I just downloaded some files from a questionable site Shortly after I noticed a console window open on its own, and close before I could see what it was doing. So I decided I'd better do a scan. I ran the included Windows virus scanner and it didn't find anything, but I trust you guys more.
The laptop appears to be running fine right now (I'm using it to post this) but I want to be sure I didn't miss anything.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.01.2024
Ran by Wizzard (administrator) on DESKTOP-DKBL38S (HP HP ENVY x360 m6 Convertible) (17-01-2024 14:19:05)
Running from C:\Users\Wizzard\Desktop\FRST64.exe
Loaded Profiles: Wizzard
Platform: Microsoft Windows 10 Home Version 22H2 19045.3693 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SmartAudio3.exe ->) (Conexant Systems, Inc) [File not signed] C:\Program Files\CONEXANT\SA3\HP-NB-AIO\CnxtNotify.exe
(C:\Program Files\PowerToys\modules\Peek\PowerToys.Peek.UI.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.72\msedgewebview2.exe <6>
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\AlwaysOnTop\PowerToys.AlwaysOnTop.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\Awake\PowerToys.Awake.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\FancyZones\PowerToys.FancyZones.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\KeyboardManager\KeyboardManagerEngine\PowerToys.KeyboardManagerEngine.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\launcher\PowerToys.PowerLauncher.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\Peek\PowerToys.Peek.UI.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\PowerOCR\PowerToys.PowerOCR.exe
(C:\Program Files\RUXIM\DTUDriver.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\DTU\{ACE960B2-1A0A-4386-9B44-81C2DFD338C7}\bins\DTUNotificationUX.exe
(C:\Program Files\RUXIM\PLUGScheduler.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\RUXIM\DTUDriver.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Windows\CxSvc\CxMonSvc.exe ->) (Conexant Systems LLC -> Conexant Systems, Inc) C:\Program Files\CONEXANT\Flow\Flow.exe
(Conexant Systems LLC -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SmartAudio3.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <36>
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Microsoft Windows -> Microsoft Corporation) C:\Users\Wizzard\AppData\Local\Temp\E912FDBB-C150-45C4-86C3-293E69C47953\DismHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Conexant Systems LLC -> Conexant Systems, Inc.) C:\Windows\CxSvc\CxUtilSvc.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc) C:\Windows\CxSvc\CxMonSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel® Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel® Audio Service\IntelAudioService.exe
(services.exe ->) (Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.3.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Conexant Systems, Inc. -> Conexant) C:\Windows\System32\MicTray64.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\RUXIM\PLUGScheduler.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [271496 2017-11-02] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [] => [X]
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (No File)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" [65858576 2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.133\Installer\setup.exe [4650432 2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1646689598-3579479116-263840635-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1646689598-3579479116-263840635-1001\...\RunOnce: [msedge_resetsb_{56EB18F8-B008-4CBD-B6D2-8C97FE7E9062}] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --reset-startup-boost-last-used [3854272 2024-01-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon TS3300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDG3.DLL [509952 2019-08-01] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\HP1006PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1006PP.dll [65024 2013-04-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2022-04-07] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS3300 series: C:\WINDOWS\system32\CNMLMG3.DLL [1338368 2019-08-01] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP1006LM: C:\WINDOWS\system32\HP1006LM.DLL [198144 2013-04-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\120.0.6099.224\Installer\chrmstp.exe [2024-01-17] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {C17667DB-BC52-453B-995B-166766CA078F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {91C16614-E03F-4917-9D20-A9CE4650D55C} - System32\Tasks\Adobe Creative Cloud => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1068512 2022-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {07B01E62-1267-4D00-AE13-D4075FCB0F13} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {AC3E5384-317B-4688-B8CF-0D9031FA6155} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [4434400 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {B213DD1B-A12A-4077-A6F2-7D44E72F6A04} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-05-28] (Google Inc -> Google LLC)
Task: {315B8E92-F87D-455E-AA61-AA29CB91998C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-05-28] (Google Inc -> Google LLC)
Task: {E123021E-E353-429B-933B-BE5C46497CBD} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {0E3DE803-071C-44BB-BAC6-74E9E40F0597} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28425192 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {83F33FA2-B548-4B5C-8125-3EB9AA4B27E4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {63756BC0-02D3-478D-AFC5-0579B3C1BC67} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305744 2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {AEEA17B7-455D-4960-B115-61F49C2321D9} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [170048 2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {D131ADB1-1C85-49EE-AC0B-877D8D84EF86} - System32\Tasks\Microsoft\Windows\Conexant\FLOW => C:\Program Files\CONEXANT\FLOW\SACpl.exe [1831768 2016-12-01] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
Task: {1C40AA15-650D-4D5A-BBCF-DFD517E86DB8} - System32\Tasks\Microsoft\Windows\Conexant\MicTray => C:\Windows\System32\MicTray64.exe [2758232 2017-05-14] (Conexant Systems, Inc. -> Conexant)
Task: {8B1634B4-93AC-4295-B8C5-857A0D85575C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {609F16F3-E713-452F-9BDA-426F0007626B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8A7721FD-8899-4D3E-864F-EF7B96E3B1CD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {03772992-465B-4106-BA66-2D1057E949BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D43118E5-E5DE-4780-B912-C84E37D122B3} - System32\Tasks\NIUpdateServiceCheckTask => C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe -c -task (No File)
Task: {51BA0B96-7428-418D-AABC-08E6B2F12A03} - System32\Tasks\NIUpdateServiceStartupTask => C:\Program Files (x86)\National Instruments\Shared\Update Service\NIUpdateService.exe -startupTask (No File)
Task: {E006C703-DE35-42BF-BB2F-C69E30D2B6E4} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [815 2022-08-18] () [File not signed]
Task: {6BB67B2E-B8B5-4F6F-AAD2-C770E4B61921} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC0E7298-498A-4132-9BB3-0385CF5DAC9C} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1646689598-3579479116-263840635-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130736 2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0DF1E34-4D7F-474B-95D1-2A6F8D067C2D} - System32\Tasks\PowerToys\Autorun for Wizzard => C:\Program Files\PowerToys\PowerToys.exe [1104320 2023-05-18] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{12b0ad13-fed2-490f-9ca2-a3947b02aa43}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{12b0ad13-fed2-490f-9ca2-a3947b02aa43}\24F696C656270225F6F6D6027457563747: [DhcpNameServer] 10.10.10.10
Tcpip\..\Interfaces\{12b0ad13-fed2-490f-9ca2-a3947b02aa43}\77F627B686F62737560276575637470223E2437484A7: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{788dc45b-68b2-4d36-8cca-75370df257ee}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a3fdb4e2-d414-4435-9001-391a47382b85}: [DhcpNameServer] 192.168.42.129
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Wizzard\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-28]
Edge Extension: (Edge relevant text changes) - C:\Users\Wizzard\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-07-28]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2022-04-06]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-11-18] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-01-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-11-18] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-01-11]
CHR Profile: C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-01-17]
CHR Notifications: Profile 2 -> hxxps://calendar.google.com; hxxps://webchat.freenode.net; hxxps://www.ebay.com
CHR HomePage: Profile 2 -> hxxp://lib.harvard.edu/
CHR StartupUrls: Profile 2 -> "hxxp://lab.dce.harvard.edu/"
CHR Session Restore: Profile 2 -> is enabled.
CHR Extension: (Google Translate) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-05-30]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-01-17]
CHR Extension: (uBlock Origin) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-01-17]
CHR Extension: (Tampermonkey) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2024-01-17]
CHR Extension: (Reddit Masstagger) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ebjdimopaogdkhiagbgmkjjhehmooheo [2020-10-02]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-01-17]
CHR Extension: (Tab Wrangler) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\egnjhciaieeiiohknchakcodbpgjnchh [2021-03-07]
CHR Extension: (Urban VPN Proxy) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eppiocemhmnlbhjplcgkofciiegomcon [2024-01-17]
CHR Extension: (Google Play Music) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2021-01-21]
CHR Extension: (Proctorio) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fpmapakogndmenjcfoajifaaonnkpkei [2024-01-17]
CHR Extension: (Unpinterested!) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gefaihkenmchjmcpcbpdijpoknfjpbfe [2021-02-10]
CHR Extension: (VNC® Viewer for Google Chrome™) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\iabmpiboiopbgfabjmgeedhcmjenhbla [2020-10-02]
CHR Extension: (Cisco Webex Extension) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2022-08-03]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2023-05-30]
CHR Extension: (Don't F*** With Paste) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nkgllhigpcljnhoakjkgaieabnkmgdkb [2022-05-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-05]
CHR Extension: (Redirector) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ocgpenflpmgnfapjedencafcfakcekcd [2020-10-02]
CHR Profile: C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 3 [2022-04-19]
CHR Extension: (Slides) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-04-19]
CHR Extension: (Docs) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2022-04-19]
CHR Extension: (Google Drive) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-04-19]
CHR Extension: (YouTube) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-04-19]
CHR Extension: (Sheets) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-04-19]
CHR Extension: (Google Docs Offline) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-19]
CHR Extension: (AVG SafePrice | Comparison, deals, coupons) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2022-04-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-19]
CHR Extension: (Gmail) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-04-19]
CHR Profile: C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 4 [2022-11-22]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-11-22]
CHR Extension: (Google Docs Offline) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-22]
CHR Extension: (AVG SafePrice | Comparison, deals, coupons) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2022-11-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-11-22]
CHR Profile: C:\Users\Wizzard\AppData\Local\Google\Chrome\User Data\System Profile [2023-11-20]
CHR HKU\S-1-5-21-1646689598-3579479116-263840635-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [923616 2022-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [4555744 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13777080 2024-01-05] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncHelper.exe [3514384 2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [445432 2021-04-18] (Canon Inc. -> )
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.246.1127.0002\OneDriveUpdaterService.exe [3851280 2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2024-01-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2024-01-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 UIUService; %SystemRoot%\system32\UIUSrv.exe [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 GD32VCP; C:\WINDOWS\system32\DRIVERS\usbser.sys [81408 2023-11-20] (Microsoft Windows -> Microsoft Corporation)
R3 MpKsl8e3aa0d1; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4536234C-A373-4D6A-9CAD-A3431CC338CA}\MpKslDrv.sys [263560 2024-01-17] (Microsoft Windows -> Microsoft Corporation)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [77336 2022-08-19] (Insecure.Com LLC -> Insecure.Com LLC.)
S4 npcap_wifi; C:\WINDOWS\system32\DRIVERS\npcap.sys [77336 2022-08-19] (Insecure.Com LLC -> Insecure.Com LLC.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2024-01-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2024-01-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2024-01-17] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-01-17 14:19 - 2024-01-17 14:19 - 000030804 _____ C:\Users\Wizzard\Desktop\FRST.txt
2024-01-17 14:18 - 2024-01-17 14:19 - 000000000 ____D C:\FRST
2024-01-17 14:17 - 2024-01-17 14:17 - 002389504 _____ (Farbar) C:\Users\Wizzard\Desktop\FRST64.exe
2024-01-17 13:19 - 2024-01-17 13:19 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-01-17 13:02 - 2024-01-17 13:02 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-01-17 14:16 - 2020-09-27 07:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-01-17 14:11 - 2019-12-07 02:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-17 14:11 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-01-17 14:10 - 2019-12-07 02:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-17 14:06 - 2021-12-24 16:55 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-01-17 14:06 - 2019-05-28 13:57 - 000000000 ____D C:\Program Files (x86)\Google
2024-01-17 13:20 - 2022-05-22 00:43 - 000000000 ____D C:\Program Files\Microsoft Office
2024-01-17 13:20 - 2019-12-07 02:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-01-17 13:16 - 2022-11-18 20:10 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2024-01-17 13:16 - 2022-11-18 20:10 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-01-17 13:16 - 2022-05-20 05:23 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-01-17 13:16 - 2020-07-19 21:54 - 000000000 ____D C:\Users\Wizzard\AppData\Roaming\vlc
2024-01-17 13:10 - 2019-05-28 13:57 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-01-17 13:06 - 2020-09-27 07:53 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-17 13:04 - 2020-10-02 14:59 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2024-01-17 13:03 - 2022-05-24 04:58 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-01-17 13:03 - 2022-05-23 01:56 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1646689598-3579479116-263840635-1001
2024-01-17 13:03 - 2022-05-22 00:51 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-01-17 13:03 - 2022-05-22 00:51 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-01-17 13:02 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-01-17 13:01 - 2021-06-13 19:54 - 000003714 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2024-01-17 13:01 - 2021-06-13 19:54 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2024-01-17 13:01 - 2019-05-08 07:26 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
==================== Files in the root of some directories ========
2022-01-07 16:58 - 2022-01-07 16:58 - 000000122 _____ () C:\Users\Wizzard\AppData\Roaming\Email.reg
2020-10-06 18:36 - 2020-10-06 18:36 - 000000000 _____ () C:\Users\Wizzard\AppData\Local\oobelibMkey.log
2020-08-13 14:02 - 2021-07-02 13:46 - 000000128 _____ () C:\Users\Wizzard\AppData\Local\PUTTY.RND
2021-06-28 14:15 - 2021-06-28 14:15 - 000007605 _____ () C:\Users\Wizzard\AppData\Local\Resmon.ResmonCfg
2021-06-13 18:59 - 2021-06-13 19:18 - 000001880 _____ () C:\Users\Wizzard\AppData\Local\TempCEF_Log.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16.01.2024
Ran by Wizzard (17-01-2024 14:20:28)
Running from C:\Users\Wizzard\Desktop
Microsoft Windows 10 Home Version 22H2 19045.3693 (X64) (2021-06-14 02:54:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1646689598-3579479116-263840635-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1646689598-3579479116-263840635-503 - Limited - Disabled)
Guest (S-1-5-21-1646689598-3579479116-263840635-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1646689598-3579479116-263840635-504 - Limited - Disabled)
Wizzard (S-1-5-21-1646689598-3579479116-263840635-1001 - Administrator - Enabled) => C:\Users\Wizzard
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 23.008.20470 - Adobe Systems Incorporated)
Adobe Animate 2023 (HKLM-x32\...\FLPR_23_0) (Version: 23.0 - Adobe Inc.)
Adobe Bridge 2023 (HKLM-x32\...\KBRG_13_0_2) (Version: 13.0.2 - Adobe Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.9.0.372 - Adobe Inc.)
Adobe Fuse CC (Beta) (HKLM-x32\...\{B57067F9-E97B-46EE-94F5-179373B81A6C}) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.4.0.63 - Adobe Inc.)
Adobe Illustrator 2023 (HKLM-x32\...\ILST_27_1_1) (Version: 27.1.1 - Adobe Inc.)
Adobe InCopy 2023 (HKLM-x32\...\AICY_18_1) (Version: 18.1 - Adobe Inc.)
Adobe InDesign 2023 (HKLM-x32\...\IDSN_18_1) (Version: 18.1 - Adobe Inc.)
Adobe Lightroom (HKLM-x32\...\LRCC_6_1) (Version: 6.1 - Adobe Inc.)
Adobe Media Encoder 2023 (HKLM-x32\...\AME_23_1) (Version: 23.1 - Adobe Inc.)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_5_3) (Version: 23.5.3.848 - Adobe Inc.)
Adobe Photoshop 2023 (HKLM-x32\...\PHSP_24_1) (Version: 24.1.0.166 - Adobe Inc.)
Adobe Premiere Pro 2023 (HKLM-x32\...\PPRO_23_1) (Version: 23.1 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Amazon Kindle (HKU\S-1-5-21-1646689598-3579479116-263840635-1001\...\Amazon Kindle) (Version: 1.37.0.65274 - Amazon)
Attribute Changer 10.0a (HKLM\...\{27263813-8BDE-4CD2-84D3-02536743428A}_is1) (Version: 10.0 - Romain Petges)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Burning Crusade Classic (HKLM-x32\...\Burning Crusade Classic) (Version: - Blizzard Entertainment)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.10.2 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.30.1.52 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.5.5.3 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.4.0 - Canon Inc.)
Canon TS3300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS3300_series) (Version: 1.01 - Canon Inc.)
CircuitMaker 2 (HKLM-x32\...\CircuitMaker {1CC95F52-09E7-4CBD-BCE2-6C089D6BD00C}) (Version: 2.2.1.6 - Altium Limited)
Conexant ISST Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 9.0.160.51 - Conexant)
D878UVII_2.02N (HKLM-x32\...\D878UVII_2.02N_is1) (Version: - QX)
Git version 2.30.0.2 (HKLM\...\Git_is1) (Version: 2.30.0.2 - The Git Development Community)
GitHub Desktop (HKU\S-1-5-21-1646689598-3579479116-263840635-1001\...\GitHubDesktop) (Version: 3.2.6 - GitHub, Inc.)
Google Chrome (HKLM\...\{FF358111-357A-39FF-A7D8-331B72176B65}) (Version: 120.0.6099.224 - Google LLC)
HFSExplorer 0.23.1 (HKLM-x32\...\HFSExplorer) (Version: 0.23.1 - Catacombae Software)
HI-TECH C Compiler for the PIC10/12/16 MCUs V9.82PL0 (HKLM-x32\...\PICC 9.82) (Version: 9.82 - HI-TECH Software)
HI-TECH C51-lite V9.60PL0 (HKLM-x32\...\HC51 9.60PL0) (Version: 9.60 - HI-TECH Software)
KiCad 7.0 (HKLM-x32\...\KiCad 7.0) (Version: 7.0.5 - KiCad)
K-Lite Codec Pack 14.9.4 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.9.4 - KLCP)
Microsoft .NET Core Host - 3.1.23 (x64) (HKLM\...\{9C7A4D28-C2E1-4CA7-A1F3-603049ED2937}) (Version: 24.92.31022 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.23 (x64) (HKLM\...\{7FF9BE57-3115-4282-BC9A-7FAB77C27235}) (Version: 24.92.31022 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.23 (x64) (HKLM\...\{81EDF4A0-FC57-48C3-B26A-E90C2DC266CE}) (Version: 24.92.31022 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.7 (x64) (HKLM\...\{8F51A211-71F1-4858-8198-8A5A66818D16}) (Version: 48.31.44002 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.7 (x64) (HKLM\...\{E18A98D1-DF73-4E11-AC20-FD0190628270}) (Version: 48.31.44002 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.7 (x64) (HKLM\...\{882F32A5-8330-4366-844A-2F3B73C3F021}) (Version: 48.31.44002 - Microsoft Corporation) Hidden
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.17126.20132 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 120.0.2210.133 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 120.0.2210.133 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.23 (x64) (HKLM\...\{4456FDE5-AAE9-4E03-9B34-0D9A476CEF5A}) (Version: 24.92.31022 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.23 (x64) (HKLM-x32\...\{d2f91fed-8a18-4071-b8d3-22606fa9a9f6}) (Version: 3.1.23.31022 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.7 (x64) (HKLM\...\{30702F00-F514-4094-BA4A-A05B42FD1CAC}) (Version: 48.31.44003 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.7 (x64) (HKLM-x32\...\{a7dab025-ec7a-4e8a-add3-6d872f1d8aca}) (Version: 6.0.7.31422 - Microsoft Corporation)
mIRC (HKLM-x32\...\mIRC) (Version: 7.75 - mIRC Co. Ltd.)
MuseScore 3 (HKLM\...\{FF67E071-104C-4C42-9301-184442745671}) (Version: 3.6.2.548021803 - Werner Schweer and Others)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.9.2 - Notepad++ Team)
Npcap (HKLM-x32\...\NpcapInst) (Version: 1.71 - Nmap Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17126.20132 - Microsoft Corporation) Hidden
PicoScope 6 (HKLM-x32\...\{ec728789-5ff3-4664-a504-378fd332ba65}) (Version: 6.14.54 - Pico Technology)
PowerToys (Preview) (HKLM\...\{F0566D6B-60D0-496D-9B64-3D485C65DEB2}) (Version: 0.70.0 - Microsoft Corporation) Hidden
PowerToys (Preview) x64 (HKLM-x32\...\{59de335c-d42a-4ae1-9ffb-cbdc0f56882d}) (Version: 0.70.0 - Microsoft Corporation)
Printer Registration (HKLM-x32\...\Canon EISRegistration) (Version: 1.8.0 - Canon Inc.)
PuTTY release 0.74 (64-bit) (HKLM\...\{127B996B-5308-4012-865B-9446451EA326}) (Version: 0.74.0.0 - Simon Tatham)
Python 3.9.1 (64-bit) (HKU\S-1-5-21-1646689598-3579479116-263840635-1001\...\{b2be55ad-3177-42aa-a6c2-53004684e4ea}) (Version: 3.9.1150.0 - Python Software Foundation)
Python 3.9.1 Core Interpreter (64-bit) (HKLM\...\{1C00F581-D5BF-491E-B1BB-72AA3A2250E5}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Development Libraries (64-bit) (HKLM\...\{27AD952D-DD9D-4AAC-B486-8AA601BFA064}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Documentation (64-bit) (HKLM\...\{5CB3AEED-BB03-47E2-BFF1-0CA58C236895}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Executables (64-bit) (HKLM\...\{71A9F41D-A865-46D4-A650-B210150DEF2A}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 pip Bootstrap (64-bit) (HKLM\...\{EF2B9385-6453-4702-9584-21BA8288D157}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Standard Library (64-bit) (HKLM\...\{5DD5C023-790B-4F1B-9B1B-8D1BC48F3057}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Tcl/Tk Support (64-bit) (HKLM\...\{414B5372-24FD-4302-8090-B9CE5564A6DD}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Test Suite (64-bit) (HKLM\...\{A7EC4DEB-8ABD-471D-BB5B-E579EBC9B043}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python 3.9.1 Utility Scripts (64-bit) (HKLM\...\{47A9647A-A576-4751-9C37-D32EB70285A3}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{FFC95928-6A14-4FB3-8D73-7A62382F66AC}) (Version: 3.9.7280.0 - Python Software Foundation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.21299 - Realtek Semiconductor Corp.)
Sharp World Clock 9.5.2 (HKLM-x32\...\Sharp World Clock 8_is1) (Version: - Johannes Wallroth)
SQLite ODBC Driver for Win64 (remove only) (HKLM-x32\...\SQLite ODBC Driver for Win64) (Version: - )
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.5.10.75 - Synaptics Incorporated)
TAP-Windows 9.24.2 (HKLM\...\TAP-Windows) (Version: 9.24.2 - OpenVPN Technologies, Inc.)
TeighaX 3.09 (HKLM-x32\...\{3D63579F-2398-418B-9227-A852FB201D2D}) (Version: 3.9.0 - Open Design Alliance)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WhatsApp (Outdated) (HKU\S-1-5-21-1646689598-3579479116-263840635-1001\...\WhatsApp) (Version: 2.2326.10 - WhatsApp)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Windows Subsystem for Linux Update (HKLM\...\{8D646799-DB00-4000-AE7A-756A05A4F1D8}) (Version: 5.4.72 - Microsoft Corporation)
Wireshark 4.0.10 64-bit (HKLM-x32\...\Wireshark) (Version: 4.0.10 - The Wireshark developer community, hxxps://www.wireshark.org)
World of Warcraft Classic Era PTR (HKLM-x32\...\World of Warcraft Classic Era PTR) (Version: - Blizzard Entertainment)
World of Warcraft Classic PTR (HKLM-x32\...\World of Warcraft Classic PTR) (Version: - Blizzard Entertainment)
Zoom (HKU\S-1-5-21-1646689598-3579479116-263840635-1001\...\ZoomUMX) (Version: 5.10.4 (5035) - Zoom Video Communications, Inc.)
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2022-05-25] (Adobe Systems Incorporated)
Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC [2024-01-17] ()
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_3.0.1.1_x86__enpm4xejd91yc [2022-04-20] (Adobe Systems Incorporated)
Adobe Photoshop Express -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.8.412.0_x64__mtcwf2zmmt10c [2023-01-12] (Adobe Inc.)
Arduino IDE -> C:\Program Files\WindowsApps\ArduinoLLC.ArduinoIDE_1.8.57.0_x86__mdqgnx93n4wtt [2021-12-23] (Arduino LLC)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2022-05-22] (Canon Inc.)
Debian -> C:\Program Files\WindowsApps\TheDebianProject.DebianGNULinux_1.15.0.0_x64__76v4gfsz19hv4 [2023-07-05] (The Debian Project)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_150.1.1140.0_x64__v10z8vjag6ke6 [2023-11-20] (HP Inc.)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5237.0_x64__8j3eq9eme6ctt [2023-11-20] (INTEL CORP) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-05-26] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-06-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-06-13] (Microsoft Corporation) [MS Ad]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2310.25001.0_x64__8wekyb3d8bbwe [2023-11-20] (Microsoft Corporation) [Startup Task]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-04-27] (Microsoft Corporation)
PowerPoint Mobile -> C:\Program Files\WindowsApps\Microsoft.Office.PowerPoint_16001.14326.21742.0_x64__8wekyb3d8bbwe [2023-11-20] (Microsoft Corporation)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.3.0_x64__cv1g1gvanyjgm [2024-01-17] (WhatsApp Inc.) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{049B0D13-73AE-495B-A18E-5DC94A8A861C}\InprocServer32 -> C:\Cadence\PSpiceTI\tools\bin\orpiPIC64.dll => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{05D5C28D-5808-4D10-B074-E5C99E12B717}\InprocServer32 -> C:\Cadence\PSpiceTI\tools\bin\orpiica64.dll => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{08A00313-0C50-4D8E-BDCF-9D4BD353E05E}\localserver32 -> "C:\Cadence\PSpiceTI\tools\bin\pspice.exe" => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{10144713-1526-46C9-88DA-1FB52807A9FF}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.SvgThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{123C44B9-728B-404C-9275-A9AAFF4A2A70}\localserver32 -> "C:\Cadence\PSpiceTI\tools\bin\Capture.exe" => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{19B52199-0A1A-4F6E-BC00-74A15923C294}\InprocServer32 -> C:\Cadence\PSpiceTI\tools\bin\orpicis64.dll => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{1A9847EA-A8B5-4C31-9588-0F57E3A9BFD4}\localserver32 -> "C:\Cadence\PSpiceTI\tools\bin\mrksrvr.exe" => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{1C72234A-C914-462B-9CC0-5FAA96FC37B0}\InprocServer32 -> C:\Cadence\PSpiceTI\tools\bin\orpiPIC64.dll => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{1FE8A113-8331-46F1-8E7D-833F46DE205A}\localserver32 -> "C:\Cadence\PSpiceTI\tools\bin\PspiceExplorerSrvr.exe" => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{2325BDDF-8DC9-436C-89B9-A432CCBA3CA0}\localserver32 -> "C:\Cadence\PSpiceTI\tools\bin\pspice.exe" => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{261FD1AF-D34B-47A6-B56D-5B48E372EFCA}\localserver32 -> "C:\Cadence\PSpiceTI\tools\bin\pspice.exe" => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{2D78F313-894D-49AC-AA2A-44066C1FB8EA}\InprocServer32 -> C:\Cadence\PSpiceTI\tools\bin\orpiPspice64.dll => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{2F93A534-EB50-40CC-8E01-86615C821D55}\InprocServer32 -> C:\Cadence\PSpiceTI\tools\bin\orApConCtl64.dll => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{394402B2-4C09-4F20-80E8-92F8ACBD270B}\InprocServer32 -> C:\Cadence\PSpiceTI\tools\bin\orpiPspice64.dll => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{3BBE8615-75E7-4AB0-BE84-27B5D8CAA4DD}\InprocServer32 -> C:\Cadence\PSpiceTI\tools\bin\orpiPspice64.dll => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{3CFFE753-DF7E-4F18-BCB9-697DDA8255C0}\InprocServer32 -> C:\Cadence\PSpiceTI\tools\bin\orpiPspice64.dll => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{3f5d0051-61b8-0f45-6166-996cfb4f914f}\localserver32 -> C:\Program Files\PowerToys\modules\launcher\PowerToys.PowerLauncher.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{3FB4CFC6-7E02-439C-B25A-AC0C11CF3735}\localserver32 -> "C:\Cadence\PSpiceTI\tools\bin\pspice.exe" => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{564994E4-BE69-4001-9F69-A7397D487EB4}\InprocServer32 -> C:\Cadence\PSpiceTI\tools\bin\orpiPIC64.dll => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{60789D87-9C3C-44AF-B18C-3DE2C2820ED3}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.MarkdownPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{692EE5A4-06AF-44B5-989F-47294D6AF4FA}\InprocServer32 -> C:\Cadence\PSpiceTI\tools\bin\orpicis64.dll => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{6AABA1C2-E672-41D1-9850-EFF76BC94ED9}\InprocServer32 -> C:\Cadence\PSpiceTI\tools\bin\orpiPIC64.dll => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{6F9CF0D9-1D11-4BDC-B1C3-99DE33D7A82D}\InprocServer32 -> C:\Cadence\PSpiceTI\tools\bin\orpiPspice64.dll => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{77257004-6F25-4521-B602-50ECC6EC62A6}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.StlThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{7BA47769-9971-4E54-80EE-5CDDFA3D7AFC}\InprocServer32 -> C:\Cadence\PSpiceTI\tools\bin\orpiica64.dll => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{7D514944-3948-4C18-B92E-42A6F43D6780}\localserver32 -> "C:\Cadence\PSpiceTI\tools\bin\pspice.exe" => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{81645DFC-8A82-4F2B-8A5F-FBFD2D065EF2}\localserver32 -> "C:\Cadence\PSpiceTI\tools\bin\simmgr.exe" => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{81A2FA8A-7639-49D8-BF17-12D124675126}\InprocServer32 -> C:\Cadence\PSpiceTI\tools\bin\ortruereuse64.ocx => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{83B9FE93-98C2-41C2-81F3-5638E5AC393C}\InprocServer32 -> C:\Cadence\PSpiceTI\tools\bin\ortruereuse64.ocx => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{8A1C6E3C-3E96-4EC9-AF69-705C4E887801}\localserver32 -> "C:\Cadence\PSpiceTI\tools\bin\Capture.exe" => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{8E2C640F-179D-4F24-B868-79545AA1D07F}\InprocServer32 -> C:\Cadence\PSpiceTI\tools\bin\orpicis64.dll => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{94DD3F8F-15D5-4C68-B08F-FBBEB23A2917}\InprocServer32 -> C:\Cadence\PSpiceTI\tools\bin\orpiPspice64.dll => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{A00FC810-67C0-4560-B803-B33D8E2ED788}\InprocServer32 -> C:\Cadence\PSpiceTI\tools\bin\orpiPspice64.dll => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{A0257634-8812-4CE8-AF11-FA69ACAEAFAE}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.GcodePreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{A291AE7E-A8A1-4AED-91AF-3E4C9DE55072}\localserver32 -> "C:\Cadence\PSpiceTI\tools\bin\pspice.exe" => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{ABD09807-DBDB-44C3-91EF-B8161CDF5E8A}\localserver32 -> "C:\Cadence\PSpiceTI\tools\bin\SimSrvr.exe" => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{AC837119-0710-4053-B1A3-91DAFBF8CD1F}\localserver32 -> "C:\Cadence\PSpiceTI\tools\bin\pspice.exe" => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{C14FFDDE-A4E0-4732-9585-A7A86AD1822F}\InprocServer32 -> C:\Cadence\PSpiceTI\tools\bin\orpiPspice64.dll => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{C4911AF1-ADE4-4B0F-B358-F3C0420A2E66}\InprocServer32 -> C:\Cadence\PSpiceTI\tools\bin\orApConCtl64.dll => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynTPCpl.dll",ShowDevicePropPage 1
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{C9C84AEC-384B-4616-B67E-CBC36CA8D3C0}\localserver32 -> "C:\Cadence\PSpiceTI\tools\bin\Capture.exe" => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{D07E9671-C64F-4BBD-A757-7E777F134437}\localserver32 -> "C:\Cadence\PSpiceTI\tools\bin\pspice.exe" => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{D255B66D-E366-4F8F-A6D3-BFA1E6C662B2}\InprocServer32 -> C:\Cadence\PSpiceTI\tools\bin\orgenlibcom64.dll => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{D2643F4A-62B4-4A6E-B8BE-5BF1E9F58D2A}\localserver32 -> "C:\Cadence\PSpiceTI\tools\bin\Capture.exe" => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{D328A334-5933-4D10-9DE9-F2E42BC6AC62}\InprocServer32 -> C:\Cadence\PSpiceTI\tools\bin\orpiPspice64.dll => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{D776B805-6A11-42C0-999C-09BE80BD1D2A}\InprocServer32 -> C:\Cadence\PSpiceTI\tools\bin\orpicis64.dll => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{D8034CFA-F34B-41FE-AD45-62FCBB52A6DA}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.MonacoPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{DB2D5854-0B7A-468D-8E7F-1F328DD4D4A9}\InprocServer32 -> C:\Cadence\PSpiceTI\tools\bin\orpicis64.dll => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{DD082149-76AD-4271-8771-AD6912B0605A}\localserver32 -> "C:\Cadence\PSpiceTI\tools\bin\pspice.exe" => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{E3C5EFAB-0C6D-42F5-BB94-D2C5234C863C}\InprocServer32 -> C:\Cadence\PSpiceTI\tools\bin\orpiPspice64.dll => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{EB0DEA2E-EF40-44CD-A2B0-2B66C03C3762}\localserver32 -> "C:\Cadence\PSpiceTI\tools\bin\Capture.exe" => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{EB449AE0-8CF9-484F-976F-B9D8D7C550F0}\InprocServer32 -> C:\Cadence\PSpiceTI\tools\bin\orpiPIC64.dll => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{EF05EE67-7E36-4545-8C43-79F623414A47}\InprocServer32 -> C:\Cadence\PSpiceTI\tools\bin\orpiica64.dll => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{F2847CBE-CD03-4C83-A359-1A8052C1B9D5}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.GcodeThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{F37B477B-1C5C-4482-B7D3-14581E368ACC}\localserver32 -> "C:\Cadence\PSpiceTI\tools\bin\simmgr.exe" => No File
CustomCLSID: HKU\S-1-5-21-1646689598-3579479116-263840635-1001_Classes\CLSID\{FCDD4EED-41AA-492F-8A84-31A1546226E0}\InprocServer32 -> C:\Program Files\PowerToys\modules\FileExplorerPreview\PowerToys.SvgPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-11-30] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-11-30] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-11-30] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-11-30] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-01-13] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2020-12-31] (Notepad++ -> )
ContextMenuHandlers2: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Program Files\PowerToys\modules\FileLocksmith\PowerToys.FileLocksmithExt.dll [2023-05-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [ACShell] -> {D3F9A525-8824-497A-BE36-B23E22F141FC} => C:\Program Files\Attribute Changer\acshell.dll [2020-09-26] (Romain Petges) [File not signed]
ContextMenuHandlers3: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Program Files\PowerToys\modules\FileLocksmith\PowerToys.FileLocksmithExt.dll [2023-05-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Program Files\PowerToys\modules\PowerRename\PowerToys.PowerRenameExt.dll [2023-05-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.246.1127.0002\FileSyncShell64.dll [2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Program Files\PowerToys\modules\PowerRename\PowerToys.PowerRenameExt.dll [2023-05-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-11-30] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-01-13] (Adobe Inc. -> Adobe Systems Inc.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Wizzard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Play Music.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=fahmaaghhglfmonjliepjlchgpgfmobi
ShortcutWithArgument: C:\Users\Wizzard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\VNC® Viewer for Google Chrome™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=iabmpiboiopbgfabjmgeedhcmjenhbla
ShortcutWithArgument: C:\Users\Wizzard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
==================== Loaded Modules (Whitelisted) =============
2022-04-20 04:31 - 2017-11-02 05:36 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_ENU.DLL
2022-04-20 04:31 - 2017-11-02 05:36 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2019-07-29 14:51 - 2017-07-05 19:37 - 001350656 _____ (Conexant Systems, Inc.) [File not signed] C:\Program Files\Conexant\SA3\HP-NB-AIO\CxHDAudioAPI.dll
2021-02-03 23:17 - 2019-02-21 09:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2021-02-19 22:45 - 2020-09-26 23:13 - 000535552 _____ (Romain Petges) [File not signed] C:\Program Files\Attribute Changer\acshell.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-1646689598-3579479116-263840635-1001\Software\Classes\regfile: <==== ATTENTION
HKU\S-1-5-21-1646689598-3579479116-263840635-1001\Software\Classes\.reg: => <==== ATTENTION
HKU\S-1-5-21-1646689598-3579479116-263840635-1001\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-1646689598-3579479116-263840635-1001\Software\Classes\.cmd: => <==== ATTENTION
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-01-13] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-01-13] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-01-13] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-01-13] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-01-13] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-01-13] (Adobe Inc. -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-01-17] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-09-15 00:31 - 2021-07-08 16:27 - 000001052 _____ C:\WINDOWS\system32\drivers\etc\hosts
10.10.7.65 host.docker.internal
10.10.7.65 gateway.docker.internal
127.0.0.1 kubernetes.docker.internal
2021-01-25 15:45 - 2021-07-19 14:42 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.31.0.1 DESKTOP-DKBL38S.mshome.net # 2026 7 6 18 21 42 3 387
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1646689598-3579479116-263840635-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Local Area Connection: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Bluetooth Network Connection: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Wi-Fi: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Wi-Fi: Npcap Packet Driver (NPCAP) (Wi-Fi) -> INSECURE_NPCAP_WIFI (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-1646689598-3579479116-263840635-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{E85F95A6-5494-4BDF-A572-BE1CD813042E}C:\program files\windowsapps\arduinollc.arduinoide_1.8.42.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe] => (Allow) C:\program files\windowsapps\arduinollc.arduinoide_1.8.42.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe => No File
FirewallRules: [TCP Query User{CBA05C9F-8FDC-4C0E-B1C5-3A7188F3AF80}C:\program files\windowsapps\arduinollc.arduinoide_1.8.42.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe] => (Allow) C:\program files\windowsapps\arduinollc.arduinoide_1.8.42.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe => No File
FirewallRules: [{F3A41240-FC82-4B2E-B6F2-63731D2F5CD2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{D6D886BB-9696-446F-B041-2791A79FA736}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [UDP Query User{BDB2BC23-CF43-4B5F-915A-69A946BC5F0F}C:\program files\docker\docker\resources\com.docker.backend.exe] => (Allow) C:\program files\docker\docker\resources\com.docker.backend.exe => No File
FirewallRules: [TCP Query User{8AC1ACA8-4B75-4FA8-BDF1-259046C56DF9}C:\program files\docker\docker\resources\com.docker.backend.exe] => (Allow) C:\program files\docker\docker\resources\com.docker.backend.exe => No File
FirewallRules: [{6BF454A2-2ED8-4080-A455-284CC389DAF9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{61F3FCDD-0664-49A5-8254-43172F426DA6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{AE7F1F5B-3C12-4AE0-A0CB-F004456C7041}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{536F2899-D945-402E-B8AF-2FF5823B76DE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{60B4EC6C-CC24-4460-803E-534F58340F1B}] => (Allow) C:\Users\Wizzard\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{39D32E84-528E-40EA-8FA9-9750A7636F79}] => (Allow) C:\Users\Wizzard\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{5A9EDCEE-0F70-4563-A054-0CE142EC2A57}] => (Allow) C:\Users\Wizzard\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{B08E6F22-3CAA-4DA2-AF09-3EB4ED0730D0}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe (mIRC Co. Ltd. -> mIRC Co. Ltd.)
FirewallRules: [UDP Query User{AC0456E9-E688-4B8B-833D-13E3C9AEDA84}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe (mIRC Co. Ltd. -> mIRC Co. Ltd.)
FirewallRules: [{38D35F54-539D-4CB4-B87F-9FB98EF05CAC}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe => No File
FirewallRules: [{786FF60B-3680-4EAD-BF4E-EB174DDCC77A}] => (Allow) C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe => No File
FirewallRules: [{55B4C880-9078-4524-B251-837EFDEE9DDB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{11D02ADA-F7F0-4D84-A67D-528E07E9CE48}] => (Allow) C:\Program Files\PowerToys\modules\MouseWithoutBorders\PowerToys.MouseWithoutBorders.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{B6ECC16B-62CA-4A0B-8EB4-BA01E3685FD6}C:\program files (x86)\altium\cm2\circuitmaker.exe] => (Allow) C:\program files (x86)\altium\cm2\circuitmaker.exe (Altium LLC -> )
FirewallRules: [UDP Query User{54E87010-7C38-418B-A0F6-948E4FF0CB46}C:\program files (x86)\altium\cm2\circuitmaker.exe] => (Allow) C:\program files (x86)\altium\cm2\circuitmaker.exe (Altium LLC -> )
FirewallRules: [{D457B4D3-0255-489A-AE58-E5C68F6EE054}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.72\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B9625211-4B97-4ED8-86ED-99E7907C8529}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\120.0.2210.133\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{23D17EAC-2E4E-418C-82D9-58C3B2BCA7DB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
20-11-2023 14:53:22 Windows Modules Installer
01-12-2023 12:24:36 Windows Modules Installer
17-01-2024 13:01:20 Windows Modules Installer
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/17/2024 01:01:04 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-DKBL38S)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Error: (11/20/2023 11:32:02 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY)
Description: Product: Update for Windows 10 for x64-based Systems (KB5001716) -- A later version of Update for Windows 10 for x64-based Systems (KB5001716) is already installed. Setup will now exit.
Error: (11/20/2023 11:28:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchApp.exe, version: 10.0.19041.3031, time stamp: 0x30ed67b0
Faulting module name: KERNELBASE.dll, version: 10.0.19041.3086, time stamp: 0xe1ac3f79
Exception code: 0xc000027b
Fault offset: 0x000000000012d8b2
Faulting process id: 0x4164
Faulting application start time: 0x01da1c43ee24ec18
Faulting application path: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: ec74323d-cead-4bd4-abcb-170ad3761b4a
Faulting package full name: Microsoft.Windows.Search_1.14.10.19041_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: CortanaUI
Error: (11/20/2023 11:28:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchApp.exe, version: 10.0.19041.3031, time stamp: 0x30ed67b0
Faulting module name: KERNELBASE.dll, version: 10.0.19041.3086, time stamp: 0xe1ac3f79
Exception code: 0xc000027b
Fault offset: 0x000000000012d8b2
Faulting process id: 0x2410
Faulting application start time: 0x01da1c43e76dbeca
Faulting application path: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 90c0a567-7d3a-47d0-8df0-e7f25662617c
Faulting package full name: Microsoft.Windows.Search_1.14.10.19041_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: CortanaUI
Error: (11/20/2023 11:27:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SearchApp.exe, version: 10.0.19041.3031, time stamp: 0x30ed67b0
Faulting module name: KERNELBASE.dll, version: 10.0.19041.3086, time stamp: 0xe1ac3f79
Exception code: 0xc000027b
Fault offset: 0x000000000012d8b2
Faulting process id: 0xe70
Faulting application start time: 0x01da1c43d4d1bee4
Faulting application path: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 58fb1392-e420-4d6d-a4ef-d1cb647368d9
Faulting package full name: Microsoft.Windows.Search_1.14.10.19041_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: CortanaUI
Error: (11/20/2023 02:29:59 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY)
Description: Product: Update for Windows 10 for x64-based Systems (KB5001716) -- A later version of Update for Windows 10 for x64-based Systems (KB5001716) is already installed. Setup will now exit.
Error: (11/20/2023 02:19:09 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-DKBL38S)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Error: (11/03/2023 10:03:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program WWAHost.exe version 10.0.19041.1865 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 2244
Start Time: 01da0e77724d1ca8
Termination Time: 4294967295
Application Path: C:\Windows\System32\WWAHost.exe
Report Id: 41bab6bb-ed84-4edf-8014-6d7df5d120be
Faulting package full name: Microsoft.Windows.CloudExperienceHost_10.0.19041.1266_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: App
Hang type: Activation
System errors:
=============
Error: (12/01/2023 12:06:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80240017: 2023-05 Update for Windows 10 Version 21H2 for x64-based Systems (KB5001716).
Error: (11/21/2023 12:16:30 AM) (Source: WinRM) (EventID: 10142) (User: )
Description: The WinRM service cannot migrate the listener with Address * and Transport HTTP. A listener that has the same Address and Transport configuration already exists.
Error: (11/20/2023 11:48:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The UIUService service failed to start due to the following error:
The system cannot find the file specified.
Error: (11/20/2023 11:47:58 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service UsoSvc with arguments "Unavailable" in order to run the server:
{9C695035-48D2-4229-8B73-4C70E756E519}
Error: (11/20/2023 11:45:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The UIUService service failed to start due to the following error:
The system cannot find the file specified.
Error: (11/20/2023 11:32:03 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8024200b: 2023-05 Update for Windows 10 Version 21H2 for x64-based Systems (KB5001716).
Error: (11/20/2023 03:11:51 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NKSQGP7F2NH-5319275A.WhatsAppDesktop.
Error: (11/20/2023 02:58:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9PB1QWVW0R95-Microsoft.WindowsAppRuntime.1.4.
Windows Defender:
================
Date: 2024-01-17 14:11:00
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-12-01 12:24:49
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-11-03 12:52:37
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-07-31 23:53:33
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-07-31 09:26:20
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:
Date: 2022-12-13 17:16:51
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.381.379.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19900.2
Error code: 0x80072ee2
Error description: The operation timed out
Date: 2022-12-13 17:16:51
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.381.379.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19900.2
Error code: 0x80072ee2
Error description: The operation timed out
Date: 2022-12-13 17:16:51
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.381.379.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19900.2
Error code: 0x80072ee2
Error description: The operation timed out
Date: 2022-12-13 14:15:51
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.379.1431.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19800.4
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2022-12-13 14:15:51
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.379.1431.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.19800.4
Error code: 0x80070102
Error description: The wait operation timed out.
CodeIntegrity:
===============
Date: 2023-12-01 12:24:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-11-03 12:11:37
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-07-28 20:42:37
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-06-12 11:51:47
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-05-30 21:06:39
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-05-25 21:19:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Insyde F.27 04/17/2017
Motherboard: HP 81AD
Processor: Intel® Core™ i7-7500U CPU @ 2.70GHz
Percentage of memory in use: 47%
Total physical RAM: 16256.66 MB
Available physical RAM: 8516.28 MB
Total Virtual: 18688.66 MB
Available Virtual: 9968.62 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:475.7 GB) (Free:309.6 GB) (Model: INTEL SSDPEKKW512G8) NTFS
\\?\Volume{a34d44c2-e9f8-46e7-8151-4d5b0e5e1c82}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{4c190449-f28d-4550-90c4-d89386097a27}\ () (Fixed) (Total:0.64 GB) (Free:0.06 GB) NTFS
\\?\Volume{d486fbef-c1f9-4c06-a1de-6bad77d6da44}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Sign In
Create Account
