This topic is locked
Ive been using Avast and Malwarebytes free versions. My step daugher has a local login on this machine, and I am suspicious that she is accessing my data without permission, remotely. Sometimes when I goto task manager her User is listed under users even when she isnot logged into the local machine, I see HD Image files and all types of wierd random HDR files continuing to pile up on my C:\ drive. Sometimes in some folders in advanced sharing i see her user listed and sometimes i dont. I am currently in a custody battle and need to preserve any type of evidence of the type before I remove her as a user completely. Also, I can not make heads or tails of some of the Firewall rules in Avast but there is just a lot of suspicious looking rules that come and go, a lot of Remote ports etc.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2023
Ran by bigpi (administrator) on INSPIRON5675 (Dell Inc. Inspiron 5675) (11-10-2023 11:47:54)
Running from C:\Users\bigpi\OneDrive\Desktop\FRST64.exe
Loaded Profiles: bigpi & SQLTELEMETRY$SQLEXPRESS & lkClassAds & LansweeperLocalDbService
Platform: Microsoft Windows 10 Home Version 22H2 19045.3448 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe <6>
(5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\Lansweeper\IISexpress\IISexpressSVC.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\IIS Express\iisexpress.exe
(C:\Program Files (x86)\Lansweeper\Service\LansweeperLocalDBService.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\120\LocalDB\Binn\sqlservr.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngineProcess.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserProcess.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\AnalyticsSubAgent\Dell.TechHub.Analytics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Oculus VR, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe
(C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe ->) (Oculus VR, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Microsoft Corporation) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\WebView2\msedgewebview2.exe <6>
(DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <11>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\atiesrxx.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\11.0.0.4854\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Inc -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Lansweeper -> Lansweeper) C:\Program Files (x86)\Lansweeper\IISexpress\IISexpressSVC.exe
(services.exe ->) (Lansweeper -> Lansweeper) C:\Program Files (x86)\Lansweeper\Service\LansweeperLocalDBService.exe
(services.exe ->) (Lansweeper -> Lansweeper) C:\Program Files (x86)\Lansweeper\Service\LansweeperService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS\MSSQL\Binn\sqlceip.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe
(services.exe ->) (National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
(services.exe ->) (National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe
(services.exe ->) (National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe
(services.exe ->) (National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe
(services.exe ->) (National Instruments Corporation -> National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
(services.exe ->) (National Instruments Corporation -> National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
(services.exe ->) (National Instruments Corporation -> National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe
(services.exe ->) (Novawave Inc. -> Novawave Inc.) C:\Program Files\Novawave\Novabench\NovabenchService.exe
(services.exe ->) (Oculus VR, LLC -> Facebook Technologies, LLC) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe
(services.exe ->) (Qualcomm Atheros, Inc. -> ) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple, Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21580.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21580.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21580.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21580.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics) C:\ProgramData\Samsung Apps\Portable SSD\SamsungPortableSSDMon.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9229280 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1488360 2017-05-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [976768 2017-05-08] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [255896 2023-10-02] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Autodesk Access] => C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessCore.exe [18088224 2023-05-02] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [707256 2021-12-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\Program Files\Autodesk\Genuine Service\GenuineService.exe [3522568 2023-07-12] (Autodesk, Inc. -> Autodesk)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\82.0.1.0\GoogleDriveFS.exe [55189280 2023-10-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\82.0.1.0\GoogleDriveFS.exe [55189280 2023-10-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\82.0.1.0\GoogleDriveFS.exe [55189280 2023-10-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\Run: [Amazon Music Helper] => C:\Users\bigpi\AppData\Local\Amazon Music\Amazon Music Helper.exe [2107496 2023-03-01] (Amazon.com Services LLC -> Amazon.com Services LLC)
HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\Run: [BingWallpaperApp] => C:\Users\bigpi\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe [13871496 2021-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\Run: [Discord] => C:\Users\bigpi\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\Run: [Microsoft Edge Update] => C:\Users\bigpi\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\MicrosoftEdgeUpdateCore.exe [263648 2023-07-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\Run: [CCleaner Smart Cleaning] => E:\Program Files\CCleaner\CCleaner64.exe [42614688 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\Run: [com.messenger] => "C:\Users\bigpi\AppData\Local\Programs\Messenger\Messenger.exe" messenger://openAtLogin (No File)
HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4362600 2023-03-24] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\Run: [MicrosoftEdgeAutoLaunch_6B58C3D663674197AE43E9259022AA77] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4210232 2023-10-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2588080 2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1090168 2023-05-29] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2083831119-876286344-1281516711-1005\...\Run: [DisplayFusion] => "C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe" (No File)
HKU\S-1-5-21-2083831119-876286344-1281516711-1005\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\82.0.1.0\GoogleDriveFS.exe [55189280 2023-10-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2083831119-876286344-1281516711-1005\...\Run: [f.lux] => C:\Users\chad\AppData\Local\FluxSoftware\Flux\flux.exe [1515848 2021-06-17] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-2083831119-876286344-1281516711-1005\...\Run: [AvastBrowserAutoLaunch_263E11DAE81F3F61C1149A7CD72A4496] => "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --auto-launch-at-startup --profile-directory="Default" (No File)
HKU\S-1-5-21-2083831119-876286344-1281516711-1005\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2588080 2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2083831119-876286344-1281516711-1010\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\82.0.1.0\GoogleDriveFS.exe [55189280 2023-10-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2083831119-876286344-1281516711-1010\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2588080 2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2083831119-876286344-1281516711-1010\...\Run: [MicrosoftEdgeAutoLaunch_9B89776771334840647D0B05B635C26A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4210232 2023-10-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2083831119-876286344-1281516711-1017\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2588080 2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2083831119-876286344-1281516711-1017\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\82.0.1.0\GoogleDriveFS.exe [55189280 2023-10-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2083831119-876286344-1281516711-1017\...\Run: [MicrosoftEdgeAutoLaunch_A61A275ED7207983D2249A971FAE9155] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4210232 2023-10-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2083831119-876286344-1281516711-1017\...\RunOnce: [Application Restart #0] => PackagedCWALauncher.exe Microsoft.YourPhone_8wekyb3d8bbwe!App "PhoneExperienceHost.exe" -Background (No File)
HKU\S-1-5-21-2083831119-876286344-1281516711-1017\...\RunOnce: [Application Restart #1] => C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe [26575864 2021-12-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-2083831119-876286344-1281516711-1017\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2588080 2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\82.0.1.0\GoogleDriveFS.exe [55189280 2023-10-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2588080 2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-80-2318606733-4105731500-2265514868-2382646068-3090068018\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\82.0.1.0\GoogleDriveFS.exe [55189280 2023-10-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-80-3871198407-3985681096-187537395-327373503-1498934226\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\82.0.1.0\GoogleDriveFS.exe [55189280 2023-10-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-80-3871198407-3985681096-187537395-327373503-1498934226\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2588080 2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\82.0.1.0\GoogleDriveFS.exe [55189280 2023-10-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Windows x64\Print Processors\Canon TR4500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDEU.DLL [482816 2018-03-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\hpcpp155: C:\Windows\System32\spool\prtprocs\x64\hpcpp155.DLL [596256 2013-08-21] (Hewlett-Packard Company -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor TR4500 series: C:\Windows\system32\CNCALEU.DLL [254464 2018-03-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TR4500 series: C:\Windows\system32\CNMLMEU.DLL [1303040 2018-03-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP BF11 Status Monitor: C:\Windows\system32\hpinkstsBF11LM.dll [336416 2013-09-09] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb] -> IIS Express Application Compatibility Database for x64
HKLM\Software\...\AppCompatFlags\Custom\iisexpress.exe: [{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb] -> IIS Express Application Compatibility Database for x86
HKLM\Software\...\AppCompatFlags\InstalledSDB\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb [2012-05-29]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb [2012-05-29]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\117.0.5938.150\Installer\chrmstp.exe [2023-10-05] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NI Error Reporting.lnk [2022-02-22]
ShortcutTarget: NI Error Reporting.lnk -> C:\Program Files (x86)\National Instruments\Shared\NI Error Reporting\nierserver.exe (National Instruments Corporation -> National Instruments Corporation)
Startup: C:\Users\bigpi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2023-07-30]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05FD2A59-6CD5-4C22-BC62-7AA9F8E8E276} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-08-02] (Adobe Inc. -> Adobe Inc.)
Task: {7819DA9B-97B3-485F-85D9-10BCAC0802D7} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-12-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {349EC922-C454-414E-8E43-954E66410940} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-12-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {93058F83-2EA9-4245-A320-9DE88FF7F966} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [358912 2021-12-01] (Advanced Micro Devices, Inc.) [File not signed]
Task: {5C46A0C8-2C81-4418-96C0-38FBCA48131B} - System32\Tasks\Apple Diagnostics => C:\Users\bigpi\AppData\Local\Microsoft\WindowsApps\eReporter-AppX.exe [0 2023-07-20] () [symlink -> ]
Task: {91BB412A-47EF-405F-99BB-BA9AE76C77DA} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5135256 2023-10-02] (Avast Software s.r.o. -> AVAST Software)
Task: {15FDA117-0F98-442D-BB63-5F0BEF2569B5} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-01] (Avast Software s.r.o. -> Avast Software)
Task: {8023F86F-7FE2-4145-9249-15423CD8D14E} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [274912 2022-12-15] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {C3C51C15-8BC8-4D77-A9A8-AEF4BC4F01F8} - System32\Tasks\CCleaner Update => E:\Program Files\CCleaner\CCUpdate.exe [714256 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {A61C881F-F572-44BA-AACE-655AD09890B1} - System32\Tasks\CCleanerCrashReporting => E:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "E:\Program Files\CCleaner\LOG" --programpath "E:\Program Files\CCleaner" --configpath "E:\Program Files\CCleaner\Setup" --guid "b030ec72-991f-447e-8bfa-1790c8269591" --version "6.16.10662" --silent
Task: {2886698C-513B-4C92-8920-A8B09433EFAE} - System32\Tasks\CCleanerSkipUAC - bigpi => E:\Program Files\CCleaner\CCleaner.exe [35675552 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {58AEBFDF-0855-4725-98E8-9CFB57A2EFAB} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\SupportAssistInstaller.exe [738144 2023-04-07] (Dell Inc -> Dell Inc.)
Task: {618195E8-544C-47B9-A93A-B64B125DF144} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-07] (Google LLC -> Google LLC)
Task: {E37964B3-7829-40FB-AB1E-9A49EA14D01D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-07] (Google LLC -> Google LLC)
Task: {BF6B868C-05BE-43AE-A6DD-C79AC3B90E7E} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [60368 2023-09-16] (HP Inc. -> HP Inc.)
Task: {0B64F2B3-59E8-4D26-A749-AD435D6DE7B9} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [60368 2023-09-16] (HP Inc. -> HP Inc.)
Task: {7B3698E1-91E1-44C3-B545-3BE91FA7CB13} - System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-2083831119-876286344-1281516711-1001 => C:\Users\bigpi\AppData\Local\Programs\Messenger\MessengerHelper.exe [2034936 2022-11-03] (Facebook, Inc. -> Meta Platforms, Inc.)
Task: {BE4B8148-6F59-48AD-83A9-64BA76F86141} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26974216 2023-09-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {11CFB9D5-49AE-4F88-9CA2-64C7BCDEED01} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26974216 2023-09-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {5D9436A3-5CB2-4ACC-B567-655D43285E44} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160920 2023-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {6010CF14-8ACE-4C3C-A67D-CBEB4ED8D7AC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160920 2023-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {8E5DFFA0-1888-4A67-80E5-2C5927DB14D9} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169136 2023-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {FAD57F7B-5C08-4447-8FE6-A55941381058} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [988360 2023-10-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {AD320B48-5530-49F1-9EB9-563C011B6876} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {92AA9E21-60B6-4B86-981F-03290C39DBBD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {65F39F04-839F-40C8-9234-963028762CAC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2B4CB5E2-6583-44C9-841D-7FD35BF8978B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {71ACD827-DA7A-48A1-8DB3-8375B10AAB47} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2083831119-876286344-1281516711-1001Core => C:\Users\bigpi\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [214952 2022-01-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {616BCA7D-EC2A-4069-8403-E16CAF2067A7} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2083831119-876286344-1281516711-1001UA => C:\Users\bigpi\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [214952 2022-01-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {556835BC-0BA2-427F-8885-1B38EB919EF8} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2021-12-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {07D1CB78-E750-4F01-9B2B-719B007D22EF} - System32\Tasks\NIUpdateServiceCheckTask => C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [875400 2019-03-05] (National Instruments Corporation -> National Instruments Corporation)
Task: {77B29CC9-5B4E-4AEB-A5F1-F7DEAAB70B12} - System32\Tasks\NIUpdateServiceRetryCheckTask => C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [875400 2019-03-05] (National Instruments Corporation -> National Instruments Corporation)
Task: {51ECB023-AE32-49FE-A769-A770DD49B9ED} - System32\Tasks\NIUpdateServiceStartupTask => C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe [875400 2019-03-05] (National Instruments Corporation -> National Instruments Corporation)
Task: {479D9D6F-9A80-4409-B647-08E492EEEB1D} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [1145 2021-03-24] () [File not signed]
Task: {D749C121-A3CC-4B55-9F2A-A212E95509E2} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {AAAE8680-1428-40A9-A8BC-A0EA60957768} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2083831119-876286344-1281516711-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {962E3E98-B62E-4AF8-B6EF-B209002B9796} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2083831119-876286344-1281516711-1005 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {56F3C705-54FF-4EEE-90D6-142373FC7FEB} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2083831119-876286344-1281516711-1010 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {827EAEA5-501D-4B85-888F-C529EA90A3E2} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2083831119-876286344-1281516711-1017 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {2E2CE70F-A74B-44FB-9EC5-693013F8FE85} - System32\Tasks\Samsung_PSSD_Registration => C:\ProgramData\Samsung Apps\Portable SSD\SamsungPortableSSDMon.exe [499184 2022-05-01] (Samsung Electronics Co., Ltd. -> Samsung Electronics)
Task: {532D7346-401C-4EB7-A6B3-BD8FF9620A5E} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [55288 2021-12-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {27E12D1A-AD08-48C3-8E98-AB1CB2F3E3A3} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [260600 2021-12-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => E:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [35448 2017-03-08] (National Instruments Corporation -> National Instruments Corporation)
Winsock: Catalog5-x64 08 C:\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll [38520 2017-03-08] (National Instruments Corporation -> National Instruments Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{2db598d6-8f68-416f-8a26-682ee917888a}: [DhcpNameServer] 10.201.170.6
Tcpip\..\Interfaces\{3b4ebe04-032d-4d23-8249-8bd25fa599a3}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{47856511-fb31-49c1-82d8-a06500ae79ad}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{9a57a3d0-f0ac-472f-8468-336fdb8e4c07}: [DhcpNameServer] 10.201.170.6
Tcpip\..\Interfaces\{d736b3ab-966b-46e9-9a5a-1af6c60d3bbe}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\bigpi\AppData\Local\Microsoft\Edge\User Data\Default [2023-10-10]
Edge Extension: (Google Docs Offline) - C:\Users\bigpi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-18]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\bigpi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-10-10]
Edge Extension: (Edge relevant text changes) - C:\Users\bigpi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-16]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-02-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-02-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-09-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-10-04] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\bigpi\AppData\Local\Google\Chrome\User Data\Default [2023-10-11]
CHR DownloadDir: C:\Users\bigpi\OneDrive\Desktop
CHR Notifications: Default -> hxxps://app.1law.com; hxxps://app.urable.com; hxxps://community.element14.com; hxxps://learning.edx.org; hxxps://mail.google.com; hxxps://support.cloud.google.com; hxxps://voice.google.com; hxxps://www.lawinfopedia.com; hxxps://www.samsung.com
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Torrent Scanner) - C:\Users\bigpi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2023-03-21]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\bigpi\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-10-03]
CHR Extension: (Google Docs Offline) - C:\Users\bigpi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-07]
CHR Extension: (AccelaReader) - C:\Users\bigpi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfbaenjmkakiipopnfaingjgcbdinkoi [2020-12-07]
CHR Extension: (AirDroid) - C:\Users\bigpi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgndiocipalkpejnpafdbdlfdjihomd [2020-12-07]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\bigpi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-10-08]
CHR Extension: (Chrome Remote Desktop) - C:\Users\bigpi\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2022-12-18]
CHR Extension: (ClassLink OneClick Extension) - C:\Users\bigpi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgfbgkjjlonelmpenhpfeeljjlcgnkpe [2022-12-18]
CHR Extension: (World Data Atlas) - C:\Users\bigpi\AppData\Local\Google\Chrome\User Data\Default\Extensions\knlgfedckdhkgjinnhogmhkbcjpmmhko [2020-12-07]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\bigpi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-09-07]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\bigpi\AppData\Local\Google\Chrome\User Data\Default\Extensions\meefjekipolcgabfgaclcpdkbghhmoah [2020-12-07]
CHR Extension: (Helium 10) - C:\Users\bigpi\AppData\Local\Google\Chrome\User Data\Default\Extensions\njmehopjdpcckochcggncklnlmikcbnb [2023-10-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\bigpi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-02]
CHR Extension: (TypingClub) - C:\Users\bigpi\AppData\Local\Google\Chrome\User Data\Default\Extensions\obdbgibnhfcjmmpfijkpcihjieedpfah [2020-12-07]
CHR Extension: (Amazon Assistant for Chrome) - C:\Users\bigpi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2023-04-28]
CHR Profile: C:\Users\bigpi\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-04-29]
CHR Profile: C:\Users\bigpi\AppData\Local\Google\Chrome\User Data\System Profile [2023-10-04]
CHR HKU\S-1-5-21-2083831119-876286344-1281516711-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-2083831119-876286344-1281516711-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-2083831119-876286344-1281516711-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-2083831119-876286344-1281516711-1010\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-08-02] (Adobe Inc. -> Adobe Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [18673448 2020-11-17] (Autodesk, Inc. -> Autodesk)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [9090968 2023-10-02] (Avast Software s.r.o. -> AVAST Software)
R2 Autodesk Access Service Host; C:\Program Files\Autodesk\AdODIS\V1\Setup\AdskAccessServiceHost.exe [10539808 2023-05-20] (Autodesk, Inc. -> Autodesk, Inc.)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [776088 2023-10-02] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2304920 2023-10-02] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [796568 2023-10-02] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-01-11] (Avast Software s.r.o. -> AVAST Software)
R2 AzureAttestService; C:\Program Files\Microsoft\AzureAttestService\AzureAttestService.dll [151288 2019-07-24] (Microsoft Windows -> Microsoft Corporation)
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\116.0.5845.9\remoting_host.exe [74520 2023-06-26] (Google LLC -> Google LLC)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12859472 2023-09-27] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458960 2023-03-14] (Dell Inc -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [161488 2023-03-14] (Dell Inc -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [484560 2023-03-14] (Dell Inc -> Dell Technologies Inc.)
S2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [49880 2023-01-19] (Dell Inc -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [156064 2022-12-09] (Dell Inc -> Dell)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncHelper.exe [3513784 2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230352 2023-09-16] (HP Inc. -> HP Inc.)
R2 IISExpressSVC; C:\Program Files (x86)\Lansweeper\IISExpress\IISexpressSVC.exe [128136 2021-12-08] (Lansweeper -> Lansweeper)
R2 LansweeperLocalDbService; C:\Program Files (x86)\Lansweeper\Service\LansweeperLocalDBService.exe [60040 2021-12-08] (Lansweeper -> Lansweeper)
R2 lansweeperservice; C:\Program Files (x86)\Lansweeper\Service\Lansweeperservice.exe [278152 2021-12-08] (Lansweeper -> Lansweeper)
R2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [69096 2019-03-13] (National Instruments Corporation -> National Instruments Corporation)
R2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [80880 2019-03-13] (National Instruments Corporation -> National Instruments Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9287968 2023-09-22] (Malwarebytes Inc. -> Malwarebytes)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [624544 2023-01-23] (Microsoft Corporation -> Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-05-16] (Hewlett-Packard) [File not signed]
R2 niauth; C:\Program Files (x86)\National Instruments\Shared\niauth\niauth_daemon.exe [601544 2019-03-12] (National Instruments Corporation -> National Instruments Corporation)
R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [432088 2019-03-13] (National Instruments Corporation -> National Instruments Corporation)
R2 nimDNSResponder; C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [343080 2017-03-08] (National Instruments Corporation -> National Instruments Corporation)
R2 NINetworkDiscovery; C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [189512 2019-03-14] (National Instruments Corporation -> National Instruments Corporation)
R2 NiSvcLoc; C:\Program Files (x86)\National Instruments\Shared\niSvcLoc\nisvcloc.exe [110040 2019-03-20] (National Instruments Corporation -> National Instruments Corporation)
R2 NovabenchService; C:\Program Files\Novawave\Novabench\NovabenchService.exe [1229808 2020-08-30] (Novawave Inc. -> Novawave Inc.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.194.0917.0001\OneDriveUpdaterService.exe [3850680 2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
S3 OVRLibraryService; C:\Program Files\Oculus\Support\oculus-librarian\OVRLibraryService.exe [144632 2022-01-03] (Oculus VR, LLC -> Facebook Technologies, LLC)
R2 OVRService; C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe [511736 2022-01-03] (Oculus VR, LLC -> Facebook Technologies, LLC)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-05-16] (Hewlett-Packard) [File not signed]
R2 QcomWlanSrv; C:\Windows\System32\drivers\QcomWlanSrvx64.exe [197336 2021-06-15] (Qualcomm Atheros, Inc. -> )
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [690120 2023-01-23] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS\MSSQL\Binn\sqlceip.exe [284616 2023-01-23] (Microsoft Corporation -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\Windows\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [160096 2023-04-07] (Dell Inc -> Dell Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe [3116904 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe [133584 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [33216 2021-10-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R2 AMDRyzenMasterDriverV19; C:\Windows\system32\AMDRyzenMasterDriver.sys [43336 2021-11-30] (Advanced Micro Devices INC. -> Advanced Micro Devices)
R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_edd3335a4253bf6d\amdsafd.sys [109520 2021-11-04] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0376209.inf_amd64_b3bdffadea4def3f\B374968\amdkmdag.sys [80540576 2022-01-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [31528 2023-10-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [240176 2023-10-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [392984 2023-10-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297992 2023-10-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [96064 2023-10-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [25576 2022-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39760 2023-10-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [275168 2023-10-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [559696 2023-10-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105248 2023-10-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80416 2023-10-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [950696 2023-10-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [708048 2023-10-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [213192 2023-10-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319560 2023-10-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [322304 2022-12-15] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [78328 2021-08-25] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
S3 cpuz149; C:\Users\bigpi\AppData\Local\Temp\cpuz149\cpuz149_x64.sys [44320 2023-09-16] (CPUID S.A.R.L.U. -> CPUID) <==== ATTENTION
R3 CyUcmClient_Device; C:\Windows\System32\drivers\CyUcmClient.sys [133480 2017-06-20] (Cypress Semiconductor Corporation -> Cypress Semiconductor Corporation)
S3 DDDriver; C:\Windows\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
R3 DellInstrumentation; C:\Windows\System32\drivers\DellInstrumentation.sys [46528 2023-03-14] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 googledrivefs31092; C:\Windows\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-06] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 hhdusbh64; C:\Windows\system32\DRIVERS\hhdusbh64.sys [67000 2021-10-25] (HHD Software Ltd. -> HHD Software Ltd.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [222272 2023-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-03-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2023-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 NovabenchDriver; C:\Program Files\Novawave\Novabench\NovabenchDriverWin10.sys [28216 2018-03-28] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 npcap; C:\Windows\system32\DRIVERS\npcap.sys [71736 2021-08-30] (Insecure.Com LLC -> Insecure.Com LLC.)
R3 oculusvad_oculusvad; C:\Windows\System32\drivers\oculusvad.sys [75280 2022-01-03] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
R3 Oculus_ViGEmBus; C:\Windows\System32\drivers\Oculus_ViGEmBus.sys [32856 2022-01-03] (Oculus VR, LLC -> Facebook Inc.)
S4 RsFx0600; C:\Windows\System32\DRIVERS\RsFx0600.sys [286976 2019-09-24] (Microsoft Corporation -> Microsoft Corporation)
R3 SCTDriverV1011; C:\Windows\system32\drivers\SCTDriverV1011.sys [261712 2020-12-08] (SCT Performance LLC -> Jungo)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 usbscan; C:\Windows\system32\DRIVERS\usbscan.sys [49152 2020-10-09] (Microsoft Corporation) [File not signed]
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55856 2023-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [572712 2023-10-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105872 2023-10-05] (Microsoft Windows -> Microsoft Corporation)
R3 wovad_micarray; C:\Windows\system32\drivers\womic.sys [34496 2020-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
U1 aswbdisk; no ImagePath
S3 cpuz152; \??\C:\Windows\temp\cpuz152\cpuz152_x64.sys [X]
U4 npcap_wifi; no ImagePath
S3 VBAudioVMVAIOMME; \SystemRoot\System32\drivers\vbaudio_vmvaio64_win10.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-10-11 11:38 - 2023-10-11 11:38 - 002383360 _____ (Farbar) C:\Users\bigpi\Downloads\FRST64.exe
2023-10-11 11:38 - 2023-10-11 11:38 - 000000000 ____D C:\Users\bigpi\Downloads\FRST-OlderVersion
2023-10-11 11:37 - 2023-10-11 11:48 - 000000000 ____D C:\FRST
2023-10-11 07:25 - 2023-10-11 07:25 - 000003112 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2023-10-11 07:25 - 2023-10-11 07:25 - 000003078 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2023-10-10 20:19 - 2023-10-11 07:25 - 000003426 _____ C:\Windows\system32\Tasks\NIUpdateServiceRetryCheckTask
2023-10-09 16:03 - 2023-10-09 16:03 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-10-09 16:03 - 2023-10-09 16:03 - 000002135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-10-04 03:33 - 2023-10-04 03:33 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2023-10-02 23:32 - 2023-10-11 07:25 - 000004264 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2023-10-02 23:32 - 2023-10-02 23:32 - 000313240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2023-09-20 11:08 - 2023-09-20 11:08 - 000000000 ____D C:\Users\bigpi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2023-09-18 13:17 - 2023-10-11 07:25 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-09-18 13:17 - 2023-10-09 15:57 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-09-18 13:17 - 2023-10-09 06:55 - 000003046 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-09-16 09:12 - 2023-09-16 09:12 - 000027198 _____ C:\Users\bigpi\AppData\LocalLow\wbkA983.tmp
2023-09-16 09:11 - 2023-09-16 09:11 - 000000000 ____D C:\Users\bigpi\OneDrive\Documents\loglog
2023-09-16 05:17 - 2023-09-16 05:17 - 000000000 ____D C:\Users\valra\AppData\Roaming\com.adobe.dunamis
2023-09-16 05:17 - 2023-09-16 05:17 - 000000000 ____D C:\Users\valra\AppData\Local\SolidDocuments
2023-09-16 05:17 - 2023-09-16 05:17 - 000000000 ____D C:\Users\valra\.ms-ad
2023-09-16 05:16 - 2023-09-16 05:17 - 000000000 ____D C:\Users\valra\AppData\Local\Adobe
2023-09-16 05:15 - 2023-09-16 05:15 - 000002523 _____ C:\Users\Public\Desktop\Smart View.lnk
2023-09-16 05:15 - 2023-09-16 05:15 - 000000000 ____D C:\Users\valra\AppData\Local\SmartView2
2023-09-16 05:13 - 2023-09-16 05:13 - 000000000 ____D C:\Users\valra\AppData\LocalLow\Adobe
2023-09-16 05:13 - 2023-09-16 05:13 - 000000000 ____D C:\Users\valra\AppData\Local\HHD Software
2023-09-16 01:04 - 2023-09-16 01:04 - 020789222 _____ C:\Users\bigpi\Downloads\20211027_043332.mp4
2023-09-16 00:17 - 2023-09-16 00:17 - 000000000 ___HD C:\$WinREAgent
2023-09-13 13:53 - 2023-10-09 06:55 - 000003482 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-09-13 13:52 - 2023-09-13 13:52 - 000002078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-09-13 13:52 - 2023-09-13 13:52 - 000002066 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-10-11 11:47 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-10-11 11:34 - 2020-09-27 10:50 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-10-11 11:07 - 2021-12-15 23:40 - 000000000 ____D C:\Windows\SystemTemp
2023-10-11 11:07 - 2020-12-07 08:33 - 000000000 ____D C:\Program Files (x86)\Google
2023-10-11 07:37 - 2021-11-24 19:51 - 000000000 ____D C:\ProgramData\boost_interprocess
2023-10-11 07:30 - 2023-04-29 15:15 - 000000000 ___RD C:\Users\bigpi\iCloudDrive
2023-10-11 07:30 - 2023-04-29 15:13 - 000000000 ___RD C:\Users\bigpi\iCloudPhotos
2023-10-11 07:27 - 2020-12-06 17:41 - 000970146 _____ C:\Windows\system32\PerfStringBackup.INI
2023-10-11 07:27 - 2019-12-07 05:13 - 000000000 ____D C:\Windows\INF
2023-10-11 07:25 - 2023-05-11 05:28 - 000000000 ____D C:\Users\bigpi\AppData\Local\Malwarebytes
2023-10-11 07:25 - 2021-06-14 13:21 - 000000000 ____D C:\Users\bigpi\AppData\Local\Oculus
2023-10-11 07:25 - 2020-12-06 17:48 - 000000000 ___RD C:\Users\bigpi\OneDrive
2023-10-11 07:25 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\AppReadiness
2023-10-11 07:22 - 2020-09-27 10:50 - 000008192 ___SH C:\DumpStack.log.tmp
2023-10-11 07:22 - 2020-09-27 10:50 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-10-10 20:48 - 2020-12-06 17:45 - 000000000 ____D C:\Users\bigpi
2023-10-10 17:10 - 2023-05-27 00:05 - 000000000 ____D C:\Users\valra\AppData\Local\Malwarebytes
2023-10-10 16:59 - 2021-06-16 17:35 - 000000000 ____D C:\Users\valra\AppData\Local\Oculus
2023-10-10 16:58 - 2021-01-30 14:03 - 000000000 ____D C:\ProgramData\Avast Software
2023-10-10 16:58 - 2020-12-06 17:49 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2023-10-10 16:58 - 2019-12-07 05:03 - 001310720 _____ C:\Windows\system32\config\BBI
2023-10-10 15:22 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-10-10 07:08 - 2021-09-14 00:25 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-10-09 18:12 - 2020-12-06 17:45 - 000000000 ___SD C:\Users\bigpi\AppData\Roaming\Microsoft\Credentials
2023-10-09 16:09 - 2020-12-06 17:50 - 000000000 ____D C:\Users\bigpi\AppData\Local\D3DSCache
2023-10-09 16:07 - 2021-01-28 14:19 - 000002173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-10-09 16:03 - 2023-05-01 03:50 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2083831119-876286344-1281516711-1010
2023-10-09 16:03 - 2023-05-01 03:50 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2083831119-876286344-1281516711-1005
2023-10-09 16:03 - 2023-04-01 14:37 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2083831119-876286344-1281516711-1001
2023-10-09 16:03 - 2022-03-02 19:49 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2083831119-876286344-1281516711-1017
2023-10-09 15:57 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\ServiceState
2023-10-09 06:55 - 2023-04-29 15:15 - 000002826 _____ C:\Windows\system32\Tasks\Apple Diagnostics
2023-10-09 06:55 - 2022-05-01 00:48 - 000002484 _____ C:\Windows\system32\Tasks\Samsung_PSSD_Registration
2023-10-09 06:55 - 2022-02-22 21:14 - 000002822 _____ C:\Windows\system32\Tasks\NIUpdateServiceCheckTask
2023-10-09 06:55 - 2022-02-22 21:14 - 000002504 _____ C:\Windows\system32\Tasks\NIUpdateServiceStartupTask
2023-10-09 06:55 - 2022-01-11 10:46 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2023-10-09 06:55 - 2022-01-09 14:02 - 000002252 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - bigpi
2023-10-09 06:55 - 2022-01-07 11:40 - 000003638 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2083831119-876286344-1281516711-1001UA
2023-10-09 06:55 - 2022-01-07 11:40 - 000003538 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-2083831119-876286344-1281516711-1001Core
2023-10-09 06:55 - 2022-01-03 22:50 - 000002672 _____ C:\Windows\system32\Tasks\ModifyLinkUpdate
2023-10-09 06:55 - 2022-01-03 22:50 - 000002402 _____ C:\Windows\system32\Tasks\AMDRyzenMasterSDKTask
2023-10-09 06:55 - 2022-01-03 22:30 - 000002158 _____ C:\Windows\system32\Tasks\npcapwatchdog
2023-10-09 06:55 - 2022-01-03 21:46 - 000002202 _____ C:\Windows\system32\Tasks\StartCN
2023-10-09 06:55 - 2022-01-03 21:46 - 000002122 _____ C:\Windows\system32\Tasks\StartDVR
2023-10-09 06:55 - 2021-12-22 17:51 - 000002956 _____ C:\Windows\system32\Tasks\BlueStacksHelper_nxt
2023-10-09 06:55 - 2020-12-19 20:37 - 000003306 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{96340CF4-3CEE-4B1F-BF57-15B1F7DF8813}
2023-10-09 06:55 - 2020-12-07 08:57 - 000003306 _____ C:\Windows\system32\Tasks\Dell SupportAssistAgent AutoUpdate
2023-10-09 06:55 - 2020-12-07 08:33 - 000003356 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2023-10-09 06:55 - 2020-12-07 08:33 - 000003132 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2023-10-09 06:55 - 2020-09-27 10:53 - 000003464 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-10-09 06:55 - 2020-09-27 10:53 - 000003240 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-10-09 05:09 - 2020-09-27 10:53 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-10-09 05:09 - 2020-09-27 10:53 - 000002279 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-10-06 01:37 - 2021-11-19 14:19 - 000000000 ____D C:\Users\bigpi\AppData\Roaming\Microsoft\Excel
2023-10-06 00:53 - 2021-11-15 19:20 - 000000000 ____D C:\Users\bigpi\AppData\Local\Amazon Music
2023-10-05 23:21 - 2021-06-16 17:35 - 000000000 ____D C:\Users\valra\AppData\Local\Packages
2023-10-05 21:31 - 2020-12-07 08:34 - 000002250 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-10-05 21:31 - 2020-12-07 08:34 - 000002209 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-10-05 00:08 - 2020-09-27 10:51 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-10-04 12:59 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\NDF
2023-10-04 03:32 - 2020-12-18 13:13 - 000000000 ____D C:\Program Files\Microsoft Office
2023-10-02 23:46 - 2023-04-08 22:34 - 002709096 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2023-10-02 23:46 - 2023-04-08 22:34 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2023-10-02 23:46 - 2023-04-08 22:34 - 000210536 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2023-10-02 23:46 - 2023-04-08 22:34 - 000181864 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2023-10-02 23:46 - 2023-04-08 22:34 - 000145000 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2023-10-02 23:46 - 2023-04-08 22:34 - 000095736 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2023-10-02 23:46 - 2023-04-08 22:34 - 000075360 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2023-10-02 23:32 - 2019-12-07 05:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-09-22 00:59 - 2023-07-17 21:22 - 000000000 ____D C:\Users\bigpi\AppData\Roaming\uTorrent Web
2023-09-21 23:06 - 2020-09-27 10:54 - 000000000 ____D C:\ProgramData\Packages
2023-09-20 11:08 - 2022-04-13 10:11 - 000000000 ____D C:\Users\bigpi\AppData\Roaming\Zoom
2023-09-20 10:19 - 2020-12-06 17:47 - 000000000 ____D C:\Users\bigpi\AppData\Local\Packages
2023-09-19 01:32 - 2022-01-07 01:38 - 000000000 ____D C:\Users\bigpi\AppData\Roaming\discord
2023-09-19 01:31 - 2022-01-07 01:38 - 000000000 ____D C:\Users\bigpi\AppData\Local\Discord
2023-09-18 13:17 - 2021-01-29 00:00 - 000000000 ____D C:\Users\bigpi\AppData\Local\CrashDumps
2023-09-16 09:06 - 2020-12-06 17:54 - 000918960 _____ (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2023-09-16 09:03 - 2019-12-07 05:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2023-09-16 05:19 - 2021-11-23 19:22 - 000000000 ____D C:\Users\valra\AppData\Local\Autodesk
2023-09-16 05:17 - 2021-06-16 17:35 - 000000000 ____D C:\Users\valra\AppData\Roaming\Adobe
2023-09-16 05:17 - 2021-06-16 17:35 - 000000000 ____D C:\Users\valra
2023-09-16 01:32 - 2022-03-22 16:10 - 000000000 ____D C:\Windows\system32\Tasks\HP
2023-09-16 01:32 - 2022-01-04 10:39 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2023-09-16 01:26 - 2021-02-01 08:53 - 000551824 _____ C:\Windows\system32\FNTCACHE.DAT
2023-09-16 01:24 - 2019-12-07 05:14 - 000000000 ___RD C:\Windows\PrintDialog
2023-09-16 01:24 - 2019-12-07 05:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-09-16 01:24 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-09-16 01:24 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\SystemResources
2023-09-16 01:24 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-09-16 01:24 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\oobe
2023-09-16 01:24 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\system32\appraiser
2023-09-16 01:24 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-09-16 01:24 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-09-16 01:24 - 2019-12-07 05:14 - 000000000 ____D C:\Windows\bcastdvr
2023-09-16 00:30 - 2019-12-07 05:03 - 000000000 ____D C:\Windows\CbsTemp
2023-09-16 00:26 - 2020-09-27 10:53 - 003014144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-09-13 14:13 - 2022-04-04 09:35 - 000000000 ____D C:\Program Files\dotnet
2023-09-13 14:13 - 2021-06-14 07:04 - 000000000 ____D C:\ProgramData\Package Cache
2023-09-13 14:13 - 2020-12-06 17:51 - 000000000 ____D C:\Windows\system32\MRT
2023-09-13 14:08 - 2020-12-06 17:51 - 177941912 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-09-13 13:40 - 2023-04-08 22:34 - 000000000 ____D C:\XboxGames
==================== Files in the root of some directories ========
2022-11-16 03:53 - 2022-11-16 03:53 - 000002516 _____ () C:\Users\bigpi\AppData\Local\lang_info.xml
2022-01-20 17:00 - 2022-01-20 17:00 - 000000878 _____ () C:\Users\bigpi\AppData\Local\recently-used.xbel
2020-12-07 08:47 - 2023-04-28 12:02 - 000007601 _____ () C:\Users\bigpi\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2023
Ran by bigpi (11-10-2023 11:50:06)
Running from C:\Users\bigpi\OneDrive\Desktop
Microsoft Windows 10 Home Version 22H2 19045.3448 (X64) (2020-12-06 21:37:24)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2083831119-876286344-1281516711-500 - Administrator - Disabled)
bigpi (S-1-5-21-2083831119-876286344-1281516711-1001 - Administrator - Enabled) => C:\Users\bigpi
chad (S-1-5-21-2083831119-876286344-1281516711-1005 - Limited - Enabled) => C:\Users\chad
DefaultAccount (S-1-5-21-2083831119-876286344-1281516711-503 - Limited - Disabled)
Guest (S-1-5-21-2083831119-876286344-1281516711-501 - Limited - Enabled)
joqui (S-1-5-21-2083831119-876286344-1281516711-1017 - Limited - Enabled) => C:\Users\joqui
valra (S-1-5-21-2083831119-876286344-1281516711-1010 - Limited - Enabled) => C:\Users\valra
WDAGUtilityAccount (S-1-5-21-2083831119-876286344-1281516711-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{345F3F90-0505-4EDF-B7A9-5E3AC1AC6CE4}) (Version: 15.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 23.006.20320 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601052}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Amazon Music (HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\Amazon Amazon Music) (Version: 9.4.2.2418 - Amazon.com Services LLC)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 3.10.08.506 - Advanced Micro Devices, Inc.)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD I2C Driver (HKLM-x32\...\{B31D92D9-2914-46B0-9738-F668A563DE73}) (Version: 1.2.0.118 - Advanced Micro Devices, Inc.) Hidden
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.83 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.17.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 7.0.3.5 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 21.12.1 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{aebb22c8-1fcb-4e7d-92ae-98f1012da7a2}) (Version: 3.10.08.506 - Advanced Micro Devices, Inc.) Hidden
Anaconda3 2021.11 (Python 3.9.7 64-bit) (HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\Anaconda3 2021.11 (Python 3.9.7 64-bit)) (Version: 2021.11 - Anaconda, Inc.)
AutoCAD Open in Desktop (HKLM\...\{1C66A0B0-784E-4777-97B3-93F843D1C8CF}) (Version: 1.0.20.0 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{9C2E49CB-F671-47EC-8093-CC1A8749A92A}) (Version: 3.2.1 - Autodesk)
Autodesk AutoCAD 2022 - English (HKLM\...\{1E7D4EF7-A28E-3D3E-BA3C-C6FAE4AAB2E0}) (Version: 24.1.51.0 - Autodesk, Inc.)
Autodesk AutoCAD Performance Feedback Tool 1.3.8 (HKLM-x32\...\{3EDD9D7F-E305-485B-A0E5-7F6D24A87093}) (Version: 1.3.8.0 - Autodesk)
Autodesk Featured Apps (HKLM-x32\...\{46EA8955-D629-4B3E-AAF0-D136031D7C95}) (Version: 3.2.1 - Autodesk)
Autodesk Fusion 360 (HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.11415 - Autodesk, Inc.)
Autodesk Fusion 360 (HKU\S-1-5-21-2083831119-876286344-1281516711-1010\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.11415 - Autodesk, Inc.)
Autodesk Genuine Service (HKLM\...\{9D5484A2-26AD-4C02-9D2F-CFBC22C64204}) (Version: 7.1.0.193 - Autodesk)
Autodesk Identity Manager (HKLM\...\Autodesk Identity Manager) (Version: 1.9.18.0 - Autodesk)
Autodesk Material Library 2022 (HKLM-x32\...\{A9221A68-5AD0-4215-B54F-CB5DBA4FB27C}) (Version: 20.3.7.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2022 (HKLM-x32\...\{6256584F-B04B-41D4-8A59-44E70940C473}) (Version: 20.3.7.0 - Autodesk)
Autodesk Save to Web and Mobile (HKLM\...\{192B349F-C3F7-4BBE-B49E-00DD4BD28373}) (Version: 3.0.29 - Autodesk) Hidden
Autodesk Single Sign On Component (HKLM\...\{B9F5BDED-021C-4926-8518-4FA7114B7040}) (Version: 12.3.3.1803 - Autodesk)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 23.9.6082 - Avast Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bing Wallpaper (HKLM-x32\...\{95736CC6-1FA4-4BD5-BE63-7724E0C51CCD}) (Version: 1.0.9.5 - Microsoft Corporation)
BlueStacks 5 (HKLM\...\BlueStacks_nxt) (Version: 5.10.0.1085 - BlueStack Systems, Inc.)
BlueStacks X (HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\BlueStacks X) (Version: 0.19.10.1001 - BlueStack Systems, Inc.)
Branding64 (HKLM\...\{8400E550-2340-4FC4-8B46-93D7C7646A6A}) (Version: 1.00.0007 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.16 - Piriform)
Chrome Remote Desktop Host (HKLM-x32\...\{C17C2857-FF33-4EA0-8220-14A17DF82668}) (Version: 116.0.5845.9 - Google LLC)
CPUID CPU-Z 1.98 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.98 - CPUID, Inc.)
Dell Direct Key (HKLM-x32\...\{71A234EA-4CBA-46E7-B81D-4C2AF8BCD6E2}) (Version: 1.6.3 - Dell)
Dell OS Recovery Tool (HKLM-x32\...\{9255a761-3ba1-447c-855b-4b67716f9f6d}) (Version: 2.3.7010 - Dell Inc.)
Dell OS Recovery Tool (HKLM-x32\...\{99D929B2-54EC-4769-8ADC-6F78EC342B6A}) (Version: 2.3.7010.0 - Dell) Hidden
Dell SupportAssist (HKLM\...\{6D3561B7-19AA-438B-9C83-CD2CED199472}) (Version: 3.14.0.91 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{FFFED431-EF80-4C39-A66E-E11BC7413D33}) (Version: 5.5.5.16206 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{cff56899-3afb-4fe1-aeec-a0474836d1cd}) (Version: 5.5.5.16206 - Dell Inc.)
Discord (HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
DroidKit (HKLM-x32\...\DroidKit) (Version: 1.0.0.5 - iMobie Inc.)
f.lux (HKU\S-1-5-21-2083831119-876286344-1281516711-1005\...\Flux) (Version: - f.lux Software LLC)
FoneDog Toolkit for Android 2.0.52 (HKLM-x32\...\{7A8C4E7C-62D5-47E6-B93B-80C5DD48CBA4}_is1) (Version: 2.0.52 - FoneDog)
GDR 2080 for SQL Server 2019 (KB4583458) (64-bit) (HKLM\...\KB4583458) (Version: 15.0.2080.9 - Microsoft Corporation)
GDR 2095 for SQL Server 2019 (KB5014356) (64-bit) (HKLM\...\KB5014356) (Version: 15.0.2095.3 - Microsoft Corporation)
GDR 2101 for SQL Server 2019 (KB5021125) (64-bit) (HKLM\...\KB5021125) (Version: 15.0.2101.7 - Microsoft Corporation)
GIMP 2.10.30 (HKLM\...\GIMP-2_is1) (Version: 2.10.30 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 117.0.5938.150 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 82.0.1.0 - Google LLC)
Google Earth Pro (HKLM\...\{F27DBA46-80E1-4858-9285-19198FFFBF3D}) (Version: 7.3.6.9345 - Google)
GoTo 3.1.0 (HKU\S-1-5-21-2083831119-876286344-1281516711-1005\...\b5746384-3503-4fbf-824a-0a42d1bd0639) (Version: 3.1.0 - LogMeIn, Inc.)
GroundSchool - Sport Pilot - General (HKLM-x32\...\aacc7ead-b0d4-43c0-8e7e-a128df259cc6_is1) (Version: - Dauntless Software)
HHD Software Free USB Analyzer 8.41 (HKLM\...\HHD Device Monitoring Studio 5.01) (Version: 8.41.0.9819 - HHD Software, Ltd.)
iCloud Outlook (HKLM\...\{11727D12-D910-486F-9B36-B496F4AB334D}) (Version: 14.1.0.108 - Apple Inc.)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
Java 8 Update 321 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180321F0}) (Version: 8.0.3210.7 - Oracle Corporation)
Kingo ROOT version 1.5.8.3353 (HKLM-x32\...\{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1) (Version: 1.5.8.3353 - Kingosoft Technology Ltd.)
Lansweeper (HKLM-x32\...\Lansweeper_is1) (Version: 9.1 - Lansweeper.com)
Malwarebytes version 4.6.3.282 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.3.282 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9179.0 - Waves Audio Ltd.) Hidden
Messenger (HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 168.0.415453512 - Facebook, Inc.)
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.22 (x64) (HKLM\...\{A575E059-0C3F-4138-B87A-BAF55CABA9FA}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.22 (x64) (HKLM\...\{E7598167-2D5C-4704-8777-8A25289EB8FE}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.22 (x64) (HKLM\...\{853BA4E9-D41A-4FF6-AB22-A6FFDD77EA78}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.22 (x64) (HKLM-x32\...\{d43a1c04-202d-419d-af88-bac07623365e}) (Version: 6.0.22.32824 - Microsoft Corporation)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.16827.20130 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.60 - Microsoft Corporation)
Microsoft Edge (HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\Microsoft Edge) (Version: 117.0.2045.60 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.60 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft ODBC Driver 17 for SQL Server (HKLM\...\{CBA9B46D-5C8E-46F9-94B4-7024400EDE52}) (Version: 17.10.3.1 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.194.0917.0001 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{BAF67399-85CD-4555-9B49-1F80EB921C35}) (Version: 12.3.6024.0 - Microsoft Corporation)
Microsoft SQL Server 2019 (64-bit) (HKLM\...\Microsoft SQL Server SQL2019) (Version: - Microsoft Corporation)
Microsoft SQL Server 2019 RsFx Driver (HKLM\...\{5825CDC4-4E99-4CF9-91FE-DB60C0E2F5EA}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
Microsoft SQL Server 2019 Setup (English) (HKLM\...\{3EFE5456-1BC3-4099-8F8A-1B6D20073958}) (Version: 15.0.2101.7 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29325 (HKLM-x32\...\{d7a6435f-ac9a-4af6-8fdc-ca130d13fac9}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.30.30704 (HKLM-x32\...\{57a73df6-4ba9-4c1d-bbbb-517289ff6c13}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29325 (HKLM-x32\...\{B40FC85D-2B12-46E0-B950-E5B27E348793}) (Version: 14.28.29325 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29325 (HKLM-x32\...\{EE2E15BB-54C8-4DB0-B1F3-026E3C166991}) (Version: 14.28.29325 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.30.30704 (HKLM\...\{6DB765A8-05AF-49A1-A71D-6F645EE3CE41}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.30.30704 (HKLM\...\{662A0088-6FCD-45DD-9EA7-68674058AED5}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft VSS Writer for SQL Server 2019 (HKLM\...\{2C33F4D4-E9A5-4DE1-ACFE-3A13464E6703}) (Version: 15.0.2000.5 - Microsoft Corporation)
MiniTool Mobile Recovery for Android version 1.0.1.1 (HKLM\...\{905006A1-C1B1-4544-B897-D3F1CDF10728}_is1) (Version: 1.0.1.1 - MiniTool Solution Ltd.)
mIRC (HKLM-x32\...\mIRC) (Version: 7.67 - mIRC Co. Ltd.)
National Instruments Software (HKLM-x32\...\NI Uninstaller) (Version: - National Instruments)
NI Package Manager 64-bit 19.0 (HKLM\...\NI Package Manager) (Version: 19.0.0 - National Instruments)
NirSoft ShellExView (HKLM-x32\...\NirSoft ShellExView) (Version: - )
Novabench (HKLM\...\{518479D5-B34D-48E5-938B-2FB01B855FFD}) (Version: 4.0.8 - Novawave Inc.)
Npcap OEM (HKLM-x32\...\NpcapInst) (Version: 1.55 - Nmap Project)
Oculus (HKLM\...\Oculus) (Version: <3 - Facebook Technologies, LLC)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16827.20130 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16827.20130 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Phoneboard (HKLM\...\Phoneboard_is1) (Version: - Phoneboard)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.7.0 - Prolific Technology INC)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
PTZ Controller V3.9 (HKLM-x32\...\{D49970C1-CD76-4B2A-93E3-33332DB5698D}) (Version: 3.9.0 - Ginkgo LLC)
Qualcomm 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{E7086B15-806E-4519-A876-DBA9FDDE9A13}) (Version: 11.0.0.10527 - Qualcomm)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.21299 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8158 - Realtek Semiconductor Corp.)
Resource Hacker Version 5.1.7 (HKLM-x32\...\ResourceHacker_is1) (Version: - )
RyzenMasterSDK (HKLM\...\{D75CF983-4F9F-4EB7-B15B-AC6E615982C2}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.43.0 - Samsung Electronics Co., Ltd.)
Scratch 3 3.28.0 (HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\bad79d23-e888-5a7b-9e99-60ee89b6c8bf) (Version: 3.28.0 - Scratch Foundation)
SCT Device Updater (HKLM-x32\...\{1E05E69C-38E3-40A8-96BA-07900EE62F4F}) (Version: 2.18.20303.1 - SCT)
SCT Drivers x64 (HKLM\...\{FE1CD3F2-A7A0-4442-86B2-F3A2C1F22FC9}) (Version: 13.0.0 - SCT Performance)
SketchUp Pro 2021 (HKLM-x32\...\{09480c81-5458-4d69-ab73-ee488fe8c297}) (Version: 21.1.332 - Trimble, Inc.)
SketchUpPro 2021 (HKLM\...\{de4d81d8-be27-7e56-b217-81366a2e7075}) (Version: 21.1.332.116 - SketchUp) Hidden
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.3.23022.1 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.3.23022.1 - Samsung Electronics Co., Ltd.)
Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung )
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SQL Server 2019 Batch Parser (HKLM\...\{D459615B-83B0-408F-8F39-6CC07C277BA6}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Common Files (HKLM\...\{0FB552DD-543E-48E7-A6F4-2F8D82723C6A}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Common Files (HKLM\...\{5E4344C9-8B97-4ED9-8760-57E221C240F4}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Connection Info (HKLM\...\{99B940D5-1A49-4B6C-B26C-6A88B2C061CA}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Connection Info (HKLM\...\{FD730873-33D1-4D1F-9AE0-E259586F8827}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Database Engine Services (HKLM\...\{03D7938C-2949-47D4-99E2-50CA5B76F484}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Database Engine Services (HKLM\...\{97E1B195-1A3F-4594-BC2B-BE2FD72AC74D}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Database Engine Shared (HKLM\...\{619F0B6C-C802-422A-B4E5-294E61F68473}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Database Engine Shared (HKLM\...\{DE5B7937-D5B5-4157-BC30-BB87F021CFF0}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 DMF (HKLM\...\{814D5077-C93F-42E2-B875-717007C186B9}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 DMF (HKLM\...\{FC8DC283-4A85-467F-8D0E-2FE4606DCCA1}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Shared Management Objects (HKLM\...\{6213D6CB-D258-47A3-B1A0-EE1E5C080DCF}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Shared Management Objects (HKLM\...\{A8581199-F913-443B-B058-8E8BF317E71C}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Shared Management Objects Extensions (HKLM\...\{8DDAEBCA-4267-4E16-9FE0-D87F21D36891}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Shared Management Objects Extensions (HKLM\...\{C7E6D4B7-CB10-4239-BA04-D9339B39D0BD}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 SQL Diagnostics (HKLM\...\{28ED6838-D8E5-454C-A813-12C5EB447CAB}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 XEvent (HKLM\...\{2129312E-5204-4F3A-9039-B6D34DBB00FB}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 XEvent (HKLM\...\{228C3DC2-695E-4FC7-87E4-6A9CE905DA9B}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TwilioQuest 8.0.0 (HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\2ad7503d-bb80-5d6b-af5f-ed260c23917a) (Version: 8.0.0 - Twilio DevEd)
Upwork 5.4.9.6 (HKU\S-1-5-21-2083831119-876286344-1281516711-1005\...\93035758-0b9f-537e-bffc-381e80344cc8) (Version: 5.4.9 - Upwork, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WhatsApp (Outdated) (HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\WhatsApp) (Version: 2.2317.10 - WhatsApp)
WidsMob Viewer Pro (HKLM-x32\...\{489AB8F3-38D6-4B5A-B207-357A7BA084D5}) (Version: 5.3.24 - WidsMob)
Windows Driver Package - Android USB Driver (WinUSB) AndroidUsbDeviceClass (11/11/2016 11.0.0000.00000) (HKLM\...\4F390F96D29747EB6ED21CEDF0A85F0A52622E03) (Version: 11/11/2016 11.0.0000.00000 - Android USB Driver)
Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/27/2012 7.0.0000.00004) (HKLM\...\BE156A27AFEAEA39D6A7C9D25CFA8DAFAF91756B) (Version: 08/27/2012 7.0.0000.00004 - Google, Inc.)
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (dg_ssudbus) USB (12/02/2015 2.12.1.0) (HKLM\...\85A33267F12961AF9ED9AE799DEDA5E62BEA236F) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (ssudmdm) Modem (12/02/2015 2.12.1.0) (HKLM\...\88ED314360B98E6E82E7CC3201FAEB4A9FD291B4) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Windows Driver Package - SAMSUNG Electronics Co., Ltd. (WinUSB) AndroidUsbDeviceClass (12/02/2015 2.12.1.0) (HKLM\...\701281E8283E9E3681220099A9DA5013A5A437AF) (Version: 12/02/2015 2.12.1.0 - SAMSUNG Electronics Co., Ltd. )
Windows Driver Package - Silicon Laboratories Inc. (silabser) Ports (09/27/2017 6.7.5.1893) (HKLM\...\3C57DA61F41601ACF85CC77F740AA00672E0BCD7) (Version: 09/27/2017 6.7.5.1893 - Silicon Laboratories Inc.)
Windows PC Health Check (HKLM\...\{014B7442-C784-45D3-A152-F7D2C651F28A}) (Version: 3.3.2110.22002 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{804A0628-543B-4984-896C-F58BF6A54832}) (Version: 3.7.2204.15001 - Microsoft Corporation)
WO Mic Client (HKLM-x32\...\WOMic) (Version: - )
Yousician Launcher version 2.3 (HKLM-x32\...\{EF45EAE9-523E-47C3-8634-A81923B11DD5}_is1) (Version: 2.3 - Yousician)
Zoom (HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\ZoomUMX) (Version: 5.15.7 (20303) - Zoom Video Communications, Inc.)
Zoom (HKU\S-1-5-21-2083831119-876286344-1281516711-1005\...\ZoomUMX) (Version: 5.4.6 (59296.1207) - Zoom Video Communications, Inc.)
Packages:
=========
BreeZip -> C:\Program Files\WindowsApps\3138AweZip.AweZip_1.4.29.0_x64__ffd303wmbhcjt [2023-05-21] (BreeZip)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-09-07] (Microsoft Corporation)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.14.4.0_x64__htrsf667h5kn2 [2023-10-10] (Dell Inc)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_149.1.1056.0_x64__v10z8vjag6ke6 [2023-09-16] (HP Inc.)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_14.2.108.0_x64__nzyj5cx40ttqa [2023-07-20] (Apple Inc.) [Startup Task]
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12129.10001.1009.0_x64__nzyj5cx40ttqa [2023-09-16] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-01-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-01-24] (Microsoft Corporation) [MS Ad]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2309.1001.0_x64__8wekyb3d8bbwe [2023-09-16] (Microsoft Corporation) [Startup Task]
Microsoft Flight Simulator -> C:\Program Files\WindowsApps\Microsoft.FlightSimulator_1.34.16.0_x64__8wekyb3d8bbwe [2023-10-02] (Microsoft Studios)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-12-30] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-04-22] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0 [2023-10-08] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2339.13.0_x64__cv1g1gvanyjgm [2023-10-08] (WhatsApp Inc.) [Startup Task]
Windows Package Manager Source (winget) -> C:\Program Files\WindowsApps\Microsoft.Winget.Source_2023.1004.2333.37_neutral__8wekyb3d8bbwe [2023-10-05] (Microsoft Corporation)
Xbox Accessories -> C:\Program Files\WindowsApps\Microsoft.XboxDevices_2209.2209.14005.0_x64__8wekyb3d8bbwe [2022-11-03] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2083831119-876286344-1281516711-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2083831119-876286344-1281516711-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2022\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2083831119-876286344-1281516711-1001_Classes\CLSID\{355E7581-B255-4D3F-9F51-F0515DF8D9BC} -> [iCloud Drive] => C:\Users\bigpi\iCloudDrive [2023-04-29 15:15]
CustomCLSID: HKU\S-1-5-21-2083831119-876286344-1281516711-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2083831119-876286344-1281516711-1001_Classes\CLSID\{4A749F25-A9E2-4CBE-9859-CF7B15255E14}\localserver32 -> C:\Users\bigpi\AppData\Local\Microsoft\Edge\Application\117.0.2045.60\notification_click_helper.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2083831119-876286344-1281516711-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\bigpi\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2083831119-876286344-1281516711-1001_Classes\CLSID\{608D599A-DCA6-4A7C-BED7-AFCD8465345A}\InprocServer32 -> C:\Users\bigpi\AppData\Local\Microsoft\EdgeUpdate\1.3.175.29\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2083831119-876286344-1281516711-1001_Classes\CLSID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}\localserver32 -> C:\Users\bigpi\AppData\Local\Microsoft\Edge\Application\117.0.2045.60\notification_helper.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2083831119-876286344-1281516711-1001_Classes\CLSID\{64C6EFB9-8F79-4106-B975-067448DC768F}\InprocServer32 -> C:\Users\bigpi\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2083831119-876286344-1281516711-1001_Classes\CLSID\{7C9A348D-C321-47AC-904F-150312A5430F}\InprocServer32 -> C:\Users\bigpi\AppData\Local\Microsoft\EdgeUpdate\1.3.175.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2083831119-876286344-1281516711-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\bigpi\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2083831119-876286344-1281516711-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2022\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2083831119-876286344-1281516711-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Program Files\Waves\MaxxAudio\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
CustomCLSID: HKU\S-1-5-21-2083831119-876286344-1281516711-1001_Classes\CLSID\{AA46BA8A-9825-40FD-8493-0BA3C4D5CEB5}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2022\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2083831119-876286344-1281516711-1001_Classes\CLSID\{C1BA150D-AD88-44D8-9381-38AA3A3BF0D2} -> [iCloud Photos] => C:\Users\bigpi\iCloudPhotos\Photos [2023-04-29 15:15]
CustomCLSID: HKU\S-1-5-21-2083831119-876286344-1281516711-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\bigpi\AppData\Local\Autodesk\webdeploy\production\96174d2c4918a1a613b00371fd422e0f30e1d187\NPreview10.dll (Autodesk, Inc. -> ) [File not signed]
CustomCLSID: HKU\S-1-5-21-2083831119-876286344-1281516711-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2022\en-US\acadficn.dll (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\82.0.1.0\drivefsext.dll [2023-10-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\82.0.1.0\drivefsext.dll [2023-10-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\82.0.1.0\drivefsext.dll [2023-10-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\82.0.1.0\drivefsext.dll [2023-10-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-10-02] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2021-01-29] (Autodesk, Inc. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-10-02] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2021-01-29] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-10-02] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\82.0.1.0\drivefsext.dll [2023-10-09] (Google LLC -> Google, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-10-02] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-04-01] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\82.0.1.0\drivefsext.dll [2023-10-09] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.194.0917.0001\FileSyncShell64.dll [2023-10-09] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2022-01-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\82.0.1.0\drivefsext.dll [2023-10-09] (Google LLC -> Google, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-10-02] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-04-01] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\bigpi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Reddit.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=lgnggepjiihbfdbedefdhcffnmhcahbm
ShortcutWithArgument: C:\Users\bigpi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\REDIT.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fnpgoaochgbdfjndakichfafiocjjpmm
ShortcutWithArgument: C:\Users\bigpi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\bigpi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt (anaconda3).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\Users\bigpi\anaconda3\Scripts\activate.bat C:\Users\bigpi\anaconda3
==================== Loaded Modules (Whitelisted) =============
2021-04-21 04:01 - 2021-04-21 04:01 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2021-11-30 18:34 - 2021-11-30 18:34 - 000562688 _____ (Advanced Micro Devices) [File not signed] C:\Program Files\AMD\CNext\CNext\Device.dll
2021-11-30 18:34 - 2021-11-30 18:34 - 000058880 _____ (Advanced Micro Devices) [File not signed] C:\Program Files\AMD\CNext\CNext\Platform.dll
2021-12-01 01:59 - 2021-12-01 01:59 - 001717248 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2013-05-16 07:52 - 2013-05-16 07:52 - 000050688 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2013-05-16 07:52 - 2013-05-16 07:52 - 000066048 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2017-09-05 00:15 - 2017-09-05 00:15 - 004396032 _____ (Microsoft Corporation) [File not signed] C:\Program Files\AMD\CNext\CNext\D3DCompiler_47.dll
2018-10-05 10:19 - 2018-10-05 10:19 - 000100864 _____ (National Instruments Corporation) [File not signed] C:\Program Files (x86)\National Instruments\Shared\TraceEngine\ni_traceengine.dll
2018-03-08 07:18 - 2018-03-08 07:18 - 000015360 _____ (NHibernate community) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Iesi.Collections.dll
2020-11-11 20:57 - 2020-11-11 20:57 - 000537088 _____ (NHibernate.info) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\FluentNHibernate.dll
2018-02-06 17:25 - 2018-02-06 17:25 - 000176640 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.dll
2018-03-23 12:10 - 2018-03-23 12:10 - 000028160 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.EagerFetching.dll
2021-02-17 04:19 - 2021-02-17 04:19 - 000124928 _____ (Stateless Contributors) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\stateless.dll
2021-12-17 05:45 - 2021-12-17 05:45 - 000258048 _____ (The Apache Software Foundation) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\log4net.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000031232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 001455104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 001227776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 006947328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000740352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000123392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 001110528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000326656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 003798528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000440832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000054784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 004255744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000171520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 001128448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000206336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000334336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000133120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000396800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 102854656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 005611008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 002877440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000056832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000290816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000336896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000134144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000106496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000045568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2021-04-21 04:01 - 2021-04-21 04:01 - 000093184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
2016-12-18 08:55 - 2016-12-18 08:55 - 000097280 _____ (Tunnel Vision Laboratories, LLC) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Antlr3.Runtime.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-2083831119-876286344-1281516711-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2083831119-876286344-1281516711-1017\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-2083831119-876286344-1281516711-1017\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_321\bin\ssv.dll [2022-02-14] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_321\bin\jp2ssv.dll [2022-02-14] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-04] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 05:14 - 2019-12-07 05:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files\Oculus\Support\oculus-runtime;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\150\Tools\Binn\;C:\Program Files\Microsoft SQL Server\150\Tools\Binn\;C:\Program Files\Microsoft SQL Server\150\DTS\Binn\;C:\Program Files\dotnet\
HKU\S-1-5-21-2083831119-876286344-1281516711-1001\Control Panel\Desktop\\Wallpaper -> c:\users\bigpi\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\2022-06-26_original.jpg
HKU\S-1-5-21-2083831119-876286344-1281516711-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\chad\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\345166.jpg
HKU\S-1-5-21-2083831119-876286344-1281516711-1010\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-2083831119-876286344-1281516711-1017\Control Panel\Desktop\\Wallpaper -> C:\Users\joqui\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\win ltblue 1920x1200.jpg
HKU\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-80-2318606733-4105731500-2265514868-2382646068-3090068018\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-80-3871198407-3985681096-187537395-327373503-1498934226\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Wi-Fi: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "NI Error Reporting.lnk"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "RtHDVBg_PushButton"
HKLM\...\StartupApproved\Run: => "Autodesk Access"
HKLM\...\StartupApproved\Run32: => "Autodesk Desktop App"
HKLM\...\StartupApproved\Run32: => "Autodesk Genuine Service "
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\StartupApproved\Run: => "Amazon Music Helper"
HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\StartupApproved\Run: => "BingWallpaperApp"
HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\StartupApproved\Run: => "Microsoft Edge Update"
HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_6B58C3D663674197AE43E9259022AA77"
HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\StartupApproved\Run: => "com.messenger"
HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\StartupApproved\Run: => "Battle.net"
HKU\S-1-5-21-2083831119-876286344-1281516711-1001\...\StartupApproved\Run: => "utweb"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{F620873B-FF27-479D-9800-5B7E128AA947}C:\users\chad\appdata\local\programs\upwork\upwork.exe] => (Block) C:\users\chad\appdata\local\programs\upwork\upwork.exe (Upwork Global Inc. -> Upwork, Inc.)
FirewallRules: [TCP Query User{BA0DB524-21A0-48F1-8D81-23F2CD8FB629}C:\users\chad\appdata\roaming\zoom\bin\zoom.exe] => (Block) C:\users\chad\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{D33F9AF5-5105-4511-9AE2-E043E85046DE}] => (Allow) C:\Program Files (x86)\WOMic\womicclient.exe () [File not signed]
FirewallRules: [{47C0ADF9-BB0B-4684-ABFB-72864D98DE89}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{A8D39909-A807-45F6-8D81-DCFDFA1517FB}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Bluestack Systems, Inc -> COMPANY NAME)
FirewallRules: [{0FA1C04F-E9FC-4861-820A-4042CABAE314}] => (Allow) C:\Users\bigpi\Downloads\4ukeyforandroid.exe (Tenorshare Co.,Ltd. -> Tenorshare Co., Ltd.)
FirewallRules: [{A8BD65A0-4CFD-47F9-B80A-66727BE4BB4C}] => (Allow) C:\Users\bigpi\Downloads\4ukeyforandroid.exe (Tenorshare Co.,Ltd. -> Tenorshare Co., Ltd.)
FirewallRules: [{88BEBAAB-719E-4594-9E1E-6B3E77FEC71F}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{E790D1E9-5AB1-4FCB-A2E8-221559EEB766}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServer_x64.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{B8E15BA5-CB1B-4733-9B33-EE6950222D95}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{318D7DA7-1A28-4CB8-A8C5-B86D6459CBAF}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRServiceLauncher.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{9C690B30-2B2F-4AF3-A086-6EB5E3A22931}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{7F59A80E-2980-420B-9D0D-350A6AC05CFF}] => (Allow) C:\Program Files\Oculus\Support\oculus-runtime\OVRRedir.exe (Oculus VR, LLC -> Facebook Technologies, LLC)
FirewallRules: [{60B316A4-A8BD-4FCA-9322-EB54E80D2994}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{11F148DF-8564-4CF1-A136-ACABC72A6284}] => (Allow) C:\Program Files\Oculus\Support\oculus-dash\dash\bin\OculusDash.exe (Oculus VR, LLC -> )
FirewallRules: [{008A6186-FF89-45F1-998F-65467DB5BDB8}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{45F318A3-AA06-4253-AB2D-DD4A50E57F48}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{47F51C2C-4228-4D56-B6B3-1BE1501469C8}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.)
FirewallRules: [{AE1B190E-76D5-485F-9BE0-1A6B2D4C1CA2}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Home2\Binaries\Win64\Home2-Win64-Shipping.exe (Oculus VR, LLC -> Epic Games, Inc.)
FirewallRules: [{DE7B9D33-FD0F-4ACB-9AFE-2F4219AA32B6}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Engine\Binaries\Win64\UnrealCEFSubProcess.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{E7AE4202-FB38-4263-90B1-4C721F69F9C7}] => (Allow) C:\Program Files\Oculus\Support\oculus-worlds\Engine\Binaries\Win64\UnrealCEFSubProcess.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{F1B334E9-0D91-4AB3-A7A6-2AA6996ED44F}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [File not signed]
FirewallRules: [{3D9F6C8C-DEA2-4C9C-A924-A2F260E017FF}] => (Allow) C:\Program Files\Oculus\Support\oculus-client\OculusClient.exe (Oculus VR, LLC) [File not signed]
FirewallRules: [{EE2444F7-5DFC-485A-8E11-841D569F3AE8}] => (Allow) C:\Program Files\Oculus\Software\Software\luckyvr-inc-pokerstars-vr\PokerStarsVR.exe () [File not signed]
FirewallRules: [{4F52E5C4-DCFF-4215-8802-85B8E5D2B79E}] => (Allow) C:\Program Files\Oculus\Software\Software\luckyvr-inc-pokerstars-vr\PokerStarsVR.exe () [File not signed]
FirewallRules: [{E876441D-1E62-431B-ABFA-ABD144A9371B}] => (Allow) C:\Program Files\Oculus\Software\Software\luckyvr-inc-pokerstars-vr\UnityCrashHandler64.exe (Unity Technologies Aps -> )
FirewallRules: [{87D5E998-AB56-480C-9EC4-75FC523328B2}] => (Allow) C:\Program Files\Oculus\Software\Software\luckyvr-inc-pokerstars-vr\UnityCrashHandler64.exe (Unity Technologies Aps -> )
FirewallRules: [TCP Query User{11467E44-1A67-447E-97C2-72856A10E421}D:\program files (x86)\mirc\mirc.exe] => (Allow) D:\program files (x86)\mirc\mirc.exe (mIRC Co. Ltd. -> mIRC Co. Ltd.)
FirewallRules: [UDP Query User{951C294E-9453-45EF-9886-912EBF4CDCF0}D:\program files (x86)\mirc\mirc.exe] => (Allow) D:\program files (x86)\mirc\mirc.exe (mIRC Co. Ltd. -> mIRC Co. Ltd.)
FirewallRules: [{F08FDE85-1C06-4675-9828-B47E97C8D534}] => (Allow) E:\Program Files (x86)\Microsoft\EdgeWebView\Application\97.0.1072.55\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0C89AE04-303D-48B1-A291-8C70A7B72530}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{22DB902D-2903-4AED-988A-A10869549951}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{8A3BB187-468E-4D84-9792-02A814D0A23C}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe (National Instruments Corporation -> National Instruments Corporation)
FirewallRules: [{DF58609B-7294-4D7B-8E9A-A4EABA727F0B}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\nisvcloc\nisvcloc.exe (National Instruments Corporation -> National Instruments Corporation)
FirewallRules: [{A9C2A7E2-75FE-4C61-8B15-6FCD44513AE3}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe (National Instruments Corporation -> National Instruments Corporation)
FirewallRules: [{5AE763E6-186A-46E3-AD81-73F7B9DDFE7A}] => (Allow) C:\Users\bigpi\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{B76A2976-74E5-4103-8B22-44713AAAD962}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{2B5C4774-02C7-464A-A0BC-5083417AEB50}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A7CA71C0-08BB-4086-A58B-EE6C86F1E0BE}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{4E736F0C-9FCE-4273-8DD1-EFF3283F02E3}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Bluestack Systems, Inc -> COMPANY NAME)
FirewallRules: [{9BE5F331-0B1D-4EE2-BA62-53125236202A}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Bluestack Systems, Inc -> BlueStack Systems)
FirewallRules: [{B2EC6D9C-E748-4577-BAED-77A58CEE119A}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe (Bluestack Systems, Inc -> The Qt Company Ltd.)
FirewallRules: [{C68FCEFF-D811-41C6-8413-1AF5F72CDAF1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{79D21BE3-4F62-42A9-BE6A-9B193D55BDD3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F2B2B157-2F7C-4FBF-8E87-80277A98274A}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{F6AAF91A-5368-47F0-882E-F178042B18BD}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [TCP Query User{C0CB0555-1BF8-418F-8D6F-08AF05190DBD}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [UDP Query User{D44483B6-B3C1-4FC1-807A-ED133B995838}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [TCP Query User{E6B2D584-0104-4F69-B7B1-39BC138E4503}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [UDP Query User{046AE66D-9F1A-4256-9FB9-074C23D342D7}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe () [File not signed]
FirewallRules: [{D748AB4A-3F83-4DF0-B8AD-F4928EDEFD2C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0F6092A6-E8E1-4570-B672-D5ED3ECB9BF7}] => (Allow) C:\Users\bigpi\AppData\Roaming\uTorrent Web\utweb.exe => No File
FirewallRules: [{8215EE95-0B78-4EAC-95ED-798EDC26AC34}] => (Allow) C:\Users\bigpi\AppData\Roaming\uTorrent Web\utweb.exe => No File
FirewallRules: [{FA4A1F9D-FE6F-427B-8361-CD75CB6C1BC5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.216.947.0_x64__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{F4A3666A-92C2-4569-9745-6EF0FBD74340}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.216.947.0_x64__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{803B1C77-E246-4DFE-A62C-2431EC5A2FBF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.216.947.0_x64__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{7D32BE2B-3F4E-49DB-82A9-EFB8E9252EC8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.216.947.0_x64__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{1423F397-72F6-4049-ABC8-8B2D8393C669}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.216.947.0_x64__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{25B41272-146C-4EE9-B490-6C22DB7A880A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.216.947.0_x64__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{B5A46444-3717-4759-89ED-F9B3BF1286BA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.216.947.0_x64__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{E126CAE3-362D-45EB-840D-26E6F5517DD3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.216.947.0_x64__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{397C78D0-7CE3-48A2-99B3-FDDF23E99E03}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.216.947.0_x64__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{AD7240E3-E73D-4DA5-9B4F-A38BE10D6F93}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.216.947.0_x64__zpdnekdrzrea0\Spotify.exe => No File
FirewallRules: [{8475522A-6227-434D-A7D2-FE08F8641405}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{8EC95287-3FA9-4F66-BD82-961DFF6A5DCC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{DC679730-3A3F-44E0-BAC0-2B17F50CA03E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{910135D9-BCA3-45DF-9BCB-24104270A6C8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.100.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{C1CC43E0-76C6-47E2-90DE-1D854083B63E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.10001.1009.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{A1373DFF-3C6F-408C-8A02-77424A7BF1CF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.10001.1009.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{3D4BBA07-2C74-42F4-9E3A-FF21877886B0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.10001.1009.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{B764BAF0-A810-4A8E-AA45-193B6088D012}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.10001.1009.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{11E612F4-A4AF-4E96-9DD9-9404D1A02E24}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.10001.1009.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{C5CDAB32-868D-4261-AD87-28A1138C7C74}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.10001.1009.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{C85609AC-A236-4EC9-A2BB-18749896D769}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.10001.1009.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{31956486-731F-4E6C-B0C9-A12B46A67ADA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.10001.1009.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{AE49D1DC-FC3E-489B-BC74-31E1E21065A7}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\116.0.5845.9\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [{B68AF12A-042E-43ED-BFFD-5DF7E480C38D}] => (Allow) C:\Users\bigpi\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{8F452E37-F10D-40A3-A732-20C8E34AAF13}] => (Allow) C:\Users\bigpi\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{38105090-404D-496E-B2D2-66758CBEB6A4}] => (Allow) C:\Users\bigpi\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{E7751C3A-FD3E-44B1-B00B-19982183823E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C9F9ADE3-7868-4E55-9663-94A950A4C4CA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{98D416EB-43E0-4FD7-A1FE-BA3AD4D173BF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{423E29E0-8331-46E6-A3EC-CAA2BE197B56}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D416CAF8-5691-47A0-BCBC-D6597BCD1BD7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4672D20E-1660-4E4B-A64E-01234384E349}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{07E79369-0A19-4983-9167-388BC22FC3F3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{51EC1637-30A9-46BD-AEC6-F35D78D2D95F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{ADEDF061-5F94-414B-B8EB-C7350A69AF63}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C74E9FD8-FAA1-4A8E-9688-351C00A34FF3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DA949991-6426-4C6D-858B-746A68CAEE9C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.221.1104.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8F024B21-0257-4FA6-B95F-EADBFC60DD78}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.60\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{60B20845-7625-43DB-86F6-5DFA5B75D4C3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{623F3A21-87BA-4246-BF66-77A6A217B1E0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{12CADB87-E52D-420F-ABDB-CBC345FACABA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C0FED924-FEDC-4159-8C92-88B49C2C7231}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
10-10-2023 12:12:35 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/11/2023 07:24:50 AM) (Source: ServiceShell.exe) (EventID: 0) (User: )
Description: [23-10-11 07:24:50] {ServiceShell.Program->FATAL} Failed to Secure the service root folder
System.Exception: Failed to Secure the service root folder
at ServiceShell.Program.Main()
Error: (10/11/2023 07:24:50 AM) (Source: ServiceShell.exe) (EventID: 0) (User: )
Description: [23-10-11 07:24:50] {ServiceShell.Program->ERROR} Failed to secure the directory tree C:\ProgramData\Dell\UpdateService
Error: (10/11/2023 07:24:50 AM) (Source: ServiceShell.exe) (EventID: 0) (User: )
Description: [23-10-11 07:24:50] {ServiceShell.Program->ERROR} Error while setting ACL for C:\ProgramData\Dell\UpdateService\Clients: System.ArgumentOutOfRangeException: The value '1610809791' is not valid for this usage of the type FileSystemRights.
Parameter name: fileSystemRights
at System.Security.AccessControl.FileSystemAccessRule.AccessMaskFromRights(FileSystemRights fileSystemRights, AccessControlType controlType)
at System.Security.AccessControl.FileSystemSecurity.RemoveAccessRule(FileSystemAccessRule rule)
at ServiceShell.Configuration.SecureFileUtility.ModifyDirectorySecurity(DirectorySecurity directorySecurity, Boolean isRoot, Boolean takeOwnership, ILog logger)
at ServiceShell.Configuration.SecureFileUtility.SecureDirectoryTree(DirectoryInfo dirInfo, Boolean isRoot, Boolean takeOwnership, ILog logger, Boolean isRecursiveCall)
Error: (10/11/2023 07:22:48 AM) (Source: OVRServiceLauncher) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/11/2023 01:03:31 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows cannot load the extensible counter DLL "C:\Windows\Microsoft.NET\Framework64\v2.0.50727\aspnet_perf.dll" (Win32 error code 126).
Error: (10/11/2023 01:03:31 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows cannot load the extensible counter DLL "C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_perf.dll" (Win32 error code 126).
Error: (10/10/2023 08:48:21 PM) (Source: ServiceShell.exe) (EventID: 0) (User: )
Description: [23-10-10 20:48:21] {ServiceShell.Program->FATAL} Failed to Secure the service root folder
System.Exception: Failed to Secure the service root folder
at ServiceShell.Program.Main()
Error: (10/10/2023 08:48:21 PM) (Source: ServiceShell.exe) (EventID: 0) (User: )
Description: [23-10-10 20:48:21] {ServiceShell.Program->ERROR} Failed to secure the directory tree C:\ProgramData\Dell\UpdateService
System errors:
=============
Error: (10/11/2023 07:24:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dell Client Management Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (10/11/2023 07:24:50 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (60000 milliseconds) while waiting for the Dell Client Management Service service to connect.
Error: (10/11/2023 07:22:41 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 5:26:12 AM on 10/11/2023 was unexpected.
Error: (10/10/2023 08:48:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dell Client Management Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (10/10/2023 08:48:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (60000 milliseconds) while waiting for the Dell Client Management Service service to connect.
Error: (10/10/2023 08:46:12 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:18:42 PM on 10/10/2023 was unexpected.
Error: (10/10/2023 05:00:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dell Client Management Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (10/10/2023 05:00:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (60000 milliseconds) while waiting for the Dell Client Management Service service to connect.
Windows Defender:
================
Date: 2023-10-08 01:23:57
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-10-07 01:23:56
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-10-06 02:11:17
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Full Scan
Date: 2023-10-06 02:11:17
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: PUADlManager:Win32/InstallCore
Severity: Low
Category: Potentially Unwanted Software
Path: file:_C:\Program Files (x86)\Kingo ROOT\FlashCore\FlashCore.dll; file:_C:\Program Files (x86)\Kingo ROOT\tools\7z.dll; file:_C:\Program Files (x86)\Kingo ROOT\tools\cyggcc_s-1.dll
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: User
Process Name: Unknown
Security intelligence Version: AV: 1.399.121.0, AS: 1.399.121.0, NIS: 1.399.121.0
Engine Version: AM: 1.1.23090.2007, NIS: 1.1.23090.2007
Date: 2023-10-06 00:27:51
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:
Date: 2022-01-03 21:48:33
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.3163.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x80240022
Error description: The program can't check for definition updates.
Date: 2022-01-03 21:48:33
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.3163.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x80240022
Error description: The program can't check for definition updates.
Date: 2020-12-20 15:24:17
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.329.739.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17700.4
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
CodeIntegrity:
===============
Date: 2023-10-11 11:47:08
Description:
Code Integrity determined that a process (\Device\HarddiskVolume10\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume10\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2023-10-11 11:47:07
Description:
Code Integrity determined that a process (\Device\HarddiskVolume10\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume10\Program Files\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 1.4.1 10/14/2020
Motherboard: Dell Inc. 07PR60
Processor: AMD Ryzen 7 1700 Eight-Core Processor
Percentage of memory in use: 48%
Total physical RAM: 16277.09 MB
Available physical RAM: 8315.95 MB
Total Virtual: 18709.09 MB
Available Virtual: 5853.29 MB
==================== Drives ================================
Drive c: (SSD) (Fixed) (Total:465.75 GB) (Free:79.08 GB) (Model: Samsung SSD 970 EVO Plus 500GB) NTFS
Drive d: (ACER) (Fixed) (Total:143.2 GB) (Free:123.61 GB) (Model: ST9160310AS) NTFS
Drive e: (OS) (Fixed) (Total:917.7 GB) (Free:608.98 GB) (Model: ST1000DM010-2EP102) NTFS
\\?\Volume{76b20d4f-e6b5-4c1c-bcc2-d80116795727}\ () (Fixed) (Total:0.52 GB) (Free:0.07 GB) NTFS
\\?\Volume{7e28cbf5-b120-4edf-9217-c5c74afddfbd}\ (Image) (Fixed) (Total:11.57 GB) (Free:0.2 GB) NTFS
\\?\Volume{9675333f-cf56-4005-8326-13e203270a1c}\ (DELLSUPPORT) (Fixed) (Total:1.11 GB) (Free:0.49 GB) NTFS
\\?\Volume{d015ab3f-52fa-4854-846e-0a6a4ddb0b74}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.4 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: 11A8BA38)
Partition 1: (Not Active) - (Size=5.9 GB) - (Type=12)
Partition 2: (Active) - (Size=143.2 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: A3C6A3A8)
Partition: GPT.
==========================================================
Disk: 2 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Sign In
Create Account
