-07 19:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IDrive
2022-11-05 10:54 - 2022-11-06 19:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-10-18 12:10 - 2022-10-18 12:10 - 000002277 _____ C:\Users\denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox Private Browsing.lnk
2022-10-14 04:19 - 2022-10-22 04:04 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2022-10-14 04:19 - 2022-10-22 04:04 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2022-10-13 13:43 - 2022-10-13 13:43 - 033541998 _____ C:\Users\denis\Downloads\Altos-Windows-1-9-11.exe
2022-10-12 04:51 - 2022-10-12 04:51 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-10-12 04:51 - 2022-10-12 04:51 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-10-12 04:50 - 2022-10-12 04:50 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-10-12 04:50 - 2022-10-12 04:50 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-10-12 04:49 - 2022-10-12 04:49 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-11-11 13:57 - 2019-12-07 03:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-11 13:54 - 2017-07-08 14:55 - 000000000 ____D C:\Users\denis\AppData\LocalLow\Mozilla
2022-11-11 13:43 - 2022-02-09 09:47 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-11-11 13:42 - 2017-07-12 19:43 - 000000000 ____D C:\Users\denis\Documents\Exchange
2022-11-11 13:25 - 2020-06-22 23:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-11-11 13:14 - 2017-07-08 15:43 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-11 12:44 - 2019-10-07 14:16 - 000000000 ____D C:\Users\denis\AppData\Roaming\PaperScan Free
2022-11-11 02:15 - 2017-10-18 13:40 - 000000000 ____D C:\ProgramData\IDrive
2022-11-11 01:50 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-10 20:07 - 2022-06-07 15:41 - 000000000 ____D C:\Users\denis\AppData\Roaming\DropboxElectron
2022-11-10 20:07 - 2017-07-08 16:48 - 000000000 ____D C:\Users\denis\AppData\Local\Dropbox
2022-11-10 20:06 - 2017-03-17 08:23 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-11-10 19:15 - 2017-07-08 15:44 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-10 19:15 - 2017-07-08 15:44 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-11-10 18:01 - 2018-02-15 22:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-11-10 04:25 - 2019-12-07 03:13 - 000000000 ____D C:\WINDOWS\INF
2022-11-09 14:51 - 2019-12-07 03:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-08 18:14 - 2022-07-21 19:03 - 000000000 ____D C:\Users\denis\.wdc
2022-11-08 18:13 - 2022-07-21 19:05 - 000000000 ____D C:\Users\denis\AppData\Roaming\WD Discovery
2022-11-08 18:11 - 2017-06-28 20:26 - 000000000 __SHD C:\Users\denis\IntelGraphicsProfiles
2022-11-08 17:56 - 2020-06-22 23:45 - 000934898 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-11-08 17:49 - 2020-06-22 23:23 - 000555760 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-08 17:48 - 2020-06-23 00:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-08 17:48 - 2020-06-22 23:22 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-08 17:48 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-11-08 17:47 - 2019-12-07 03:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-11-08 17:47 - 2017-05-08 12:29 - 000000000 ____D C:\ProgramData\Realtek
2022-11-08 17:46 - 2019-12-07 03:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-08 17:46 - 2019-12-07 03:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-08 17:46 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-08 17:46 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-08 17:46 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-08 17:46 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-08 17:46 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-08 15:21 - 2019-12-07 03:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-08 15:05 - 2020-06-22 23:30 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-08 14:18 - 2017-06-30 18:16 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-08 14:10 - 2017-06-30 18:16 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-08 04:20 - 2021-12-13 03:32 - 000003580 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-494053625-944044607-777972334-1001
2022-11-08 04:20 - 2020-10-30 11:04 - 000002382 _____ C:\Users\denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-11-08 04:20 - 2020-06-23 00:06 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-494053625-944044607-777972334-1001
2022-11-07 19:53 - 2017-10-18 13:40 - 000000000 ____D C:\Program Files (x86)\IDriveWindows
2022-11-07 17:06 - 2021-01-21 23:11 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-11-07 13:18 - 2022-07-22 12:54 - 000003788 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-494053625-944044607-777972334-1001UA
2022-11-07 13:18 - 2022-07-22 12:54 - 000003724 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-494053625-944044607-777972334-1001Core
2022-11-06 19:52 - 2020-06-18 23:13 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-06 19:52 - 2020-06-18 23:13 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-11-06 19:43 - 2017-07-08 14:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-11-06 19:41 - 2020-06-22 23:31 - 000000000 ____D C:\Users\denis
2022-11-05 17:54 - 2021-10-11 16:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-11-05 17:54 - 2017-07-08 14:54 - 000001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-11-04 13:26 - 2020-06-23 00:06 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-11-04 13:25 - 2018-07-24 23:49 - 000000000 ____D C:\Users\denis\AppData\Local\D3DSCache
2022-11-04 09:23 - 2017-07-04 14:57 - 000007598 _____ C:\Users\denis\AppData\Local\Resmon.ResmonCfg
2022-11-03 04:29 - 2017-03-17 08:19 - 000000000 ____D C:\Program Files\HP
2022-11-02 12:09 - 2017-03-17 08:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-10-28 11:26 - 2019-07-18 12:12 - 000000000 ____D C:\Users\denis\AppData\Local\Roblox
2022-10-28 11:16 - 2019-07-18 12:12 - 000000252 _____ C:\Users\denis\AppData\LocalLow\rbxcsettings.rbx
2022-10-28 11:15 - 2022-07-22 13:03 - 000001444 _____ C:\Users\denis\Desktop\Roblox Studio.lnk
2022-10-28 11:15 - 2019-07-18 12:14 - 000000000 ____D C:\Users\denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2022-10-22 04:06 - 2020-06-23 00:06 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-10-14 21:11 - 2020-06-23 00:06 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-14 21:11 - 2020-06-23 00:06 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-13 13:47 - 2020-10-26 15:37 - 000001860 _____ C:\Users\denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Altus Metrum.lnk
2022-10-13 13:47 - 2020-10-26 15:37 - 000001830 _____ C:\Users\denis\Desktop\Altus Metrum.lnk
2022-10-13 13:47 - 2020-10-26 15:37 - 000000000 ____D C:\Program Files\AltusMetrum
2022-10-12 16:53 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-10-12 16:53 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-10-12 16:53 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-10-12 05:08 - 2019-12-07 03:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-10-12 05:08 - 2019-12-07 03:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
==================== Files in the root of some directories ========
2020-08-22 12:30 - 2021-01-12 12:34 - 000009329 _____ () C:\Users\denis\AppData\Roaming\Comma Separated Values (DOS).EML
2021-05-15 18:17 - 2021-05-15 18:17 - 000038433 _____ () C:\Users\denis\AppData\Roaming\Comma Separated Values (Windows).ADR
2017-06-28 20:26 - 2022-11-09 14:19 - 001806004 _____ () C:\Users\denis\AppData\Local\BTServer.log
2022-02-15 14:09 - 2022-02-17 12:10 - 000004608 _____ () C:\Users\denis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-04 14:57 - 2022-11-04 09:23 - 000007598 _____ () C:\Users\denis\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-11-2022 01
Ran by denis (11-11-2022 14:02:50)
Running from C:\Users\denis\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2251 (X64) (2020-06-23 06:08:26)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-494053625-944044607-777972334-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-494053625-944044607-777972334-503 - Limited - Disabled)
denis (S-1-5-21-494053625-944044607-777972334-1001 - Administrator - Enabled) => C:\Users\denis
Guest (S-1-5-21-494053625-944044607-777972334-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-494053625-944044607-777972334-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3R 1.11 (HKLM-x32\...\3R) (Version: - )
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 22.003.20263 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Affinity Designer (HKLM\...\{ABC30ED4-8068-418D-8976-168C2206DB9B}) (Version: 1.10.5.1342 - Serif (Europe) Ltd)
Altus Metrum (HKLM\...\Altus Metrum) (Version: - )
Amazon Music (HKU\S-1-5-21-494053625-944044607-777972334-1001\...\Amazon Amazon Music) (Version: 7.10.0.2175 - Amazon.com Services LLC)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Barn Yarn Collector's Edition (HKLM-x32\...\WTA-c64db5cb-afdf-4e66-8241-983e2cade8be) (Version: 3.0.2.48 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CAMotics (HKLM-x32\...\CAMotics) (Version: 1.2.0 - Cauldron Development LLC)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.2.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon MG6600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6600_series) (Version: 1.01 - Canon Inc.)
Canon MG6600 series On-screen Manual (HKLM-x32\...\Canon MG6600 series On-screen Manual) (Version: 7.7.0 - Canon Inc.)
Canon MG6600 series User Registration (HKLM-x32\...\Canon MG6600 series User Registration) (Version: - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
CHIRP (HKLM-x32\...\CHIRP) (Version: - )
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CloneSpy 3.43 - 64 bit (HKLM\...\CloneSpy) (Version: 3.43 - The CloneSpy Team)
Cool Edit 2000 (HKLM-x32\...\Cool Edit 2000) (Version: - )
Core FTP LE (x64) (HKLM-x32\...\CoreFTP(x64)) (Version: - )
Corel PaintShop Pro X6 (HKLM-x32\...\_{166D1CB6-DD8A-40DD-9E25-4D31D2D6DE4D}) (Version: 16.2.0.20 - Corel Corporation)
CPS MD380 V1.34 (HKLM-x32\...\CPS MD380) (Version: - )
Cura 15.04.2 (HKLM-x32\...\Cura_15.04.2) (Version: - )
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.6.7428 - CyberLink Corp.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 161.4.4923 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.639.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Eraser (HKLM-x32\...\Eraser_is1) (Version: 5.7 - Heidi Computers Ltd)
Eraser 6.2.0.2979 (HKLM\...\{C5900DE9-D199-4C27-B692-354C9A6A6C8B}) (Version: 6.2.2979 - The Eraser Project)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 107.0.5304.107 - Google LLC)
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM\...\{7F27A5CB-3C0B-4104-B0C9-288038093F3A}) (Version: 5.3.21679 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{8F55398C-0F24-4950-8C7B-A0195469393C}) (Version: 5.3.21679 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{A12996E4-B1A8-49A9-A7E3-488C21268ED7}) (Version: 5.3.21679 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{A2707859-3D7E-460E-A19F-84128CA1B4B9}) (Version: 5.3.21679 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{31A8CE98-EB9B-497F-8C17-C7089D8B1639}) (Version: 5.3.21679 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{5f8ec28f-ae40-408e-b950-1da32237e007}) (Version: 5.3.21679 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{90F34553-7DC3-46D9-BE03-848E1FEBA0FE}) (Version: 5.3.21679 - HP Inc.) Hidden
HP JumpStart Apps (HKLM-x32\...\HP JumpStart Apps) (Version: 7.0.21 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{EB0912FF-C311-4E0F-A6B1-420FDD3C295E}) (Version: 1.3.0.407 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{81CA40FD-E11B-4DC1-AE33-A71EB044B8B7}) (Version: 1.1.275.0 - HP Inc.)
HP Orbit (HKLM\...\{1A083C69-5382-4CF9-8074-80EC050D9FC8}) (Version: 3.5.171.271 - HP) Hidden
HP Orbit (HKLM-x32\...\{82b971c1-85fa-4c53-ada1-4ec6be0c0c8a}) (Version: 3.5.171.271 - HP Inc.)
HP Orbit Service (HKLM\...\{B384505E-0FE1-4A0F-9E92-7C592276E0A4}) (Version: 2.5.171.271 - HP Inc) Hidden
HP Recovery Manager (HKLM-x32\...\{64BAA990-F1FC-4145-A7B1-E41FBBC9DA47}) (Version: 1.2.1510 - HP) Hidden
HP Support Solutions Framework (HKLM-x32\...\{00612F78-52C4-46C0-97F0-F50B6036B5E2}) (Version: 12.18.34.21 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.14 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
ICA (HKLM-x32\...\{166D1CB6-DD8A-40DD-9E25-4D31D2D6DE4D}) (Version: 16.2.0.20 - Corel Corporation) Hidden
IDrive version 6.7.4.30 (HKLM-x32\...\IDrive_is1) (Version: 6.7.4.30 - Pro Softnet Corp)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Chipset Device Software (HKLM\...\{81520FC5-3518-40E9-9803-70CE8A801D07}) (Version: 10.1.1.38 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11003.3588 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{7B3B60EB-197B-4B06-ADFF-D0B50E755D4F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{EC465D35-92DC-4DAE-9EA8-01215688F709}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Driver (HKLM\...\{E5B5A486-C7F5-429C-9324-13835620F2FD}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6518 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{3D1B38C3-4842-4214-96DF-BB04D52BEBEA}) (Version: 15.2.12.1048 - Intel Corporation) Hidden
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.12.1048 - Intel Corporation)
Intel® Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel® Hardware Accelerated Execution Manager (HKLM\...\{7280D90F-4532-4918-B38D-857C8CFD8416}) (Version: 7.2.0 - Intel Corporation)
IPM_PSP_COM64 (HKLM\...\{1678F86C-889D-4198-8249-F4625058256B}) (Version: 16.2.0.20 - Corel Corporation) Hidden
Java 7 Update 80 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417080FF}) (Version: 7.0.800 - Oracle)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java SE Development Kit 7 Update 80 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170800}) (Version: 1.7.0.800 - Oracle)
Letter Quest - Grimm's Journey (HKLM-x32\...\WTA-da3e6da8-d77a-4798-83a5-9ef517110324) (Version: 3.0.2.118 - WildTangent) Hidden
LibreOffice 5.2 Help Pack (English (United States)) (HKLM\...\{49883F71-1F6F-45DB-BCCF-18F5592A7FC8}) (Version: 5.2.7.2 - The Document Foundation)
LibreOffice 5.2.7.2 (HKLM\...\{42330F6C-6E8F-4E0A-8820-A7303D3C07FF}) (Version: 5.2.7.2 - The Document Foundation)
Malwarebytes version 4.5.5.175 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.5.175 - Malwarebytes)
MD_380 (HKLM-x32\...\{4C713380-72DC-4E5A-8493-ECE1488BFC09}) (Version: 1.0.0 - Tytera)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 107.0.1418.35 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.35 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Access MUI (English) 2007 (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (HKLM-x32\...\{90120000-0117-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (English) 2007 (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (HKLM-x32\...\{90120000-00BA-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (HKLM-x32\...\{90120000-0114-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2016 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 16.0.15726.20174 - Microsoft Corporation)
Microsoft Office InfoPath MUI (English) 2007 (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (HKLM-x32\...\{90120000-002C-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}) (Version: - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (HKLM\...\{90120000-002A-0409-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (HKLM\...\{90120000-0116-0409-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (HKLM-x32\...\{90120000-0115-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-494053625-944044607-777972334-1001\...\OneDriveSetup.exe) (Version: 22.217.1016.0002 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-494053625-944044607-777972334-1001\...\Teams) (Version: 1.5.00.21668 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{D3531D7A-B6FA-44A5-A024-E2A14F325F90}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{985F7F32-5BE4-4CDA-9582-F7AEA40D1974}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24212 (HKLM\...\{F20396E5-D84E-3505-A7A8-7358F0155F6C}) (Version: 14.0.24212 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24212 (HKLM\...\{FAAD7243-0141-3987-AA2F-E56B20F80E41}) (Version: 14.0.24212 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM-x32\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM-x32\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 106.0.5 (x64 en-US)) (Version: 106.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0 - Mozilla)
Mystika 2 (HKLM-x32\...\WTA-a183930f-d3cd-41b5-b410-1ca6450bc670) (Version: 1.1.2.4 - WildTangent) Hidden
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.9.5 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.15726.20096 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20096 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20096 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
OpenSCAD (remove only) (HKLM\...\OpenSCAD) (Version: 2019.05 - The OpenSCAD Developers)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
PaperScan 3 Free Edition (HKLM-x32\...\{3B058410-111D-4D6A-B9B0-F30A3303524C}) (Version: 3.0.127 - ORPALIS)
PSPPContent (HKLM-x32\...\{162BD2D6-6C63-41A7-8151-93188450D36A}) (Version: 16.2.0.20 - Corel Corporation) Hidden
PSPPHelp (HKLM-x32\...\{16346B2A-87BC-407C-9D6B-72A4D21ABF03}) (Version: 16.2.0.20 - Corel Corporation) Hidden
PSPPro64 (HKLM\...\{16582334-495C-4F1C-A66B-3BFD8866B674}) (Version: 16.2.0.20 - Corel Corporation) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.63 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31233 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.12.1007.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8940.1 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.85 - REALTEK Semiconductor Corp.)
Roblox Player for denis (HKU\S-1-5-21-494053625-944044607-777972334-1001\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for denis (HKU\S-1-5-21-494053625-944044607-777972334-1001\...\roblox-studio) (Version: - Roblox Corporation)
Runefall (HKLM-x32\...\WTA-96320672-4e4f-4126-9b31-af908ba78d22) (Version: 3.0.2.126 - WildTangent) Hidden
Setup (HKLM-x32\...\{16006EE1-DDB7-4E5F-8696-9FEF32C0151A}) (Version: 16.2.0.20 - Corel Corporation) Hidden
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version: - Silicon Laboratories)
Sparkle 2 (HKLM-x32\...\WTA-7e108e6d-e77e-42ec-b625-999ebc937f3a) (Version: 3.0.2.51 - WildTangent) Hidden
TeleGPS (HKLM\...\TeleGPS) (Version: - )
Ultimaker Cura 4.6 (HKLM-x32\...\Ultimaker Cura 4.6) (Version: 4.6.1 - Ultimaker B.V.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
V41 (HKLM-x32\...\V41) (Version: - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-3) (Version: 1.0.33.0 - LunarG, Inc.)
WD Desktop App 2.1.0.324 (HKLM-x32\...\{cb395f8f-3f97-4959-a1e8-e381a746d71b}) (Version: 2.1.0.324 - Western Digital Corporation) Hidden
WD Desktop App 2.1.0.324 (x64) (HKLM\...\{CA7F7232-526E-41BD-971A-47BE28C18516}) (Version: 2.1.0.324 - Western Digital Corporation) Hidden
WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 4.3.361 - Western Digital Technologies, Inc.)
WD SES Driver Setup (HKLM-x32\...\{924A274D-38B6-4930-8859-F3F51CFA8DDD}) (Version: 1.1.0.25 - Western Digital) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.0.28 - WildTangent)
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.1.1.14 - WildTangent) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22243 - Microsoft Corporation)
Windows Boot Genius (HKLM-x32\...\Windows Boot Genius) (Version: - Tenorshare, Inc.)
Windows Driver Package - Adafruit Industries LLC (usbser) Ports (02/25/2016 6.2.2600.0) (HKLM\...\1245A5961AC9D2C18ADF9EEC931D77E059B7F74E) (Version: 02/25/2016 6.2.2600.0 - Adafruit Industries LLC)
Windows Driver Package - Arduino LLC (www.arduino.cc) Arduino USB Driver (01/04/2013 1.0.0.0) (HKLM\...\1E3EA5624DD04BEFECF3FFF6D3A21CCE9CD70A91) (Version: 01/04/2013 1.0.0.0 - Arduino LLC (www.arduino.cc))
Windows Driver Package - Arduino LLC (www.arduino.cc) Arduino USB Driver (11/24/2015 1.2.3.0) (HKLM\...\8B585560B248755A6C5A24D5C0F50FA998310883) (Version: 11/24/2015 1.2.3.0 - Arduino LLC (www.arduino.cc))
Windows Driver Package - Arduino LLC (www.arduino.cc) Genuino USB Driver (01/07/2016 1.0.3.0) (HKLM\...\EC414D98E2986DCA1628FAED2163CD1C9A4ED7EC) (Version: 01/07/2016 1.0.3.0 - Arduino LLC (www.arduino.cc))
Windows Driver Package - Arduino Srl (www.arduino.org) Arduino USB Driver (03/19/2015 1.1.1.0) (HKLM\...\69E507459B453D69A453EFC9E461FAE1E073408A) (Version: 03/19/2015 1.1.1.0 - Arduino Srl (www.arduino.org))
Windows Driver Package - libusb-win32 (libusb0) libusb-win32 devices (04/21/2015 1.0.0.0) (HKLM\...\28E91B69CA377EB48D6E1B92C37F897036E8A818) (Version: 04/21/2015 1.0.0.0 - libusb-win32)
Windows Driver Package - Linino (usbser) Ports (01/13/2014 1.0.0.0) (HKLM\...\A2C084AD4515675961A87E71B10E80E4FDCF7FAA) (Version: 01/13/2014 1.0.0.0 - Linino)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
X-ACT 1.0.7 (HKLM-x32\...\{B056CE84-57AD-4630-9481-45E31E47C864}_is1) (Version: - Hawke Sport Optics)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
Zoom (HKU\S-1-5-21-494053625-944044607-777972334-1001\...\ZoomUMX) (Version: 5.8.7 (2058) - Zoom Video Communications, Inc.)
Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2020-03-22] (Amazon.com)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.283.0_x64__v10z8vjag6ke6 [2017-05-08] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.21.30.0_x64__v10z8vjag6ke6 [2022-11-03] (HP Inc.)
IrfanView64 -> C:\Program Files\WindowsApps\30067IrfanSkiljanIrfanVie.IrfanView64_4.6.0.0_x64__psgec73n2n7ne [2022-04-02] (Irfan Skiljan (IrfanView))
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-05-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-05-09] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-18] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-16] (Netflix, Inc.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-10] (Microsoft Corporation)
PhotoScape X -> C:\Program Files\WindowsApps\MooiiTech.PhotoScapeX_4.2.1.0_x64__f5eddttrpssna [2022-01-25] (Mooii Tech)
RAR Opener -> C:\Program Files\WindowsApps\DeviceDoctor.RAROpener_1.3.48.0_x64__mkdtfchztkfbm [2020-02-09] (Tiny Opener)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.14.0_x64__kx24dqmazqk8j [2022-10-22] (Random Salad Games LLC)
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-03-22] (Synaptics Incorporated)
TreeSize Free -> C:\Program Files\WindowsApps\JAMSoftware.TreeSizeFree_4.6.1.0_x64__37s2tpab2h9zg [2022-10-18] (JAM Software)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-11] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-494053625-944044607-777972334-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\denis\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22209.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-494053625-944044607-777972334-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\denis\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-494053625-944044607-777972334-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\denis\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-494053625-944044607-777972334-1001_Classes\CLSID\{88B20FC8-EBD6-4181-B5F6-50F45BFF722E}\InprocServer32 -> C:\Users\denis\AppData\Local\Microsoft\EdgeUpdate\1.3.167.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-494053625-944044607-777972334-1001_Classes\CLSID\{997809F3-33FD-4FD6-A2ED-CEF50F3263B1}\InprocServer32 -> C:\Users\denis\AppData\Local\Microsoft\EdgeUpdate\1.3.169.31\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-494053625-944044607-777972334-1001_Classes\CLSID\{ABF66F82-B04C-4FE4-8272-661539463FE1}\InprocServer32 -> C:\Users\denis\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-494053625-944044607-777972334-1001_Classes\CLSID\{BFBE0943-74C5-40E0-9E80-0B808109E95D}\InprocServer32 -> C:\Users\denis\AppData\Local\Microsoft\EdgeUpdate\1.3.163.19\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-494053625-944044607-777972334-1001_Classes\CLSID\{D1CE12B0-2529-4B24-BE8E-189735EA0DC1}\InprocServer32 -> C:\Users\denis\AppData\Local\Microsoft\EdgeUpdate\1.3.165.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-494053625-944044607-777972334-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\denis\Dropbox [2017-07-08 16:53]
SSODL: WDFSMountNotificator-wdfsconnect2017 - {F5E5B5FD-E183-462F-9F00-3B1C16A01CE6} - C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
SSODL-x32: WDFSMountNotificator-wdfsconnect2017 - {F5E5B5FD-E183-462F-9F00-3B1C16A01CE6} - C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects: Virtual Storage Mount Notification -> {F5E5B5FD-E183-462F-9F00-3B1C16A01CE6} => C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {F5E5B5FD-E183-462F-9F00-3B1C16A01CE6} => C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay01] -> {4F8A325E-9DAF-44B8-A825-1A14DFA0FA78} => C:\Program Files\WD Desktop App\kda.DLL [2021-11-25] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay02] -> {0176BDDE-B59A-4A1E-808B-CAD461415CCA} => C:\Program Files\WD Desktop App\kda.DLL [2021-11-25] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay03] -> {B65909D1-57AF-41F5-AB94-BEB733F62B35} => C:\Program Files\WD Desktop App\kda.DLL [2021-11-25] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay04] -> {C6C2397D-8238-4332-8935-86C39C7C165F} => C:\Program Files\WD Desktop App\kda.DLL [2021-11-25] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay05] -> {E7B3BCF9-0386-4B5F-AE6A-91B9F1423973} => C:\Program Files\WD Desktop App\kda.DLL [2021-11-25] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay06] -> {564EA121-D9DA-485D-82C2-C2ED7BFCCEAD} => C:\Program Files\WD Desktop App\kda.DLL [2021-11-25] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ 0001IDSIcon1] -> {0FA6DCC0-CF0B-427D-A8AF-97C466AB5769} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2022-11-03] (Pro-Softnet Corporation, U.S.A) [File not signed]
ShellIconOverlayIdentifiers: [ 0001IDSIcon2] -> {66357BBE-D2E5-453C-95FF-8102EB32419D} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2022-11-03] (Pro-Softnet Corporation, U.S.A) [File not signed]
ShellIconOverlayIdentifiers: [ 0001IDSIcon3] -> {904E6336-8B13-43FA-B4C3-5B62C1C91971} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2022-11-03] (Pro-Softnet Corporation, U.S.A) [File not signed]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2021-03-21] (Notepad++ -> )
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2016-08-28] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers1-x32: [Erasext] -> {8BE13461-936F-11D1-A87D-444553540000} => C:\Program Files (x86)\Eraser\erasext.dll [2003-07-25] (-) [File not signed]
ContextMenuHandlers1: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2022-11-03] () [File not signed]
ContextMenuHandlers1: [WDDesktopContextMenu] -> {6bb2ba55-fdbb-3249-9bb5-65f3603e8826} => C:\Program Files\WD Desktop App\kda.DLL [2021-11-25] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers2: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2016-08-28] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers2-x32: [Erasext] -> {8BE13461-936F-11D1-A87D-444553540000} => C:\Program Files (x86)\Eraser\erasext.dll [2003-07-25] (-) [File not signed]
ContextMenuHandlers2: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2022-11-03] () [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2016-08-28] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers4: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2022-11-03] () [File not signed]
ContextMenuHandlers4: [WDDesktopContextMenu] -> {6bb2ba55-fdbb-3249-9bb5-65f3603e8826} => C:\Program Files\WD Desktop App\kda.DLL [2021-11-25] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.56.0.dll [2022-10-28] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2016-08-28] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki135422.inf_amd64_819df826076efbf4\igfxDTCM.dll [2020-03-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2016-08-28] (Heidi Computers Ltd -> The Eraser Project)
ContextMenuHandlers6-x32: [Erasext] -> {8BE13461-936F-11D1-A87D-444553540000} => C:\Program Files (x86)\Eraser\erasext.dll [2003-07-25] (-) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\denis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Denis - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Priceline.com.lnk -> C:\Program Files (x86)\HP\Shared\WizLink.exe () -> hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=priceline&refclickid=square
==================== Loaded Modules (Whitelisted) =============
2022-11-07 19:53 - 2022-11-03 19:44 - 005034496 _____ () [File not signed] C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll
2022-11-07 19:53 - 2022-11-03 19:44 - 000834048 _____ () [File not signed] C:\Program Files (x86)\IDriveWindows\sqlite3.dll
2022-07-21 19:07 - 2022-07-21 19:07 - 001987072 _____ () [File not signed] C:\Program Files (x86)\Western Digital\Discovery\Current\ffmpeg.dll
2022-07-21 19:07 - 2022-07-21 19:07 - 000117248 _____ () [File not signed] C:\Program Files (x86)\Western Digital\Discovery\Current\swiftshader\libegl.dll
2022-07-21 19:07 - 2022-07-21 19:07 - 002250240 _____ () [File not signed] C:\Program Files (x86)\Western Digital\Discovery\Current\swiftshader\libglesv2.dll
2021-11-25 23:42 - 2021-11-25 23:42 - 002637985 _____ () [File not signed] C:\Program Files\WD Desktop App\libfusewdfs.dll
2022-06-15 01:31 - 2022-06-15 01:31 - 000138240 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\4a3769626565d5b38994a350ecd077f7\Interop.IWshRuntimeLibrary.ni.dll
2011-08-30 07:06 - 2011-08-30 07:06 - 000267776 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNBLM4.DLL
2018-02-17 17:51 - 2014-03-17 19:15 - 000375296 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2017-07-02 13:57 - 2011-08-30 07:06 - 000084992 _____ (CANON INC.) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\CNBPP4.DLL
2020-04-28 21:49 - 2020-04-28 21:49 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2020-04-28 21:49 - 2020-04-28 21:49 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
2022-11-07 19:53 - 2022-11-03 19:44 - 000874496 _____ (Pro-Softnet Corporation, U.S.A) [File not signed] C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\denis\AppData\Local\Temp:com.affinity.designer.2 [241]
AlternateDataStreams: C:\Users\denis\AppData\Local\Temp:com.affinity.designer.3 [197]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-494053625-944044607-777972334-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-494053625-944044607-777972334-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {664295F1-A09B-466C-A40D-D641873C224B} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {664295F1-A09B-466C-A40D-D641873C224B} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-494053625-944044607-777972334-1001 -> {664295F1-A09B-466C-A40D-D641873C224B} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-494053625-944044607-777972334-1001 -> {EF609A17-34F2-4B38-AECB-3E4CAB88E33E} URL = hxxps://search.yahoo.com/search?p={searchTerms}&intl=us&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2018-06-20] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2018-06-20] (Oracle America, Inc. -> Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-10-26] (HP Inc. -> HP Inc.)
BHO: No Name -> {F5E5B5FD-E183-462F-9F00-3B1C16A01CE6}' -> No File
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-08-07] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-07] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-10-26] (HP Inc. -> HP Inc.)
BHO-x32: No Name -> {F5E5B5FD-E183-462F-9F00-3B1C16A01CE6}' -> No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKU\S-1-5-21-494053625-944044607-777972334-1001 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 05:47 - 2016-07-16 05:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2020-08-07 19:40 - 2022-07-13 19:05 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-494053625-944044607-777972334-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\denis\Pictures\Saved Pictures\Fotolia_35802773_Subscription_XXL.jpg
DNS Servers: 192.168.1.1 - 68.105.28.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "Dropbox"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{22DE5894-CE08-4C94-8A25-7B2BF887119D}] => (Block) C:\program files\ultimaker cura 4.6\cura.exe () [File not signed]
FirewallRules: [{8BF7AD53-DC33-43B2-81BF-AEDB9E10B2F1}] => (Block) C:\program files\ultimaker cura 4.6\cura.exe () [File not signed]
FirewallRules: [UDP Query User{90B629F9-2DBA-4368-98BD-4A93E6BB9C8F}C:\program files\ultimaker cura 4.6\cura.exe] => (Allow) C:\program files\ultimaker cura 4.6\cura.exe () [File not signed]
FirewallRules: [TCP Query User{62301034-DB52-4EB1-BD0C-2121D259EF6E}C:\program files\ultimaker cura 4.6\cura.exe] => (Allow) C:\program files\ultimaker cura 4.6\cura.exe () [File not signed]
FirewallRules: [UDP Query User{CC3BA2F7-E03C-4B1C-8B21-22F40896D870}C:\program files\ultimaker cura 3.2\cura.exe] => (Block) C:\program files\ultimaker cura 3.2\cura.exe => No File
FirewallRules: [TCP Query User{ECD82258-1C6F-4EFD-90E3-99246E24C7E6}C:\program files\ultimaker cura 3.2\cura.exe] => (Block) C:\program files\ultimaker cura 3.2\cura.exe => No File
FirewallRules: [{5264B468-8732-46A5-896A-2537BE3D8FFD}] => (Allow) C:\Users\denis\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{12BEF7EB-E082-4D14-A547-A368BEA0DBA5}] => (Allow) C:\Users\denis\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{744C6240-3358-4B11-B33F-A902A312BDD9}C:\program files (x86)\idrivewindows\id_win.exe] => (Allow) C:\program files (x86)\idrivewindows\id_win.exe (IDrive, Inc. -> Prosoftnet)
FirewallRules: [TCP Query User{0D69ACFA-5319-4B36-A6EE-4E8E39546420}C:\program files (x86)\idrivewindows\id_win.exe] => (Allow) C:\program files (x86)\idrivewindows\id_win.exe (IDrive, Inc. -> Prosoftnet)
FirewallRules: [{0ECE2B79-8675-4D55-A111-487B6E868A0D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{626EB15E-34DB-4DA9-BABF-92C278C39106}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe => No File
FirewallRules: [{0D55D0E6-3D54-4ACC-A700-E993F6164234}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe => No File
FirewallRules: [{9028D7E6-C4D9-430C-A363-5734E7DE7C6D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{47AE9131-5909-49EA-B630-22158BC3B70B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3A217D03-54B7-405C-8ACB-4733679EA5AC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{130B899A-9F04-42A7-85C1-72878B0C09CF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7782187F-6D4F-4761-9CC0-24EC6BC68293}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{37C7F0F2-0E83-444F-9EBE-290828822AC9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E55E33A9-6EAD-436F-80B8-86A15515C265}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{353D5192-C590-4197-9136-B6800B02FED6}] => (Allow) C:\Users\denis\AppData\Local\Temp\7zS545B\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{E599C7F0-941F-47AC-8D76-AC9B0B09C175}] => (Allow) C:\Users\denis\AppData\Local\Temp\7zS545B\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{34848D91-DA97-4791-BD00-9C22E336ACC1}] => (Allow) C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe (HP Inc. -> HP Inc.)
FirewallRules: [{96C4176B-C0CC-4B54-A548-9962BBB889DF}] => (Allow) LPort=13148
FirewallRules: [TCP Query User{78BBD8A9-D227-423B-85FA-6D548318D441}C:\users\denis\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\denis\appdata\local\amazon music\amazon music helper.exe (Amazon Services LLC -> Amazon.com Services LLC)
FirewallRules: [UDP Query User{E017BD9E-43D5-4EC2-AF43-1FCE9CF401A8}C:\users\denis\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\denis\appdata\local\amazon music\amazon music helper.exe (Amazon Services LLC -> Amazon.com Services LLC)
FirewallRules: [TCP Query User{2B9A940C-AD61-4544-AF31-FC9A084E3CE8}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe
FirewallRules: [UDP Query User{268E7DFC-589D-4B7D-8FFB-591998407962}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe
FirewallRules: [TCP Query User{A9C1CE6E-A79E-4105-857A-06B35142CDE8}C:\users\denis\appdata\local\amazon music\amazon music helper.exe] => (Block) C:\users\denis\appdata\local\amazon music\amazon music helper.exe (Amazon Services LLC -> Amazon.com Services LLC)
FirewallRules: [UDP Query User{0398E706-7CFC-421A-A772-0C6CE24E067B}C:\users\denis\appdata\local\amazon music\amazon music helper.exe] => (Block) C:\users\denis\appdata\local\amazon music\amazon music helper.exe (Amazon Services LLC -> Amazon.com Services LLC)
FirewallRules: [TCP Query User{3D051897-044D-4736-9BD6-E5771BA40C19}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe
FirewallRules: [UDP Query User{2F98580E-77DD-43AC-905C-79CC3C54629C}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe
FirewallRules: [TCP Query User{5857458E-217A-45D2-A69A-E7FB5A63E162}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe (Google Inc -> JetBrains s.r.o.)
FirewallRules: [UDP Query User{C23FFDC3-4B96-4359-B85E-5FF8AE084CD3}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe (Google Inc -> JetBrains s.r.o.)
FirewallRules: [TCP Query User{25AC2617-0345-4617-A7A6-F362A116B304}C:\program files\ultimaker cura 3.2\cura.exe] => (Allow) C:\program files\ultimaker cura 3.2\cura.exe => No File
FirewallRules: [UDP Query User{8FFCA906-381A-4A34-BC60-356E2913B480}C:\program files\ultimaker cura 3.2\cura.exe] => (Allow) C:\program files\ultimaker cura 3.2\cura.exe => No File
FirewallRules: [{70E6CF18-DB85-4E33-B8F0-BDB4503FC8EB}] => (Allow) C:\Users\denis\AppData\Roaming\supportdotcom\logs\uploader\upl_2_15836_20200829_131627\ssupload.exe (Support.com, Inc. -> Support.com, Inc.)
FirewallRules: [{21640DA0-0763-4E66-B8BE-F1BCACB58687}] => (Allow) C:\Users\denis\AppData\Roaming\supportdotcom\logs\uploader\upl_2_15836_20200829_131627\ssupload.exe (Support.com, Inc. -> Support.com, Inc.)
FirewallRules: [TCP Query User{4D684D38-D0CF-4C61-A5B8-0EFE50ED8286}C:\program files (x86)\idrivewindows\id_win.exe] => (Allow) C:\program files (x86)\idrivewindows\id_win.exe (IDrive, Inc. -> Prosoftnet)
FirewallRules: [UDP Query User{7AF28264-C29B-4525-911E-1C3969A22F10}C:\program files (x86)\idrivewindows\id_win.exe] => (Allow) C:\program files (x86)\idrivewindows\id_win.exe (IDrive, Inc. -> Prosoftnet)
FirewallRules: [{9FF5FB94-8C22-4581-912D-5EF764410D5C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4B061233-8368-4759-ACCA-73621DDFB1D2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3B480463-9AC8-4477-83A9-A0527EEE9284}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FC3E914E-C3B5-4654-B2BB-BA1E4A96A870}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5FA2CDDE-888C-461C-94A3-0E4A3EBEB885}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.35\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{88DAE8A5-67F5-4393-ACE2-61AE7D6F3692}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{80E8DF9C-693F-4652-A4F1-BB670F1BC887}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
==================== Restore Points =========================
29-10-2022 01:00:46 Scheduled Checkpoint
06-11-2022 19:12:20 Windows Modules Installer
08-11-2022 14:18:35 Windows Modules Installer
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/10/2022 10:12:49 PM) (Source: MsiInstaller) (EventID: 1013) (User: NT AUTHORITY)
Description: Product: HP Support Solutions Framework -- This application could not be uninstalled, because HP Support Assistant requires it.
Error: (11/10/2022 10:12:47 PM) (Source: MsiInstaller) (EventID: 1013) (User: DENIS-HPLAPTOP)
Description: Product: HP Support Solutions Framework -- This application could not be uninstalled, because HP Support Assistant requires it.
Error: (11/10/2022 08:05:06 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
Error: (11/10/2022 08:05:06 PM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
Error: (11/09/2022 05:52:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Denis-HPLaptop.local already in use; will try Denis-HPLaptop-2.local instead
Error: (11/09/2022 05:52:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Denis-HPLaptop.local. Addr 192.168.0.182
Error: (11/09/2022 05:52:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.182:5353 16 Denis-HPLaptop.local. AAAA 2600:8804:0400:5200:3040:85D6:999D:7F6F
Error: (11/09/2022 05:52:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 Denis-HPLaptop.local. AAAA FE80:0000:0000:0000:E153:D87E:5556:4770
System errors:
=============
Error: (11/09/2022 02:51:40 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.
Error: (11/08/2022 05:55:34 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Update Orchestrator Service service hung on starting.
Error: (11/08/2022 05:53:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Touchpoint Analytics service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (11/08/2022 05:53:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the HP Touchpoint Analytics service to connect.
Error: (11/08/2022 05:52:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Solutions Framework Service service failed to start due to the following error:
The system cannot find the file specified.
Error: (11/08/2022 05:49:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The XTU3SERVICE service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (11/08/2022 05:49:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the XTU3SERVICE service to connect.
Error: (11/08/2022 05:49:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LMS service failed to start due to the following error:
The system cannot find the file specified.
Windows Defender:
================
Date: 2022-11-08 17:43:46
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-11-06 07:15:58
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-11-04 07:58:09
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-11-03 07:58:09
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2022-11-02 08:11:19
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===============
Date: 2022-11-11 13:28:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.
Date: 2022-11-11 13:28:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.
Date: 2022-11-11 09:25:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\ki135422.inf_amd64_819df826076efbf4\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-11-10 18:12:03
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-11-10 10:35:20
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\ki135422.inf_amd64_819df826076efbf4\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Insyde F.32 11/23/2017
Motherboard: HP 832A
Processor: Intel® Core i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 64%
Total physical RAM: 8106.97 MB
Available physical RAM: 2846.42 MB
Total Virtual: 16042.97 MB
Available Virtual: 9051.84 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:918.31 GB) (Free:491.1 GB) (Model: TOSHIBA MQ01ABD100) NTFS
Drive d: (RECOVERY) (Fixed) (Total:11.97 GB) (Free:1.26 GB) (Model: TOSHIBA MQ01ABD100) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (Elements) (Fixed) (Total:3725.99 GB) (Free:2232.16 GB) (Model: WD Elements 25A3 USB Device) NTFS
Drive g: (G_Armor) (Fixed) (Total:1862.79 GB) (Free:1523.79 GB) (Model: G-TECH ArmorATD SCSI Disk Device) NTFS
\\?\Volume{3ab3dff5-dd2f-45d6-8f82-5c1b9b5164f3}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.31 GB) NTFS
\\?\Volume{00da5ea8-bf90-4df0-9982-eb43101380d7}\ () (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32
\\?\Volume{05e2113c-633a-4925-bbb5-67caa08c354b}\ (EFI) (Fixed) (Total:0.19 GB) (Free:0.19 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1D6D7475)
Partition: GPT.
==========================================================
Disk: 1 (Size: 3726 GB) (Disk ID: 16F2A91F)
Partition: GPT.
==========================================================
Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================