This topic is locked
Windows10 home 64 bit
Computer extremely slow. Pages in chrome take forever to load or respond.
Moving from tab to tab in chrome also takes a long time, and the loading circle comes up for more than a minute. sometimes get a black chrome screen. if I click on a youtube link for example, video takes a long time to load, not an internet problem but a chrome or OS/virus problem.
Moving from one software to another takes a long time. Recently downloaded and installed game could be source of virus. I have uninstalled game and other programs been slow since.
defenders keeps showing: pua:win32/asktoolbar
Pls help, thx!!
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-12-2023
Ran by karakas (administrator) on DESKTOP-8ID5J9T (Acer Aspire TC-710) (06-12-2023 08:25:19)
Running from C:\Users\karakas\Desktop\FRST64.exe
Loaded Profiles: karakas
Platform: Microsoft Windows 10 Home Version 22H2 19045.3693 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files (x86)\Acer\Acer Drive\AcerDriveTray.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Acer Drive\AcerDriveUI.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <20>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\karakas\AppData\Local\Microsoft\OneDrive\23.226.1031.0003\Microsoft.SharePoint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Foxit Software Incorporated -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitConnectedPDFService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordUpdater\NordUpdateService.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Acer Drive\AcerDriveTray.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21752.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21752.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21752.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\karakas\AppData\Local\Microsoft\OneDrive\23.226.1031.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2310.8.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16418560 2017-03-22] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [738936 2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-1880840183-2522925994-863313883-1001\...\Run: [Zoom] => [X]
HKU\S-1-5-21-1880840183-2522925994-863313883-1001\...\Run: [MicrosoftEdgeAutoLaunch_8B6B36A51FDD9942B0BDEE33C0F85C3E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [3896768 2023-11-28] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1880840183-2522925994-863313883-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [263256 2023-09-25] (nordvpn s.a. -> nordvpn S.A.)
HKU\S-1-5-21-1880840183-2522925994-863313883-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\karakas\AppData\Local\Microsoft\Teams\Update.exe [2588520 2023-09-05] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1880840183-2522925994-863313883-1001\...\Policies\Explorer: [DisallowCpl] 1
HKU\S-1-5-21-1880840183-2522925994-863313883-1001\...\MountPoints2: {6634c3aa-f170-11ec-9ed8-08d40c635faf} - "D:\WD SmartWare.exe" autoplay=true
HKLM\...\Windows x64\Print Processors\BJ Print Processor3: C:\Windows\System32\spool\prtprocs\x64\CNBPP3.DLL [83968 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\BJ Language Monitor3_2: C:\WINDOWS\system32\CNBLM3_2.DLL [211456 2009-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\EPSON Stylus Photo RX580 Series 64MonitorBA: C:\WINDOWS\system32\E_ILMBPA.DLL [108032 2007-12-07] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\119.0.6045.200\Installer\chrmstp.exe [2023-11-30] (Google LLC -> Google LLC)
Startup: C:\Users\karakas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2023-05-15]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy-Firefox-x32: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {AE9BD731-6303-410F-B03B-9627E90E1568} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {CD0ADC46-47D6-4774-B015-E1BFE02DC827} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [1769312 2017-09-28] (Acer Incorporated -> )
Task: {6AC1DEB2-2B42-4C76-B7DB-5B7EE575E321} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2018-05-28] (Acer Incorporated -> )
Task: {837718D0-6BCE-4E65-A298-15DA87587329} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [40288 2015-07-10] (Acer Incorporated -> )
Task: {E9580651-3556-4C9A-9092-BF1A5BB3928C} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4696880 2018-05-28] (Acer Incorporated -> )
Task: {5463DF05-0E05-4FD8-9957-F2C1619C03FD} - System32\Tasks\AcerDriveProxyLauncher => C:\Program Files (x86)\Acer\Acer Drive\AcerDriveProxy.exe [2290016 2015-09-30] (Acer Incorporated -> Acer Incorporated)
Task: {B2B8F184-B0B2-48EE-8BBF-31D335878E08} - System32\Tasks\AcerDriveTrayLauncher => C:\Program Files (x86)\Acer\Acer Drive\AcerDriveTray.exe [598880 2015-09-30] (Acer Incorporated -> Acer Incorporated)
Task: {E3374CC1-4996-4843-A850-902265C1B8BC} - System32\Tasks\AcerDriveUpdateChecker => C:\Program Files (x86)\Acer\Acer Drive\CheckUpdate.exe [24416 2015-08-05] (Acer Incorporated -> Acer Incorporated)
Task: {39D48088-4082-41BA-B7C5-30B6D3BC5A29} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {27366E41-74DE-4BDC-8148-F74F473917A1} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_151_pepper.exe [1281024 2017-09-07] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {E7BD4E4F-A6E1-4CCE-92E9-01108211C9A9} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65824 2017-09-26] (Acer Incorporated -> Acer Incorporated)
Task: {FA2B11B5-3F7A-4888-84E6-60623353EB5B} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [30976 2015-05-13] (Acer Incorporated -> )
Task: {7DD2F012-EB25-407E-B920-B80907B89D5B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-09] (Google LLC -> Google LLC)
Task: {91B66BFE-20BF-4292-8902-4AC1791B90D7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-09] (Google LLC -> Google LLC)
Task: {E4D17F79-A08D-4215-A436-011395244421} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3C23B727-CF52-4434-8F6A-6385A38E9FB6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {58DF8BBB-2396-4480-8887-B94406D26817} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {21F2B7DC-B7D4-4008-94FA-CB554A0D46C2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {84D23F7D-4239-4982-A34F-0396F76391F0} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache => {07369A67-07A6-4608-ABEA-379491CB7C46} C:\Windows\System32\UpdatePolicy.dll [251904 2023-11-15] (Microsoft Windows -> Microsoft Corporation)
Task: {0414E387-E2BF-47C2-A4F0-4802B32C0539} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [696304 2021-05-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {16A0AA89-FBA5-4398-A3B0-DE77F5F443C9} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [379232 2015-07-17] (Acer Incorporated -> Acer Incorporated)
Task: {CF89C499-6DD1-4ABC-A8D4-C5A07BB4D41E} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472928 2015-07-10] (Acer Incorporated -> Acer Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{26ee6f90-3278-42b1-9877-54b81bdb78da}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{486657a2-4b8f-46dc-ba15-ddc9d9f2b981}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a26cefaa-f6ff-448f-9018-4ef6bcfb773d}: [DhcpNameServer] 45.44.103.26 45.44.103.27
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\karakas\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-04]
Edge Extension: (Google Docs Offline) - C:\Users\karakas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-17]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\karakas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-12-04]
Edge Extension: (Edge relevant text changes) - C:\Users\karakas\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-30]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 1wh4cpt7.default
FF ProfilePath: C:\Users\karakas\AppData\Roaming\Mozilla\Firefox\Profiles\1wh4cpt7.default [2022-01-08]
FF Homepage: Mozilla\Firefox\Profiles\1wh4cpt7.default -> www.google.com
FF Extension: (Avira Browser Safety) - C:\Users\karakas\AppData\Roaming\Mozilla\Firefox\Profiles\1wh4cpt7.default\Extensions\[email protected] [2018-01-10] [UpdateUrl:hxxps://download.avira.com/package/abs/firefox/update-webext.rdf]
FF Extension: (Dashlane) - C:\Users\karakas\AppData\Roaming\Mozilla\Firefox\Profiles\1wh4cpt7.default\Extensions\[email protected] [2021-05-24] [UpdateUrl:hxxps://ws1.dashlane.com/5/binaries/query?logins=&platform=firefox&target=ff_web_extension&format=json&version=]
FF Extension: (English (US) Language Pack) - C:\Users\karakas\AppData\Roaming\Mozilla\Firefox\Profiles\1wh4cpt7.default\Extensions\[email protected] [2021-05-24]
FF Extension: (Avira Password Manager) - C:\Users\karakas\AppData\Roaming\Mozilla\Firefox\Profiles\1wh4cpt7.default\Extensions\[email protected] [2018-03-19] [UpdateUrl:hxxps://s3.eu-central-1.amazonaws.com/avira-pwm-extensions/update.rdf]
FF Extension: (Avira SafeSearch Plus) - C:\Users\karakas\AppData\Roaming\Mozilla\Firefox\Profiles\1wh4cpt7.default\Extensions\[email protected] [2018-04-18] [UpdateUrl:hxxps://package.avira.com/package/safesearch/firefox/update-plus2.rdf]
FF Extension: (Acer Locale Fix) - C:\Users\karakas\AppData\Roaming\Mozilla\Firefox\Profiles\1wh4cpt7.default\features\{9917c7b2-023d-4dcd-b634-a2a6730e6935}\[email protected] [2018-05-08] [Legacy]
FF Extension: (English (US) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\[email protected] [2021-05-24] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi [2016-11-14] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Plugin: @java.com/DTPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.371.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-03-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-11-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT PHANTOMPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-11-09] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT PHANTOMPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-11-09] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT PHANTOMPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-11-09] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT PHANTOMPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-11-09] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @scout.avira-update.com/Avira Scout Update;version=3 -> C:\Program Files (x86)\Avira\Scout Update\1.3.32.7\npScoutUpdate3.dll [2017-05-10] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FF Plugin-x32: @scout.avira-update.com/Avira Scout Update;version=9 -> C:\Program Files (x86)\Avira\Scout Update\1.3.32.7\npScoutUpdate3.dll [2017-05-10] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\karakas\AppData\Local\Google\Chrome\User Data\Default [2023-12-06]
CHR DownloadDir: C:\Users\karakas\Downloads
CHR Notifications: Default -> hxxps://teams.microsoft.com
CHR Extension: (Google Docs Offline) - C:\Users\karakas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\karakas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Profile: C:\Users\karakas\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-05-09]
CHR Profile: C:\Users\karakas\AppData\Local\Google\Chrome\User Data\Profile 5 [2023-03-03]
CHR Extension: (Foxit PDF Creator) - C:\Users\karakas\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\cifnddnffldieaamihfkhkdgnbhfmaci [2023-03-03]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\karakas\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-03-03]
CHR Extension: (NordVPN - VPN Proxy for Privacy and Security) - C:\Users\karakas\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2023-03-03]
CHR Extension: (Google Docs Offline) - C:\Users\karakas\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-13]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\karakas\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-03-03]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\karakas\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2022-02-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\karakas\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-13]
CHR Profile: C:\Users\karakas\AppData\Local\Google\Chrome\User Data\Profile 6 [2023-03-20]
CHR Extension: (Foxit PDF Creator) - C:\Users\karakas\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\cifnddnffldieaamihfkhkdgnbhfmaci [2023-03-20]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\karakas\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-03-20]
CHR Extension: (Google Docs Offline) - C:\Users\karakas\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-20]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\karakas\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-03-20]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\karakas\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2022-03-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\karakas\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-11]
CHR Profile: C:\Users\karakas\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-23]
CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2016-11-10]
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
CHR HKU\S-1-5-21-1880840183-2522925994-863313883-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2016-11-10]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fjoaledfpmneenckfbpdfhkmimnjocfa]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
Opera:
=======
OPR Profile: C:\Users\karakas\AppData\Roaming\Opera Software\Opera Stable [2020-05-20]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
S4 AMInstantService; C:\Program Files (x86)\GameHouse Games\aminstantservice.exe [2122432 2022-12-13] (GameHouse Europe B.V. -> GameHouse)
R2 FoxitPhantomService; C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitConnectedPDFService.exe [1659592 2016-11-15] (Foxit Software Incorporated -> Foxit Software Inc.)
S4 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-07-06] (Intel Corporation) [File not signed]
S4 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-07-06] () [File not signed]
S4 IsAppService; C:\Program Files (x86)\Iskysoft\IAF\2.4.3.241\IsAppService.exe [495240 2018-07-26] (Shenzhen Yi Xing Investment Co., Ltd. -> Iskysoft)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9343840 2023-11-09] (Malwarebytes Inc. -> Malwarebytes)
S3 nordsec-threatprotection-service; C:\Program Files\NordVPN\NordSec ThreatProtection\nordsec-threatprotection-service.exe [320088 2023-09-25] (nordvpn s.a. -> nordvpn S.A.)
R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2022-11-21] (nordvpn s.a. -> nordvpn S.A.)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [263256 2023-09-25] (nordvpn s.a. -> nordvpn S.A.)
S4 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-17] (Acer Incorporated -> Acer Incorporated)
S2 secureboot; C:\ProgramData\WindowsPowerShell\Modules\SecureBoot\secureboot.exe [699259556 2023-11-16] () [File not signed]
S4 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-26] (Acer Incorporated -> acer)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-06] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2021-09-14] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [154112 2021-10-12] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222800 2023-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-04-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-08-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl9342eb5a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{37D19BBB-FA0E-4994-8586-7CE1735D9D0F}\MpKslDrv.sys [263560 2023-12-05] (Microsoft Windows -> Microsoft Corporation)
R2 NDivert; C:\Program Files\NordVPN\7.15.6.0\Drivers\NDivert.sys [131472 2023-05-24] (nordvpn s.a. -> Nordvpn S.A.)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [44928 2022-02-22] (nordvpn s.a. -> TEFINCOM S.A.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
S3 RimVSerPort; C:\WINDOWS\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Research in Motion Ltd)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24064 2021-01-31] (Microsoft Corporation) [File not signed]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55744 2023-11-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [578856 2023-11-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-06] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29592 2022-03-10] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2023-02-22] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-12-06 08:25 - 2023-12-06 08:38 - 000029139 _____ C:\Users\karakas\Desktop\FRST.txt
2023-12-06 08:20 - 2023-12-06 08:21 - 000136153 _____ C:\Users\karakas\AppData\Local\Temp\d379a597-9795-432b-9d5f-2a0763603535.tmp
2023-12-06 08:19 - 2023-12-06 08:22 - 000011408 _____ C:\Users\karakas\Downloads\RPG0046167.xlsx
2023-12-06 08:19 - 2023-12-06 08:20 - 006573004 _____ C:\Users\karakas\AppData\Local\Temp\21d734da-2ccf-41b2-b0cc-f1af4c8b2d1a.tmp
2023-12-06 08:18 - 2023-12-06 08:49 - 000322002 _____ C:\Users\karakas\AppData\Local\Temp\c07d3873-052b-4855-80e2-c9285a9824aa.tmp
2023-12-06 08:18 - 2023-12-06 08:22 - 000670570 _____ C:\Users\karakas\AppData\Local\Temp\8f5985b2-1f09-4e4f-b23c-2169819cad8a.tmp
2023-12-06 08:18 - 2023-12-06 08:19 - 000042509 _____ C:\Users\karakas\AppData\Local\Temp\a6a5ec79-4204-454c-b603-1406a39e16e8.tmp
2023-12-06 08:18 - 2023-12-06 08:19 - 000003121 _____ C:\Users\karakas\AppData\Local\Temp\003c5110-e5c9-4868-9516-5e800dcc5def.tmp
2023-12-06 08:17 - 2023-12-06 08:20 - 011140044 _____ C:\Users\karakas\AppData\Local\Temp\5e7620b5-0037-4b57-9a25-46ba0ebd3fc1.tmp
2023-12-06 08:17 - 2023-12-06 08:19 - 004403445 _____ C:\Users\karakas\AppData\Local\Temp\d5ebbeae-ff93-475d-ac34-c7ecd97fe42f.tmp
2023-12-06 07:55 - 2023-12-06 07:55 - 000000000 ____D C:\Users\karakas\AppData\Local\Temp\chrome_BITS_291492_191161906
2023-12-06 07:55 - 2023-12-06 07:55 - 000000000 ____D C:\Users\karakas\AppData\Local\Temp\chrome_BITS_291492_1608206140
2023-12-05 17:40 - 2023-12-05 17:40 - 000075809 _____ C:\Users\karakas\AppData\Local\Temp\wctC68F.tmp
2023-12-05 17:40 - 2023-12-05 17:40 - 000075809 _____ C:\Users\karakas\AppData\Local\Temp\wct78CD.tmp
2023-12-05 17:05 - 2023-12-05 17:05 - 000075809 _____ C:\Users\karakas\AppData\Local\Temp\wctA675.tmp
2023-12-05 16:35 - 2023-12-05 17:25 - 008137031 _____ C:\Users\karakas\AppData\Local\Temp\SAU{06~1.zmdownload
2023-12-05 16:35 - 2023-12-05 16:35 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\SAU{C74980C0-F278-42E3-BAD3-C336E824FAE0}
2023-12-05 16:35 - 2023-12-05 16:35 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\SAU{06C10877-9ABD-418D-8616-096A03D505A9}
2023-12-05 16:31 - 2023-12-05 16:33 - 000137024 _____ (Zoom Video Communications, Inc.) C:\Users\karakas\Downloads\Zoom_cm_f5beMkykfw4Z9vvrZo4_m6j+S7bZR6dpsDv2HF+rOn7RcQA4pat+dcVeT@ZQEFHFVM0mADnY6g_kf85b995e6a56650d_.exe
2023-12-05 16:24 - 2023-12-05 16:36 - 000000000 ____D C:\Users\karakas\AppData\Local\Temp\chrome_BITS_77960_350350272
2023-12-05 15:10 - 2023-12-05 15:10 - 000075809 _____ C:\Users\karakas\AppData\Local\Temp\wct5538.tmp
2023-12-05 13:07 - 2023-12-05 13:07 - 000000000 ____D C:\Users\karakas\Desktop\FRST-OlderVersion
2023-12-05 13:04 - 2023-12-05 13:07 - 002384384 _____ (Farbar) C:\Users\karakas\Desktop\FRST64.exe
2023-12-05 01:17 - 2023-12-05 01:17 - 000000000 ____D C:\Users\karakas\AppData\Local\Temp\chrome_BITS_20300_584129327
2023-12-04 18:10 - 2023-12-04 18:10 - 000075804 _____ C:\Users\karakas\AppData\Local\Temp\wctB0B3.tmp
2023-12-04 18:10 - 2023-12-04 18:10 - 000075804 _____ C:\Users\karakas\AppData\Local\Temp\wct8629.tmp
2023-12-04 17:05 - 2023-12-04 17:05 - 000075804 _____ C:\Users\karakas\AppData\Local\Temp\wctA159.tmp
2023-12-04 16:57 - 2023-12-04 16:57 - 000000000 ____D C:\Users\karakas\AppData\Local\Temp\chrome_BITS_11252_98203128
2023-12-04 15:10 - 2023-12-04 15:10 - 000075804 _____ C:\Users\karakas\AppData\Local\Temp\wctFCEB.tmp
2023-12-04 14:24 - 2023-12-04 14:24 - 000000000 ____D C:\Users\karakas\AppData\Local\Temp\edge_BITS_45960_1836659051
2023-12-04 13:24 - 2023-12-04 13:24 - 000000000 ____D C:\Users\karakas\AppData\Local\Temp\edge_BITS_33116_599184502
2023-12-04 13:08 - 2023-12-04 13:08 - 000000000 ____D C:\Users\karakas\AppData\Local\Temp\msedge_url_fetcher_17820_65457970
2023-12-04 13:08 - 2023-12-04 13:08 - 000000000 ____D C:\Users\karakas\AppData\Local\Temp\edge_BITS_17820_411718540
2023-12-04 13:08 - 2023-12-04 13:08 - 000000000 ____D C:\Users\karakas\AppData\Local\Temp\edge_BITS_17820_1850698785
2023-12-04 11:44 - 2023-12-04 11:44 - 001598243 _____ C:\Users\karakas\AppData\Local\Temp\36839647-1a53-4d73-a11f-8cd14200c971.tmp
2023-12-04 11:44 - 2023-12-04 11:44 - 000308390 _____ C:\Users\karakas\AppData\Local\Temp\15145b09-eebb-43b9-99a4-85b95ccf3f1b.tmp
2023-12-04 11:44 - 2023-12-04 11:44 - 000039828 _____ C:\Users\karakas\AppData\Local\Temp\c63f9dd3-b3f7-4fa3-b967-d458c3aefb19.tmp
2023-12-04 11:44 - 2023-12-04 11:44 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\5af01d76-c49f-4068-8f9e-4b51cd4b5acb.tmp
2023-12-04 11:43 - 2023-12-04 11:43 - 000024548 _____ C:\Users\karakas\AppData\Local\Temp\19d08cc3-a343-4fa7-96dd-cd41f3bf11a6.tmp
2023-12-04 11:43 - 2023-12-04 11:43 - 000013270 _____ C:\Users\karakas\AppData\Local\Temp\a9dc7294-f8c7-4ce4-879a-348b4051030b.tmp
2023-12-04 11:43 - 2023-12-04 11:43 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\f9dcc848-14c3-4bc7-af0f-08bfc8b0e6a0.tmp
2023-12-04 11:43 - 2023-12-04 11:43 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\b7b754c0-b58a-479d-849e-3a18b6409106.tmp
2023-12-04 11:43 - 2023-12-04 11:43 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\b54d8b25-20e6-4dbd-9084-085e02b03caf.tmp
2023-12-04 11:43 - 2023-12-04 11:43 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\a8d4a1a0-f096-4e6e-9f92-2aaa97cf40a0.tmp
2023-12-04 11:43 - 2023-12-04 11:43 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\a42ecf6a-a850-4a05-8c67-9b5f067e5403.tmp
2023-12-04 11:43 - 2023-12-04 11:43 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\8a8d8955-1047-4a94-aa87-7aa21e143bed.tmp
2023-12-04 11:43 - 2023-12-04 11:43 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\6489d903-bb5f-4856-9103-433b96b20290.tmp
2023-12-04 11:43 - 2023-12-04 11:43 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\3bebf599-9398-48fb-a7d8-ae7743c7ed6f.tmp
2023-12-04 11:42 - 2023-12-04 11:42 - 004003313 _____ C:\Users\karakas\AppData\Local\Temp\69f3ede0-69a4-47c7-9847-75aa2137a884.tmp
2023-12-04 11:42 - 2023-12-04 11:42 - 002882536 _____ C:\Users\karakas\AppData\Local\Temp\f81b00c1-6fb1-4d73-af49-6c0ea16dee10.tmp
2023-12-04 11:42 - 2023-12-04 11:42 - 000464817 _____ C:\Users\karakas\AppData\Local\Temp\13e7e8d7-ffff-4bbb-a2db-f088fbf835a3.tmp
2023-12-04 11:39 - 2023-12-04 11:39 - 000097181 _____ C:\Users\karakas\AppData\Local\Temp\7cfed7f8-bbef-434e-9eb3-8f5c32d0136f.tmp
2023-12-04 11:39 - 2023-12-04 11:39 - 000003231 _____ C:\Users\karakas\AppData\Local\Temp\39e8412c-2049-4fd6-b36d-c0653ff1c624.tmp
2023-12-04 11:36 - 2023-12-04 11:36 - 008585393 _____ C:\Users\karakas\AppData\Local\Temp\71298200-d24e-44f7-ab97-9033da767943.tmp
2023-12-04 11:36 - 2023-12-04 11:36 - 002213059 _____ C:\Users\karakas\AppData\Local\Temp\f0897007-68fc-4648-af42-c0b29acbee92.tmp
2023-12-04 11:36 - 2023-12-04 11:36 - 002101697 _____ C:\Users\karakas\AppData\Local\Temp\fdc20711-a8b2-4915-b10f-9026529e7dac.tmp
2023-12-04 11:35 - 2023-12-04 11:35 - 002339664 _____ C:\Users\karakas\AppData\Local\Temp\d3f8e28f-4287-4825-bc5d-a0485abc25a7.tmp
2023-12-04 11:29 - 2023-12-04 11:29 - 000129346 _____ C:\Users\karakas\AppData\Local\Temp\24f93041-f316-4965-b585-474177530dcf.tmp
2023-12-04 11:29 - 2023-12-04 11:29 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\5afd7761-9557-446d-b03a-293931849452.tmp
2023-12-04 11:29 - 2023-12-04 11:29 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\405e364a-5e0a-40ac-8828-c46f42802cbb.tmp
2023-12-04 11:28 - 2023-12-04 11:28 - 003418312 _____ C:\Users\karakas\AppData\Local\Temp\472b5782-3074-461e-98c2-99ae0c426906.tmp
2023-12-04 11:11 - 2023-12-04 11:11 - 004792503 _____ C:\Users\karakas\AppData\Local\Temp\50a5bcf3-8d53-4ebf-9a86-9d48027726e3.tmp
2023-12-04 11:11 - 2023-12-04 11:11 - 000959306 _____ C:\Users\karakas\AppData\Local\Temp\92afc27a-040f-4323-a9c0-b015e4ab154b.tmp
2023-12-04 10:51 - 2023-12-04 10:51 - 000000000 ____D C:\Users\karakas\AppData\Local\Temp\chrome_BITS_14736_1130276990
2023-12-04 09:59 - 2023-12-04 09:59 - 000000512 ____T C:\Users\karakas\AppData\Local\Temp\~DF713AE05DAD4D44A1.TMP
2023-12-04 09:47 - 2023-12-04 09:47 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\fox1AFE.tmp
2023-12-04 09:47 - 2023-12-04 09:47 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\fox1ABF.tmp
2023-12-04 08:08 - 2023-12-04 11:06 - 004605884 _____ C:\Users\karakas\AppData\Local\Temp\9eb1ba00-3b1f-4d51-bc19-b73ac9a4b847.tmp
2023-12-04 08:08 - 2023-12-04 08:08 - 000044488 _____ C:\Users\karakas\AppData\Local\Temp\24164724-f27e-4717-a795-244b82b1c7e0.tmp
2023-12-04 07:34 - 2023-12-04 07:34 - 011612553 _____ C:\Users\karakas\AppData\Local\Temp\bfd05f8b-5660-490c-af35-83b9c96bdcd0.tmp
2023-12-03 20:20 - 2023-12-03 20:20 - 003346757 _____ C:\Users\karakas\AppData\Local\Temp\6f3e7235-23d3-4122-9d7c-a240ebd29d13.tmp
2023-12-03 20:20 - 2023-12-03 20:20 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\99bde4e8-91e7-40d2-8b85-e45b033d04c3.tmp
2023-12-03 20:02 - 2023-12-03 20:02 - 000000512 ____T C:\Users\karakas\AppData\Local\Temp\~DFFCC3DA4F1EB5C860.TMP
2023-12-03 20:01 - 2023-12-03 20:01 - 000000134 _____ C:\Users\karakas\AppData\Local\Temp\2324406.od
2023-12-03 20:01 - 2023-12-03 20:01 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\CVR77B6.tmp.cvr
2023-12-03 19:50 - 2023-12-03 19:50 - 001677962 _____ C:\Users\karakas\AppData\Local\Temp\dd9d1328-dd15-450b-a648-96bfc501afa0.tmp
2023-12-03 19:50 - 2023-12-03 19:50 - 001031387 _____ C:\Users\karakas\AppData\Local\Temp\a15f38d6-43f9-4289-9233-e73bb9fe237e.tmp
2023-12-03 19:21 - 2023-12-03 19:21 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\f69772c3-e6b6-4d7e-ac2b-c467402b6130.tmp
2023-12-03 19:19 - 2023-12-03 19:19 - 000097181 _____ C:\Users\karakas\AppData\Local\Temp\20d7cff9-8bd7-4769-86e1-759e97525b38.tmp
2023-12-03 19:19 - 2023-12-03 19:19 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\683335be-dc85-47ae-b583-1788689075f0.tmp
2023-12-03 19:11 - 2023-12-03 19:11 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\dfe4a060-d2fe-4716-814e-965dea973cda.tmp
2023-12-03 19:10 - 2023-12-03 19:10 - 000161831 _____ C:\Users\karakas\AppData\Local\Temp\0143f148-2af8-46d7-b7ad-d7939135ae16.tmp
2023-12-03 19:06 - 2023-12-03 19:06 - 000073621 _____ C:\Users\karakas\AppData\Local\Temp\5d4dd8cc-78c8-492a-b969-a6c54381cc8f.tmp
2023-12-03 18:59 - 2023-12-03 18:59 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\a5937bd9-790d-4e47-89d6-99288e780264.tmp
2023-12-03 18:59 - 2023-12-03 18:59 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\53e2f194-ff9e-4110-bcfe-62d256ad4512.tmp
2023-12-03 18:59 - 2023-12-03 18:59 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\0f99bc5a-1186-4dbe-aa41-120978a24646.tmp
2023-12-03 18:57 - 2023-12-03 18:57 - 012704306 _____ C:\Users\karakas\AppData\Local\Temp\0808dc92-1390-42e8-8bd0-96f097a31fde.tmp
2023-12-03 18:57 - 2023-12-03 18:57 - 002410682 _____ C:\Users\karakas\AppData\Local\Temp\7a9c9226-4174-4629-b825-681adafdbd69.tmp
2023-12-03 18:57 - 2023-12-03 18:57 - 001430276 _____ C:\Users\karakas\AppData\Local\Temp\f946dfb3-2a1c-4a0a-b59f-9e2381beb8cf.tmp
2023-12-03 18:57 - 2023-12-03 18:57 - 000865335 _____ C:\Users\karakas\AppData\Local\Temp\be991eb8-2dbd-4664-8c34-8f6d15e923ca.tmp
2023-12-03 18:57 - 2023-12-03 18:57 - 000314223 _____ C:\Users\karakas\AppData\Local\Temp\67415adb-3629-470c-a981-6a13394c62e5.tmp
2023-12-03 18:57 - 2023-12-03 18:57 - 000201841 _____ C:\Users\karakas\AppData\Local\Temp\55998f1d-9ef5-4899-8474-a277c0e466e5.tmp
2023-12-03 18:57 - 2023-12-03 18:57 - 000013270 _____ C:\Users\karakas\AppData\Local\Temp\787df443-8557-4b37-be2d-04a2be88a0fd.tmp
2023-12-03 18:57 - 2023-12-03 18:57 - 000004048 _____ C:\Users\karakas\AppData\Local\Temp\c52a1045-5444-430c-8aec-f87ff407a4d4.tmp
2023-12-03 18:57 - 2023-12-03 18:57 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\fda37caf-caca-45d5-a234-928aa7968447.tmp
2023-12-03 18:57 - 2023-12-03 18:57 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\fb9c5934-49d0-4f03-bcea-969f86269a9d.tmp
2023-12-03 18:57 - 2023-12-03 18:57 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\8b33c08b-d22b-4e35-b915-6470d31f1159.tmp
2023-12-03 18:57 - 2023-12-03 18:57 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\243ae047-6e22-406d-b9a8-cacd29e6d977.tmp
2023-12-03 18:55 - 2023-12-03 18:55 - 009351781 _____ C:\Users\karakas\AppData\Local\Temp\78f936d9-0554-4486-8a07-f8c74d8f0a35.tmp
2023-12-03 18:55 - 2023-12-03 18:55 - 000358821 _____ C:\Users\karakas\AppData\Local\Temp\70552ec9-eef3-46ab-aab4-2b0d8a006818.tmp
2023-12-03 17:34 - 2023-12-03 17:34 - 010458608 _____ C:\Users\karakas\AppData\Local\Temp\bcf83762-3849-428f-a4e1-687bfbb284ea.tmp
2023-12-03 17:05 - 2023-12-03 17:05 - 000075754 _____ C:\Users\karakas\AppData\Local\Temp\wct8583.tmp
2023-12-03 16:48 - 2023-12-03 16:48 - 010692618 _____ C:\Users\karakas\AppData\Local\Temp\33eceef2-53fe-4026-90d9-7d0138aa3ac0.tmp
2023-12-03 16:10 - 2023-12-03 16:10 - 000075754 _____ C:\Users\karakas\AppData\Local\Temp\wctDEA4.tmp
2023-12-03 16:10 - 2023-12-03 16:10 - 000075754 _____ C:\Users\karakas\AppData\Local\Temp\wctB409.tmp
2023-12-03 16:08 - 2023-12-03 16:08 - 001778365 _____ C:\Users\karakas\AppData\Local\Temp\f7747cfe-7b6a-408a-b1f6-cf026eef976c.tmp
2023-12-03 15:57 - 2023-12-03 15:57 - 000072709 _____ C:\Users\karakas\AppData\Local\Temp\dcfc11c9-de53-4b70-93e3-d0165074ff25.tmp
2023-12-03 15:57 - 2023-12-03 15:57 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\eab40a30-7dfc-4c2b-b9e4-ffdcd9e8353e.tmp
2023-12-03 15:57 - 2023-12-03 15:57 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\5099bfb7-5b60-44f0-b295-762b84d8caec.tmp
2023-12-03 15:57 - 2023-12-03 15:57 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\282e36da-9697-412c-8ec2-d25f5c4b030b.tmp
2023-12-03 15:57 - 2023-12-03 15:57 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\088c69bb-72f1-4768-a6db-eebd68331d20.tmp
2023-12-03 15:55 - 2023-12-03 15:55 - 000340408 _____ C:\Users\karakas\AppData\Local\Temp\9250b3e5-73df-45bb-b27f-0edba0099faf.tmp
2023-12-03 15:49 - 2023-12-03 15:49 - 000055588 _____ C:\Users\karakas\AppData\Local\Temp\0c6629cf-ee3c-41de-bfbe-d79c4615a12a.tmp
2023-12-03 15:47 - 2023-12-03 15:47 - 002525977 _____ C:\Users\karakas\AppData\Local\Temp\d7ece95e-fe6a-447e-8bc3-094219ab4859.tmp
2023-12-03 15:47 - 2023-12-03 15:47 - 001661574 _____ C:\Users\karakas\AppData\Local\Temp\6a110afb-c46c-4810-89c1-87f5d77f9550.tmp
2023-12-03 15:47 - 2023-12-03 15:47 - 000486636 _____ C:\Users\karakas\AppData\Local\Temp\e42f5916-f17f-4d9e-a45c-07c46198c7f8.tmp
2023-12-03 15:47 - 2023-12-03 15:47 - 000461930 _____ C:\Users\karakas\AppData\Local\Temp\b36c944b-46fc-449c-a34c-de1b50397ff3.tmp
2023-12-03 15:47 - 2023-12-03 15:47 - 000035990 _____ C:\Users\karakas\AppData\Local\Temp\6e7c88ec-4b56-460b-8251-12946df7c125.tmp
2023-12-03 15:47 - 2023-12-03 15:47 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\ef51a0f3-63fe-4bd5-996b-6bceb756f5c6.tmp
2023-12-03 15:41 - 2023-12-03 15:41 - 000013270 _____ C:\Users\karakas\AppData\Local\Temp\6ce8b049-2b29-4b0c-93c4-87a555c59e05.tmp
2023-12-03 15:41 - 2023-12-03 15:41 - 000005589 _____ C:\Users\karakas\AppData\Local\Temp\1fc4b4f9-3022-4464-8163-482a60830e50.tmp
2023-12-03 15:41 - 2023-12-03 15:41 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\c05b13c3-b836-46c7-919b-530f00a7266c.tmp
2023-12-03 15:41 - 2023-12-03 15:41 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\8220e0be-4cde-4a68-8414-479e669e8171.tmp
2023-12-03 15:41 - 2023-12-03 15:41 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\60d99e34-8667-48d7-8455-7baaf60241b6.tmp
2023-12-03 15:41 - 2023-12-03 15:41 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\23bea558-ccad-4b57-9b41-e2ecc4817888.tmp
2023-12-03 15:41 - 2023-12-03 15:41 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\0c05ae4f-0c8c-465d-a6f0-7daa6f153bc0.tmp
2023-12-03 15:40 - 2023-12-03 15:40 - 004907402 _____ C:\Users\karakas\AppData\Local\Temp\797e7341-9601-4938-a2dc-13d96a00f90a.tmp
2023-12-03 15:40 - 2023-12-03 15:40 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\37a36344-ee24-4a46-99d8-c4939fa8af03.tmp
2023-12-03 15:40 - 2023-12-03 15:40 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\171ac660-5f5b-4935-a742-56270bffdffa.tmp
2023-12-03 15:11 - 2023-12-03 15:11 - 011023802 _____ C:\Users\karakas\AppData\Local\Temp\846b2720-cbff-4055-bde7-d114457a7952.tmp
2023-12-03 15:10 - 2023-12-03 15:10 - 000075754 _____ C:\Users\karakas\AppData\Local\Temp\wct679.tmp
2023-12-03 12:38 - 2023-12-03 12:39 - 000000000 ____D C:\Users\karakas\AppData\Local\Temp\chrome_BITS_6312_282768741
2023-12-03 08:33 - 2023-12-03 08:33 - 000000512 ____T C:\Users\karakas\AppData\Local\Temp\~DF0C11894869A6E60B.TMP
2023-12-03 08:13 - 2023-12-03 08:13 - 000000134 _____ C:\Users\karakas\AppData\Local\Temp\2385703.od
2023-12-03 08:13 - 2023-12-03 08:13 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\CVR6707.tmp.cvr
2023-12-03 07:37 - 2023-12-03 08:53 - 000412490 _____ C:\Users\karakas\AppData\Local\Temp\e2753a1a-06c8-4788-bb77-2c3a908ae4de.tmp
2023-12-03 00:18 - 2023-12-05 11:29 - 000006830 _____ C:\Users\karakas\AppData\Local\Temp\au-descriptor-1.8.0_391-b13.xml
2023-12-02 19:39 - 2023-12-02 19:39 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\2b8e353f-98d4-4038-bb9b-b659c3cd6910.tmp
2023-12-02 18:40 - 2023-12-02 18:40 - 000270910 _____ C:\Users\karakas\AppData\Local\Temp\0ecdf40a-1fe2-48b2-93ac-a7ee970dd1dd.tmp
2023-12-02 17:05 - 2023-12-02 17:05 - 000075754 _____ C:\Users\karakas\AppData\Local\Temp\wct6680.tmp
2023-12-02 16:39 - 2023-12-02 16:49 - 001497468 _____ C:\WINDOWS\Minidump\120223-55562-01.dmp
2023-12-02 16:00 - 2023-12-02 16:00 - 000075754 _____ C:\Users\karakas\AppData\Local\Temp\wct3713.tmp
2023-12-02 15:10 - 2023-12-02 15:10 - 000075754 _____ C:\Users\karakas\AppData\Local\Temp\wct4BA1.tmp
2023-12-02 07:05 - 2023-12-02 07:05 - 000000000 ____D C:\Users\karakas\AppData\Local\Temp\3E1C3F8A-6529-4BEE-BF56-0999A7C229ED
2023-12-01 17:05 - 2023-12-01 17:05 - 000075754 _____ C:\Users\karakas\AppData\Local\Temp\wctF8C0.tmp
2023-12-01 16:05 - 2023-12-01 16:05 - 000075754 _____ C:\Users\karakas\AppData\Local\Temp\wctC7B9.tmp
2023-12-01 16:00 - 2023-12-01 16:00 - 000075754 _____ C:\Users\karakas\AppData\Local\Temp\wctA491.tmp
2023-12-01 15:10 - 2023-12-01 15:10 - 000075754 _____ C:\Users\karakas\AppData\Local\Temp\wctDACE.tmp
2023-12-01 12:30 - 2023-12-01 12:30 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\fox41CF.tmp
2023-12-01 12:30 - 2023-12-01 12:30 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\fox41CE.tmp
2023-12-01 10:28 - 2023-12-01 10:28 - 000000000 ____D C:\Users\karakas\AppData\Local\Temp\{DD8C1726-C442-4246-834E-6FE33EB62156}
2023-12-01 09:43 - 2023-12-01 09:45 - 000000000 ____D C:\Program Files\Guilty Pleasure
2023-11-30 23:39 - 2023-11-30 23:39 - 000000000 ____D C:\Users\karakas\AppData\Local\Temp\.qBittorrent
2023-11-30 23:32 - 2023-11-30 23:33 - 000143496 _____ C:\Users\karakas\AppData\Local\Temp\Setup Log 2023-11-30 #001.txt
2023-11-30 23:32 - 2023-11-30 23:33 - 000000000 ____D C:\Users\karakas\AppData\Local\Temp\is-JLP2E.tmp
2023-11-30 22:28 - 2023-11-30 22:28 - 003190292 _____ C:\Users\karakas\AppData\Local\Temp\0e793ef9-abf4-4753-9841-0b1a28cd2dd2.tmp
2023-11-30 22:28 - 2023-11-30 22:28 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\a518169f-d5d1-4386-92e2-49abc087baf3.tmp
2023-11-30 18:55 - 2023-11-30 18:55 - 000075754 _____ C:\Users\karakas\AppData\Local\Temp\wct5807.tmp
2023-11-30 18:55 - 2023-11-30 18:55 - 000075754 _____ C:\Users\karakas\AppData\Local\Temp\wct351E.tmp
2023-11-30 17:05 - 2023-11-30 17:05 - 000075754 _____ C:\Users\karakas\AppData\Local\Temp\wct4F9A.tmp
2023-11-30 15:10 - 2023-11-30 15:10 - 000075754 _____ C:\Users\karakas\AppData\Local\Temp\wct18EE.tmp
2023-11-29 22:24 - 2023-11-30 11:19 - 000016253 _____ C:\Users\karakas\Downloads\RPG0046053.xlsx
2023-11-29 17:05 - 2023-11-29 17:05 - 000075754 _____ C:\Users\karakas\AppData\Local\Temp\wctCE88.tmp
2023-11-29 17:05 - 2023-11-29 17:05 - 000075754 _____ C:\Users\karakas\AppData\Local\Temp\wctADB2.tmp
2023-11-29 17:00 - 2023-11-29 17:00 - 000075754 _____ C:\Users\karakas\AppData\Local\Temp\wctD156.tmp
2023-11-29 15:10 - 2023-11-29 15:10 - 000075754 _____ C:\Users\karakas\AppData\Local\Temp\wct82BE.tmp
2023-11-29 12:25 - 2023-11-29 12:25 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\bbd20d6a-9dd3-4c72-a43c-b6d2cc867e43.tmp
2023-11-29 12:25 - 2023-11-29 12:25 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\22faed3a-169a-43d5-9e14-78c0c27c267b.tmp
2023-11-29 11:53 - 2023-11-29 11:53 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\f2734ced-d6a5-4c4d-aa29-b03972cf2d72.tmp
2023-11-29 11:38 - 2023-11-29 11:38 - 000000512 ____T C:\Users\karakas\AppData\Local\Temp\~DFF9788CEAFD46F0D9.TMP
2023-11-29 09:54 - 2023-11-29 09:54 - 014370512 _____ C:\Users\karakas\AppData\Local\Temp\23f5d7c6-b173-4ae0-bbd2-3ef07653f550.tmp
2023-11-29 09:54 - 2023-11-29 09:54 - 000109018 _____ C:\Users\karakas\AppData\Local\Temp\6e2fc62f-e45f-4bfd-b326-dbd8b6f9bff4.tmp
2023-11-29 09:42 - 2023-11-29 09:42 - 000000134 _____ C:\Users\karakas\AppData\Local\Temp\955046.od
2023-11-29 09:42 - 2023-11-29 09:42 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\CVR92A6.tmp.cvr
2023-11-29 09:39 - 2023-11-29 09:39 - 010966905 _____ C:\Users\karakas\AppData\Local\Temp\a1b4b388-4844-44de-af7f-094e257bfd73.tmp
2023-11-29 09:39 - 2023-11-29 09:39 - 009697940 _____ C:\Users\karakas\AppData\Local\Temp\2a957a4a-be3b-4b97-a428-6496df67dab2.tmp
2023-11-29 09:39 - 2023-11-29 09:39 - 002694851 _____ C:\Users\karakas\AppData\Local\Temp\8b0f2f1f-359c-4bdf-aadd-a32f5da5ad0b.tmp
2023-11-29 09:39 - 2023-11-29 09:39 - 000421052 _____ C:\Users\karakas\AppData\Local\Temp\0510d08f-9046-4247-94f8-edcffcbafec4.tmp
2023-11-29 09:25 - 2023-11-29 09:25 - 000097181 _____ C:\Users\karakas\AppData\Local\Temp\9bd3ef71-1d22-4c64-99d3-b258af9d9cc2.tmp
2023-11-29 09:25 - 2023-11-29 09:25 - 000003231 _____ C:\Users\karakas\AppData\Local\Temp\8c36e63a-b185-487a-b3de-d329532d189b.tmp
2023-11-29 09:24 - 2023-11-29 09:24 - 000495234 _____ C:\Users\karakas\AppData\Local\Temp\4790190a-508d-49ef-b534-cfd3a1409716.tmp
2023-11-29 09:24 - 2023-11-29 09:24 - 000168812 _____ C:\Users\karakas\AppData\Local\Temp\5cf7fa84-075e-4672-accc-9b096f568895.tmp
2023-11-29 09:24 - 2023-11-29 09:24 - 000000165 ____H C:\Users\karakas\Downloads\~$RPG0046053.xlsx
2023-11-29 09:24 - 2023-11-29 09:24 - 000000134 _____ C:\Users\karakas\AppData\Local\Temp\1513562.od
2023-11-29 09:24 - 2023-11-29 09:24 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\CVR185A.tmp.cvr
2023-11-29 09:24 - 2023-11-29 09:24 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\904b571b-da41-4bb0-87c5-8645805b8866.tmp
2023-11-29 09:18 - 2023-11-29 09:18 - 013917519 _____ C:\Users\karakas\AppData\Local\Temp\05fcf96a-0030-4885-9e56-08f520c83b4d.tmp
2023-11-29 09:14 - 2023-11-29 09:14 - 000000134 _____ C:\Users\karakas\AppData\Local\Temp\924656.od
2023-11-29 09:14 - 2023-11-29 09:14 - 000000000 _____ C:\Users\karakas\AppData\Local\Temp\CVR1BF0.tmp.cvr
2023-11-29 09:12 - 2023-11-29 09:12 - 003863460 _____ C:\Users\karakas\AppData\Local\Temp\6afb0d0d-9c88-41a3-a6b6-c5f807cd46ac.tmp
2023-11-29 09:10 - 2023-11-29 09:10 - 011059372 _____ C:\Users\karakas\AppData\Local\Temp\758a27d5-62e5-43ed-8662-f5a4f98c70d5.tmp
2023-11-29 09:10 - 2023-11-29 09:10 - 007810417 _____ C:\Users\karakas\AppData\Local\Temp\21b0194e-542c-4900-b074-274315a33159.tmp
2023-11-29 09:10 - 2023-11-29 09:10 - 000758985 _____ C:\Users\karakas\AppData\Local\Temp\fead8dee-0544-4887-b83d-166d6b6d9b0d.tmp
2023-11-29 08:38 - 2023-12-02 08:07 - 000000000 ____D C:\Users\karakas\Desktop\Nov29
2023-11-28 19:10 - 2023-11-28 19:10 - 000075699 _____ C:\Users\karakas\AppData\Local\Temp\wctAFE4.tmp
2023-11-28 19:10 - 2023-11-28 19:10 - 000075699 _____ C:\Users\karakas\AppData\Local\Temp\wct15F.tmp
2023-11-28 17:45 - 2023-11-28 17:45 - 000075699 _____ C:\Users\karakas\AppData\Local\Temp\wctD9EE.tmp
2023-11-28 17:00 - 2023-11-28 17:00 - 000075699 _____ C:\Users\karakas\AppData\Local\Temp\wct5A4C.tmp
2023-11-28 15:56 - 2023-11-28 15:56 - 019346349 _____ C:\Users\karakas\Downloads\Video.mov
2023-11-28 15:10 - 2023-11-28 15:10 - 000075699 _____ C:\Users\karakas\AppData\Local\Temp\wctA247.tmp
2023-11-25 15:58 - 2023-12-03 00:41 - 000000000 ____D C:\Users\karakas\AppData\Local\Temp\A7CEB126-DD62-4B66-A77E-945D928F0433
2023-11-21 12:11 - 2023-11-21 12:11 - 000082051 _____ C:\Users\karakas\Downloads\Notice- Owner Audit - Online Survey.docx (1).pdf
2023-11-21 07:18 - 2023-11-24 13:13 - 000011114 _____ C:\Users\karakas\Downloads\RPG0045911.xlsx
2023-11-20 08:02 - 2023-11-20 08:02 - 000000899 _____ C:\Users\karakas\AppData\Local\Temp\wctD1B6.tmp
2023-11-20 08:02 - 2023-11-20 08:02 - 000000899 _____ C:\Users\karakas\AppData\Local\Temp\wctC060.tmp
2023-11-20 08:02 - 2023-11-20 08:02 - 000000899 _____ C:\Users\karakas\AppData\Local\Temp\wctB14E.tmp
2023-11-20 08:02 - 2023-11-20 08:02 - 000000899 _____ C:\Users\karakas\AppData\Local\Temp\wctA81D.tmp
2023-11-20 08:02 - 2023-11-20 08:02 - 000000899 _____ C:\Users\karakas\AppData\Local\Temp\wct8BD8.tmp
2023-11-20 08:02 - 2023-11-20 08:02 - 000000899 _____ C:\Users\karakas\AppData\Local\Temp\wct8310.tmp
2023-11-20 08:02 - 2023-11-20 08:02 - 000000899 _____ C:\Users\karakas\AppData\Local\Temp\wct3ADC.tmp
2023-11-19 21:13 - 2023-11-27 00:41 - 000000000 ____D C:\Users\karakas\AppData\Local\Temp\msedge_url_fetcher_275084_1612636180
2023-11-17 11:07 - 2023-11-25 16:03 - 000000000 ____D C:\Users\karakas\AppData\Local\Temp\1A5677DF-7B6E-4F72-9522-FB8B01068020
2023-11-17 08:59 - 2023-11-17 08:59 - 000000165 ____H C:\Users\karakas\Downloads\~$RPG0045847.xlsx
2023-11-17 08:48 - 2023-11-17 08:48 - 000011195 _____ C:\Users\karakas\Downloads\RPG0045847.xlsx
2023-11-14 23:26 - 2023-11-14 23:26 - 000000000 ___HD C:\$WinREAgent
2023-11-14 10:23 - 2023-11-22 00:11 - 000000000 ____D C:\Users\karakas\AppData\Local\Temp\msedge_url_fetcher_731500_1489938570
2023-11-13 00:25 - 2023-11-20 00:40 - 000000000 ____D C:\Users\karakas\AppData\Local\Temp\8018C277-C327-4771-A5A2-85D857DE2FCC
2023-11-11 16:01 - 2023-11-11 16:01 - 000011213 _____ C:\Users\karakas\Downloads\RPG0045737 (3).xlsx
2023-11-11 15:02 - 2023-11-11 15:02 - 000011294 _____ C:\Users\karakas\Downloads\RPG0045737 (2).xlsx
2023-11-11 15:00 - 2023-11-11 15:00 - 000011294 _____ C:\Users\karakas\Downloads\RPG0045737 (1).xlsx
2023-11-11 12:03 - 2023-11-11 12:03 - 000199182 _____ C:\Users\karakas\Downloads\clarkwilson duty to repair- over- under deductibles.pdf
2023-11-11 12:03 - 2023-11-11 12:03 - 000167109 _____ C:\Users\karakas\Downloads\Alteration Request - Insuite Renovations.pdf
2023-11-11 12:03 - 2023-11-11 12:03 - 000082051 _____ C:\Users\karakas\Downloads\Notice- Owner Audit - Online Survey.docx.pdf
2023-11-11 12:03 - 2023-11-11 12:03 - 000035340 _____ C:\Users\karakas\Downloads\Form K - Fillable Form.pdf
2023-11-11 12:02 - 2023-11-11 12:03 - 000080558 _____ C:\Users\karakas\Downloads\Owner Information Sheet V2 - Fillable.pdf
2023-11-11 12:02 - 2023-11-11 12:02 - 000078335 _____ C:\Users\karakas\Downloads\Vehicle & Parking Registration - Fillable Form.pdf
2023-11-11 00:45 - 2023-11-18 01:57 - 000000000 ____D C:\Users\karakas\AppData\Local\Temp\071D456F-4347-45D6-AF0E-443C421A9AAF
2023-11-10 10:14 - 2023-11-10 10:14 - 000011294 _____ C:\Users\karakas\Downloads\RPG0045737.xlsx
2023-11-10 09:51 - 2023-11-10 09:51 - 000081942 _____ C:\Users\karakas\Downloads\INVOICE.pdf
2023-11-09 19:19 - 2023-11-09 19:19 - 002946312 _____ C:\Users\karakas\Downloads\Stormshot.PC.V1.0_1fc14e33f9.exe
2023-11-09 08:35 - 2023-11-09 08:35 - 000199182 _____ C:\Users\karakas\Downloads\07. clarkwilson duty to repair (1).pdf
2023-11-08 09:23 - 2023-11-08 09:23 - 000011171 _____ C:\Users\karakas\Downloads\RPG0045699.xlsx
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-12-06 08:37 - 2019-12-07 01:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-12-06 08:33 - 2018-07-21 10:00 - 000000000 ____D C:\FRST
2023-12-06 08:14 - 2021-12-15 00:43 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-12-06 08:14 - 2016-04-16 16:58 - 000000000 ____D C:\Program Files (x86)\Google
2023-12-06 07:50 - 2021-01-31 23:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-12-06 01:28 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-12-05 21:13 - 2016-04-20 06:51 - 000000000 ____D C:\Users\karakas\AppData\Roaming\Microsoft\Word
2023-12-05 19:09 - 2019-12-07 01:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-12-05 19:09 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-12-05 17:42 - 2021-06-11 13:48 - 000000053 _____ C:\Users\karakas\AppData\Local\Temp\.ses
2023-12-05 13:10 - 2021-03-03 09:52 - 000000000 ____D C:\Users\karakas\AppData\Local\Temp\msohtmlclip1
2023-12-05 12:39 - 2020-10-07 13:54 - 000000000 ____D C:\Users\karakas\Desktop\new downloads
2023-12-05 11:55 - 2016-06-20 09:02 - 000000000 ____D C:\Users\karakas\Desktop\downloaded
2023-12-05 11:28 - 2021-01-31 23:58 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-12-05 11:28 - 2019-12-07 01:13 - 000000000 ____D C:\WINDOWS\INF
2023-12-05 11:21 - 2021-02-01 00:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-12-05 11:21 - 2021-01-31 23:40 - 000008192 ___SH C:\DumpStack.log.tmp
2023-12-05 11:21 - 2019-12-07 01:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-12-04 19:23 - 2021-01-31 23:46 - 000000000 ____D C:\Users\karakas
2023-12-04 19:13 - 2021-05-31 12:38 - 000000000 ____D C:\Users\karakas\AppData\LocalLow\IGDump
2023-12-04 14:16 - 2021-05-20 17:47 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-12-04 09:33 - 2019-08-28 18:06 - 000000000 ____D C:\Users\karakas\Desktop\Master Marks
2023-12-02 16:49 - 2022-02-26 15:14 - 000000000 ____D C:\WINDOWS\Minidump
2023-12-02 16:47 - 2019-02-25 12:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paw Patrol On A Roll
2023-12-02 16:39 - 2019-12-31 06:51 - 1471840439 _____ C:\WINDOWS\MEMORY.DMP
2023-12-02 16:34 - 2016-08-07 15:07 - 000000000 ____D C:\Program Files (x86)\epson
2023-12-02 09:49 - 2021-08-18 20:23 - 000000000 ____D C:\Users\karakas\Desktop\SE Work
2023-12-02 08:25 - 2022-08-11 16:10 - 000000000 ____D C:\Users\karakas\AppData\Roaming\audacity
2023-12-02 07:45 - 2017-01-14 06:13 - 000000000 ____D C:\Users\karakas\AppData\Roaming\Microsoft\Excel
2023-12-01 09:46 - 2017-02-04 04:40 - 000000000 ____D C:\Users\karakas\AppData\Roaming\RenPy
2023-12-01 08:58 - 2018-12-10 16:17 - 000000000 ____D C:\Users\karakas\AppData\Roaming\qBittorrent
2023-11-30 23:34 - 2023-02-09 11:03 - 000000000 ____D C:\Program Files\NordVPN
2023-11-30 12:15 - 2021-11-09 14:43 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-11-26 10:34 - 2023-06-13 10:06 - 000000000 ____D C:\Users\karakas\Desktop\Music 2023
2023-11-18 16:06 - 2021-12-10 19:40 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1880840183-2522925994-863313883-1001
2023-11-18 16:06 - 2021-02-01 00:08 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1880840183-2522925994-863313883-1001
2023-11-18 16:06 - 2021-01-31 23:46 - 000002389 _____ C:\Users\karakas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-11-15 02:16 - 2019-12-07 01:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-11-15 01:57 - 2021-01-31 23:40 - 000463376 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\Com
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-11-15 01:50 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-11-15 01:49 - 2019-12-07 01:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-11-15 01:49 - 2019-12-07 01:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-11-15 01:49 - 2019-12-07 01:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-11-15 01:49 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-11-15 01:49 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-11-15 01:49 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-11-15 01:49 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\IME
2023-11-15 01:49 - 2019-12-07 01:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-11-15 01:49 - 2019-12-07 01:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-11-15 01:49 - 2019-12-07 01:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-11-15 01:49 - 2019-12-07 01:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-11-15 01:49 - 2019-12-07 01:03 - 000000000 ____D C:\WINDOWS\servicing
2023-11-15 01:07 - 2019-12-07 01:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-11-15 01:06 - 2019-12-07 01:52 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2023-11-15 01:06 - 2019-12-07 01:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-11-15 01:06 - 2019-12-07 01:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-11-15 00:22 - 2021-01-31 23:44 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-11-14 23:20 - 2016-04-16 17:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-11-14 23:14 - 2016-04-16 17:17 - 182871392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-11-14 01:20 - 2021-02-01 00:08 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-11-14 01:19 - 2023-08-22 11:25 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-11-13 13:09 - 2021-11-09 14:41 - 000003714 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-11-13 13:09 - 2021-11-09 14:41 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-11-10 08:53 - 2020-09-30 10:20 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-11-06 13:41 - 2018-02-28 20:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-11-06 01:33 - 2023-10-29 05:58 - 000000000 ____D C:\Users\karakas\AppData\Local\Temp\E5A23F3C-1F89-4678-AD3B-0405C049E8DB
2023-11-06 01:33 - 2023-10-29 04:48 - 000000000 ____D C:\Users\karakas\AppData\Local\Temp\5CE91345-EBF7-4E01-A290-7A50BBA4584A
==================== Files in the root of some directories ========
2017-03-06 23:04 - 2018-12-08 15:36 - 000000770 _____ () C:\Users\karakas\AppData\Roaming\Rim.Desktop.Exception.log
2017-03-06 23:03 - 2019-05-13 15:31 - 000001937 _____ () C:\Users\karakas\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2017-03-06 23:04 - 2018-12-08 15:36 - 000000770 _____ () C:\Users\karakas\AppData\Roaming\Rim.DesktopHelper.Exception.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-12-2023
Ran by karakas (06-12-2023 08:51:33)
Running from C:\Users\karakas\Desktop
Microsoft Windows 10 Home Version 22H2 19045.3693 (X64) (2021-02-01 08:09:23)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1880840183-2522925994-863313883-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1880840183-2522925994-863313883-503 - Limited - Disabled)
Guest (S-1-5-21-1880840183-2522925994-863313883-501 - Limited - Disabled)
karakas (S-1-5-21-1880840183-2522925994-863313883-1001 - Administrator - Enabled) => C:\Users\karakas
WDAGUtilityAccount (S-1-5-21-1880840183-2522925994-863313883-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4K YouTube to MP3 3.7 (HKLM\...\{921BEBDC-5874-4DEF-9A5F-CB2D03991FD6}) (Version: 3.7.2.2902 - Open Media LLC)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.10.2002 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3038 - Acer Incorporated)
Acer Drive (HKLM-x32\...\{5D45E67C-B04E-411F-93BB-947DAAF355D5}) (Version: 1.00.3009 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated)
Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3006 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.01.3002 - Acer Incorporated)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 23.006.20380 - Adobe)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
Audacity 3.3.3 (HKLM\...\Audacity_is1) (Version: 3.3.3 - Audacity Team)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Core Temp 1.15.1 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.15.1 - ALCPU)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3013 - Acer Incorporated)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.00.00 - SEIKO EPSON CORPORATION)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
Foxit PhantomPDF Business (HKLM-x32\...\{CAAA99A8-AB12-11E6-AA93-000C29FC3B44}) (Version: 8.1.1.1115 - Foxit Software Inc.)
GameHouse Games (HKLM-x32\...\GameHouse Games) (Version: 8.60.65 - GameHouse)
GenuTax Standard (HKLM-x32\...\{238715a6-57bf-488b-af18-c5247f885931}) (Version: 1.79 - GenuSource Consulting Inc) Hidden
GenuTax Standard (HKLM-x32\...\{2FB6BA60-4F55-486F-B7B9-AF0283344B85}) (Version: 1.79 - GenuSource Consulting Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 119.0.6045.200 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.32.7 - Google Inc.) Hidden
Instagiffer version 1.62 (HKLM-x32\...\{13DEF8F8-5280-4555-95A4-E815C3F9540F}_is1) (Version: 1.62 - Justin Todd)
Intel® Chipset Device Software (HKLM\...\{12CB6BC1-4E71-4890-AA0E-26CED6AD7EDD}) (Version: 10.1.1.13 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1177 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{3C6C11C6-E094-4548-B032-73B4E4D0DEF7}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{9E80CC7F-966F-4282-BE0A-36B5BA5F19B1}) (Version: 11.0.0.1177 - Intel Corporation) Hidden
Intel® ME UninstallLegacy (HKLM\...\{1377B2D9-D825-441C-A775-318D25DA3F18}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{B66F70B4-34E5-429A-9F55-7129E0833A45}) (Version: 14.8.0.1042 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{9A287643-10C5-4463-B9D1-B2404CE18CCF}) (Version: 17.1.1529.1620 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{8c595286-0f9e-42de-a0d4-969aba282637}) (Version: 20.50.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{E6F800A9-64D3-4E93-8E8E-AB53E21D4840}) (Version: 20.50.0.1450 - Intel Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{3D45BD48-F215-4C69-B23F-256C83D1D7F0}) (Version: 1.0.0.534 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{7D84E343-A23D-451C-B123-0195B2D903A6}) (Version: 1.42.17.0 - Intel Corporation) Hidden
Java 8 Update 371 (64-bit) (HKLM\...\{71124AE4-039E-4CA4-87B4-2F64180371F0}) (Version: 8.0.3710.11 - Oracle Corporation)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.0.6.4 - PandoraTV)
Malwarebytes version 4.6.6.294 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.6.294 - Malwarebytes)
Microsoft Azure Information Protection (HKLM-x32\...\{21b41fcc-93c0-498f-a284-659d275b4076}) (Version: 1.54.59.0 - Microsoft Corporation)
Microsoft Azure Information Protection (HKLM-x32\...\{7FA8B359-E9D7-4037-8DE1-A28F2603D742}) (Version: 1.54.59.0 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 119.0.2151.97 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 119.0.2151.97 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (HKLM-x32\...\{90120000-0117-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (English) 2007 (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (HKLM-x32\...\{90120000-00BA-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (HKLM-x32\...\{90120000-0114-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (HKLM-x32\...\{90120000-002C-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}) (Version: - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (HKLM\...\{90120000-002A-0409-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (HKLM\...\{90120000-0116-0409-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (HKLM-x32\...\{90120000-0115-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1880840183-2522925994-863313883-1001\...\OneDriveSetup.exe) (Version: 23.226.1031.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29910 (HKLM-x32\...\{53f1dc9d-ed94-4650-a079-129785ce7905}) (Version: 14.28.29910.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30135 (HKLM-x32\...\{b7a2b241-3f54-4d7d-94d1-8ce0146e03c7}) (Version: 14.29.30135.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29910 (HKLM\...\{06F1FCFD-8F77-488A-A477-6CA8A783EDD7}) (Version: 14.28.29910 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29910 (HKLM\...\{DE015560-04E3-4915-8F99-5B29289E3998}) (Version: 14.28.29910 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30135 (HKLM-x32\...\{77EB1EA9-8E1B-459D-8CDC-1984D0FF15B6}) (Version: 14.29.30135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30135 (HKLM-x32\...\{36A1E79B-581A-4FE5-843D-84C2D3C9431E}) (Version: 14.29.30135 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft1.7.7 (HKLM-x32\...\Minecraft1.7.7) (Version: - )
MiniTool Partition Wizard Free 10.2.3 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Mozilla Firefox 88.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 88.0.1 (x64 en-US)) (Version: 88.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 88.0.1.7794 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NordUpdater (HKLM\...\{6E35DB82-3D19-4DD6-B8CB-F082815FDE18}_is1) (Version: 1.4.0.132 - Nord Security)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 7.15.6.0 - Nord Security)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
Paw Patrol On A Roll (HKLM-x32\...\Paw Patrol On A Roll_is1) (Version: - )
Potplayer-64 Bits (HKLM\...\PotPlayer64) (Version: - Kakao Corp.)
qBittorrent 4.2.5 (HKLM-x32\...\qBittorrent) (Version: 4.2.5 - The qBittorrent project)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7712 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.6 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.6 - VS Revo Group, Ltd.)
Sin7 0.1 (HKLM-x32\...\Sin7 0.1) (Version: 0.1 - Sin7)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
Zoom (HKU\S-1-5-21-1880840183-2522925994-863313883-1001\...\ZoomUMX) (Version: 5.15.7 (20303) - Zoom Video Communications, Inc.)
Packages:
=========
Acer Explorer -> C:\Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.3007.0_x86__48frkmn4z8aw4 [2022-07-13] (Acer Incorporated)
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2023-11-14] ()
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x64__8wekyb3d8bbwe [2021-11-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x86__8wekyb3d8bbwe [2021-11-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-11-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-11-09] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2021-11-09] (MAGIX)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-11-09] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-05] (Microsoft Studios) [MS Ad]
Spider Solitaire++ -> C:\Program Files\WindowsApps\12291raymond.li.31631ED225837_1.1.16.0_x64__szs6zaftcmqhc [2022-02-25] (raymond.li)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-11-09] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
HKU\S-1-5-21-1880840183-2522925994-863313883-1001\...\ChromeHTML: -> <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-1880840183-2522925994-863313883-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1880840183-2522925994-863313883-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1880840183-2522925994-863313883-1001_Classes\CLSID\{4e6f7264-5650-4e00-0000-000000000000}\localserver32 -> C:\Program Files\NordVPN\NordVPN.exe (nordvpn s.a. -> nordvpn S.A.)
CustomCLSID: HKU\S-1-5-21-1880840183-2522925994-863313883-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\karakas\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-1880840183-2522925994-863313883-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\karakas\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-01] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-01] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-01] (Acer Incorporated -> Acer Incorporated)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2016-11-14] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File
ContextMenuHandlers1: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-02-27] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File
ContextMenuHandlers4: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e43bf4f1a295d985\igfxDTCM.dll [2016-12-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2016-11-14] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll -> No File
ContextMenuHandlers6: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-02-27] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
Edited by daniel.karakas, 06 December 2023 - 11:22 AM.
Sign In
Create Account
