Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13.07.2024
Ran by motti (administrator) on DARRELL-HP-SPEC (HP HP Spectre x360 Convertible 13-aw0xxx) (15-07-2024 19:59:24)
Running from C:\Users\motti\OneDrive\Desktop\FRST64.exe
Loaded Profiles: User & motti
Platform: Microsoft Windows 11 Home Version 23H2 22631.3880 (X64) Language: English (United Kingdom)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Photoshop (Beta)\Adobe Crash Processor.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Photoshop (Beta)\LogTransport2.exe
(Agilebits -> 1Password) C:\Users\motti\AppData\Local\1Password\app\8\1Password.exe <3>
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <4>
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.30.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.102\msedgewebview2.exe <12>
(cmd.exe ->) (Agilebits -> AgileBits, Inc.) C:\Users\motti\AppData\Local\1Password\app\8\1Password-BrowserSupport.exe <2>
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe <2>
(DriverStore\FileRepository\cui_dch.inf_amd64_f28757245a4f2ef2\igfxCUIServiceN.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f28757245a4f2ef2\igfxEMN.exe
(DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\dptf_helper.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <29>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <15>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2024.625.600_x64__8wekyb3d8bbwe\olk.exe
(explorer.exe ->) (Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(SECOMN64.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ) C:\Windows\SysWOW64\ElanTouchXiSvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_62028dfcb8fe6a80\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_62028dfcb8fe6a80\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_62028dfcb8fe6a80\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_62028dfcb8fe6a80\x64\SysInfoCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ba273d0ffb93e225\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\TbtP2pShortcutService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_5260ddd49ca9ef3b\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(services.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f28757245a4f2ef2\igfxCUIServiceN.exe
(services.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_e860b467f6e0e00c\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel® pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_7fce628e158be8d7\IntelCpHDCPSvc.exe
(services.exe ->) (Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Reallusion Inc. -> Reallusion.Inc) C:\Program Files (x86)\Common Files\Reallusion\RLHostService\RLHostService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <3>
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(services.exe ->) (TBT_DCH_DRV_PROD -> Intel Corporation) C:\Windows\ThunderboltService.exe
(services.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files\Common Files\Zoom\Support\CptService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2424.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_6.0.0.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21998.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21998.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.30.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Microsoft.AAD.BrokerPlugin.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [980496 2019-09-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116912 2024-06-06] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\Run: [HPOneAgentService] => C:\Program Files\HP\HP One Agent\hp-one-agent-service.exe [1939472 2024-06-11] (HP Inc. -> HP Inc; HP Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [133128 2024-05-07] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [9248144 2024-07-09] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [GoToMeetingInstall19992] => C:\Program Files (x86)\GoToMeeting\19992\G2MInstaller.exe [34872 2024-07-13] (LogMeIn, Inc. -> LogMeIn, Inc.)
HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [194056 2024-06-11] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45629344 2024-06-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\Run: [CCleanerBrowserAutoLaunch_8D4CC1622ACB2D8CF3B8EA616AD9F228] => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3171032 2024-07-03] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\Run: [electron.app.Loom] => C:\Users\motti\AppData\Local\Programs\Loom\Loom.exe [139767008 2022-04-28] (Loom, Inc. -> Loom, Inc.)
HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\Run: [com.squirrel.Teams.Teams] => C:\Users\motti\AppData\Local\Microsoft\Teams\Update.exe [2613704 2024-03-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\Run: [MicrosoftEdgeAutoLaunch_2F00D187B1D9FA874EA7F713C90970C2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [3883560 2024-07-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\Run: [CiscoMeetingDaemon] => C:\Users\motti\AppData\Local\WebEx\WebexHost.exe [8039008 2023-04-10] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\Run: [electron.app.BlueStacks Services] => C:\Users\motti\AppData\Local\Programs\bluestacks-services\BlueStacksServices.exe [162219656 2024-05-08] (Now.gg, INC -> now.gg, Inc.)
HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\Run: [1Password] => C:\Users\motti\AppData\Local\1Password\app\8\1Password.exe [176788320 2024-07-10] (Agilebits -> 1Password)
HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\Run: [GoogleChromeAutoLaunch_9D886D343CA417F5BE314B99A95D3F56] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [2795808 2024-06-22] (Google LLC -> Google LLC)
HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [8523168 2024-06-27] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\Run: [CiscoSpark] => C:\Users\motti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webex\Webex.lnk [1468 2024-07-13] () [File not signed]
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2021-12-24] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP CE11 Status Monitor: C:\WINDOWS\system32\hpinkstsCE11LM.dll [393352 2017-03-20] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\126.0.25558.127\Installer\chrmstp.exe [2024-07-12] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\126.0.6478.127\Installer\chrmstp.exe [2024-06-26] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\motti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Reallusion Hub.lnk [2023-01-31]
ShortcutTarget: Reallusion Hub.lnk -> C:\Program Files\Common Files\Reallusion\LiveUpdate\Reallusion Hub.exe (Reallusion Inc. -> Reallusion Inc.)
Startup: C:\Users\motti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2020-06-10]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\StartRLCMS.lnk [2024-06-12]
ShortcutTarget: StartRLCMS.lnk -> C:\ProgramData\Reallusion\RLRunUtility.exe (Reallusion Inc. -> )
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {AA87FC4E-86AC-4307-B5B8-CBE36B0D9D5E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1558984 2024-06-25] (Adobe Inc. -> Adobe Inc.)
Task: {283DF49F-A2A5-4115-B105-1806F846A437} - System32\Tasks\Adobe Creative Cloud => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1136560 2024-06-27] (Adobe Inc. -> Adobe Inc.)
Task: {8F70E18E-CE9D-4D2F-86BA-4B04639DC62B} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116912 2024-06-06] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {0BCEE535-69A8-45FF-98A5-CADD9DE16C90} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [4454832 2024-06-06] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {97013843-FA2E-4BC7-9350-6DA0B50D360B} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [302968 2024-01-25] (Now.gg, INC -> BlueStack Systems, Inc.)
Task: {AA7A1856-9F21-4FF1-96BE-EC86D74084A4} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3171032 2024-07-03] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
Task: {4870C176-FE00-40B7-A6E9-EEEE3A1E6D29} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3171032 2024-07-03] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
Task: {F78F0C83-ACB0-486D-AA67-EEBE6E2B5969} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-06-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {49235ACF-5CB6-4D1B-A70E-A08AEF378983} - System32\Tasks\CCleanerBrowserProtectS-1-5-21-633662038-590885182-3186226141-1003 => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowserProtect.exe [1717416 2024-04-23] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
Task: {7EC982AC-22B7-40A0-B01B-EDDE84DA529B} - System32\Tasks\CCleanerClean => C:\Program Files\CCleaner\CCleaner.exe [39451552 2024-06-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {6350A572-F37C-4D77-BBF0-157DBE407BE3} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-06-26] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "5b736df5-b3b7-4f62-b89a-cfefa97e4f09" --version "6.25.11131" --silent
Task: {01D7E00B-9642-4604-B9D5-1489E429AAE7} - System32\Tasks\CCleanerSkipUAC - motti => C:\Program Files\CCleaner\CCleaner.exe [39451552 2024-06-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {4024D1FC-4571-4F45-82B6-3C391E1EF381} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {A0EA4502-3DCA-4247-B2C5-A8B02C572750} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {BDED7DBD-92A8-4C28-AADB-ACA85E100435} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2024-04-08] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F204FC16-E047-4E30-A9D6-113F08BBE806} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2024-04-08] (Dropbox, Inc -> Dropbox, Inc.)
Task: {EA3A61F8-DD3D-4895-B20B-7D7884B6B70F} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\motti\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15145336 2024-07-15] (ESET, spol. s r.o. -> ESET)
Task: {58445513-B46E-4391-8773-849DC7CFC7BA} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\motti\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15145336 2024-07-15] (ESET, spol. s r.o. -> ESET)
Task: {AFEE6E1D-64BE-4F55-A95C-70084CA8DF7C} - System32\Tasks\G2MUpdateTask-AllUsers => C:\Program Files (x86)\GoToMeeting\19992\g2mupdate.exe [34872 2024-07-13] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {A9A8AB5E-EDC8-4740-B651-E69220A017DF} - System32\Tasks\G2MUpdateTask-S-1-5-21-633662038-590885182-3186226141-1003 => C:\Program Files (x86)\GoToMeeting\19992\g2mupdate.exe [34872 2024-07-13] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {4EBC3AC7-6513-4295-9549-65A60300D909} - System32\Tasks\G2MUploadTask-S-1-5-21-633662038-590885182-3186226141-1003 => C:\Program Files (x86)\GoToMeeting\19992\g2mupload.exe [34872 2024-07-13] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {FDC39B0D-1C48-41D3-9336-AEFBDB6A5973} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6537.0{512A5718-D5C6-4340-BF90-419095B97671} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6537.0\updater.exe [4623976 2024-06-13] (Google LLC -> Google LLC)
Task: {B842348F-FBC7-48DF-8AB3-29EB1B6984FC} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64472 2024-06-21] (HP Inc. -> HP Inc.)
Task: {E3122FC2-68E7-44FC-8211-546A173EAF60} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64472 2024-06-21] (HP Inc. -> HP Inc.)
Task: {40739564-5E33-4948-B6F2-C84DC377C52A} - System32\Tasks\HPCustParticipation HP ENVY 5540 series => C:\Program Files\HP\HP ENVY 5540 series\Bin\HPCustPartic.exe [6438536 2017-03-27] (Hewlett Packard -> HP Inc.)
Task: {385005BB-EA9B-4396-85AC-509DFAF74C05} - System32\Tasks\HPOneAgentRepairTask => C:\ProgramData\Package Cache\{EC1ABEFA-64AF-46EC-B656-2BA6F30CB630}\HPOneAgent.exe [1169552 2024-07-11] (HP Inc. -> HP Inc.)
Task: {ADFC1E29-6B60-4E18-9828-FFA4B09C0C82} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28512448 2024-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {5E64DD43-5498-4F33-BA4A-9147AAF96B9F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28512448 2024-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {37F3DB52-9BF5-4A45-B463-E590C30B433F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309696 2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {C52AADEF-447B-403E-88F3-4545A9EF31C8} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309696 2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {E15372D8-A037-46C0-B0E9-355105D034E8} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [169408 2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {0BF599E4-8B95-4394-B57C-ECF164CA654C} - System32\Tasks\Microsoft\Windows\Application Experience\PcaWallpaperAppDetect => C:\WINDOWS\system32\rundll32.exe [90112 2024-07-10] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\PcaSvc.dll,PcaWallpaperAppDetect
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {CF127EFA-2905-4E05-98AE-332725BFB03B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {FCCC0CB9-1325-4F5E-8AAA-C7C314E64B08} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => %systemroot%\system32\MusNotification.exe Display (No File)
Task: {47C1635D-5418-4605-AAC8-9D8B72A239D9} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {DEFC4DB6-85D3-45BC-A899-374F19E8FFD2} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {A1D98CA3-4D86-4077-9640-BFD2C264F36D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5B64C18B-60D7-4A8F-8402-1495DAE8E064} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {47A99ED8-B9A9-4BA1-8C4F-AEA865D39FB5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7B964E7C-3132-4EFA-B90C-500FD250590F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0132FCA1-1079-444F-98C6-E29002F12BE6} - System32\Tasks\Opera scheduled assistant Autoupdate 1614264413 => C:\Users\motti\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\motti\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {D5DD3F8C-E639-4FE8-8C58-5AD1C5F9282B} - System32\Tasks\Opera scheduled Autoupdate 1614264411 => c:\users\motti\appdata\local\programs\opera\autoupdate\opera_autoupdate.exe --scheduledtask --bypasslauncher $(Arg0) (No File)
Task: {41B320C0-D9D8-4417-9BCA-11A29B3341D0} - System32\Tasks\RLHub_SkipUac_motti => C:\Program Files\Common Files\Reallusion\LiveUpdate\Reallusion Hub.exe [1568008 2022-12-28] (Reallusion Inc. -> Reallusion Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerClean.job => C:\Program Files\CCleaner\CCleaner.exe
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-AllUsers.job => C:\Program Files (x86)\GoToMeeting\19992\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-633662038-590885182-3186226141-1003.job => C:\Program Files (x86)\GoToMeeting\19992\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-633662038-590885182-3186226141-1003.job => C:\Program Files (x86)\GoToMeeting\19992\g2mupload.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.4.1
Tcpip\..\Interfaces\{6b948f1b-e239-44b3-9684-b077ccd31194}: [DhcpNameServer] 192.168.4.1
Tcpip\..\Interfaces\{6b948f1b-e239-44b3-9684-b077ccd31194}\2456C66756465627560275966496: [DhcpNameServer] 8.8.8.8 185.51.168.5
Tcpip\..\Interfaces\{6b948f1b-e239-44b3-9684-b077ccd31194}\2496A737071636560245865616C6560234573747F6D65627: [DhcpNameServer] 10.0.22.254
Tcpip\..\Interfaces\{6b948f1b-e239-44b3-9684-b077ccd31194}\2496A737071636560245865616C656027457563747: [DhcpNameServer] 10.0.100.254
Tcpip\..\Interfaces\{6b948f1b-e239-44b3-9684-b077ccd31194}\34F63747160234F6666656560275966496: [DhcpNameServer] 88.215.61.255 88.215.63.255
Tcpip\..\Interfaces\{6b948f1b-e239-44b3-9684-b077ccd31194}\359627F6E616: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{6b948f1b-e239-44b3-9684-b077ccd31194}\4416272756C6C6723702352303: [DhcpNameServer] 192.168.206.22
Tcpip\..\Interfaces\{6b948f1b-e239-44b3-9684-b077ccd31194}\4425D454: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6b948f1b-e239-44b3-9684-b077ccd31194}\4425D454: [DhcpDomain] home
Tcpip\..\Interfaces\{6b948f1b-e239-44b3-9684-b077ccd31194}\44D4: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{6b948f1b-e239-44b3-9684-b077ccd31194}\84F6D6567596D26496: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6b948f1b-e239-44b3-9684-b077ccd31194}\84F6D6567596D26496: [DhcpDomain] home
Tcpip\..\Interfaces\{6b948f1b-e239-44b3-9684-b077ccd31194}\B4F6E6E6563647: [DhcpNameServer] 8.8.8.8 192.168.0.5
Tcpip\..\Interfaces\{6b948f1b-e239-44b3-9684-b077ccd31194}\B4F6E6E6563647: [DhcpDomain] parkloyd.london
Tcpip\..\Interfaces\{6b948f1b-e239-44b3-9684-b077ccd31194}\F4D6E69616025374: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6b948f1b-e239-44b3-9684-b077ccd31194}\F4D6E6961602F46666963656: [DhcpNameServer] 10.40.16.11
Tcpip\..\Interfaces\{6b948f1b-e239-44b3-9684-b077ccd31194}\F4D6E6961602F46666963656: [DhcpDomain] OMNIA.LOCAL
Tcpip\..\Interfaces\{6b948f1b-e239-44b3-9684-b077ccd31194}\F4D6E69616D23547166666: [DhcpNameServer] 10.40.16.11
Tcpip\..\Interfaces\{6b948f1b-e239-44b3-9684-b077ccd31194}\F4D6E69616D23547166666: [DhcpDomain] OMNIA.LOCAL
Tcpip\..\Interfaces\{9387b233-62ed-49cd-b888-59a123360191}: [NameServer] 172.17.3.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\motti\AppData\Local\Microsoft\Edge\User Data\Default [2024-07-15]
Edge Notifications: Default -> hxxps://b.oataltaul.com; hxxps://calendar.google.com; hxxps://teams.microsoft.com; hxxps://web.whatsapp.com; hxxps://www.justarsenal.com; hxxps://www.youtube.com
Edge Extension: (Loom for Edge) - C:\Users\motti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\abeameknhmpmfegfbeioekonmhbmbpai [2022-09-03]
Edge Extension: (Property Tracker) - C:\Users\motti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\abgkpdjomdmemeefdefalbeogkmlmand [2022-09-03]
Edge Extension: (Honey: Automatic Coupons & Rewards) - C:\Users\motti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\amnbcmdbanbkjhnfoeceemmmdiepnbpp [2024-02-29]
Edge Extension: (Save to Pinterest) - C:\Users\motti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bkgoflemacdadndiohhdnphcmdhacabg [2024-07-06]
Edge Extension: (DuckDuckGo) - C:\Users\motti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caoacbimdbbljakfhgikoodekdnlcgpk [2024-07-13]
Edge Extension: (lock) - C:\Users\motti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dppgmdbiimibapkepcbdbmkaabgiofem [2024-06-23]
Edge Extension: (MozBar) - C:\Users\motti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp [2022-09-03]
Edge Extension: (Project Naptha) - C:\Users\motti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eckaechjaiiiffijigiigbhbfhelljmi [2022-09-03]
Edge Extension: (Meta Pixel Helper) - C:\Users\motti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2024-03-06]
Edge Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\motti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2024-06-19]
Edge Extension: (Google Docs Offline) - C:\Users\motti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-06-17]
Edge Extension: (Streak CRM for Gmail) - C:\Users\motti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gjfnhcobilifnmokegginjeenmlmlccn [2024-07-13]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\motti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2024-07-06]
Edge Extension: (Keywords Everywhere - Keyword Tool) - C:\Users\motti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hbapdpeemoojbophdfndmlgdhppljgmp [2024-07-02]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\motti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-06-12]
Edge Extension: (Fontanello) - C:\Users\motti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jdlhfjlpaijjhklfadlhbbmpjfddkglc [2024-04-04]
Edge Extension: (Edge relevant text changes) - C:\Users\motti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (Gmail reverse conversation) - C:\Users\motti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kfgepjmmgamniaefbjlbacahkjjnjoaa [2023-08-02]
Edge Extension: (Similar Sites - Discover Related Websites) - C:\Users\motti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\necpbmbhhdiplmfhmjicabdeighkndkn [2024-06-28]
Edge Extension: (Endole QuickView) - C:\Users\motti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nfbbahbhaadfdhedpoifbamfdcfnflei [2022-09-03]
Edge Extension: (Clipt) - C:\Users\motti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ngpicahlgepngcpigiiebnheihgbaenh [2022-09-03]
Edge Extension: (PropertyData - Data, Info & Analysis) - C:\Users\motti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nmgflehpkmokienojjgpbddklnedoonp [2024-04-04]
Edge Extension: (Scribe: AI Documentation, SOPs & Screenshots) - C:\Users\motti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\okfkdaglfjjjfefdcppliegebpoegaii [2024-07-10]
Edge Extension: (Vidyard - Screen Recorder & Screen Capture) - C:\Users\motti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ollpphgpdfopboaicbijmelbeninibli [2024-07-06]
Edge Extension: (Lusha - Easily find B2B contact information) - C:\Users\motti\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pafckojojojjcjiimflfcchilgkeblcj [2024-06-28]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: svm6znfc.default
FF ProfilePath: C:\Users\motti\AppData\Roaming\Mozilla\Firefox\Profiles\svm6znfc.default [2020-06-16]
FF ProfilePath: C:\Users\motti\AppData\Roaming\Mozilla\Firefox\Profiles\bsh8s6mf.default-release [2024-07-15]
FF Notifications: Mozilla\Firefox\Profiles\bsh8s6mf.default-release -> hxxps://www.sunderlandecho.com
FF Extension: (YouTube Video Downloader/YouTube HD Download) - C:\Users\motti\AppData\Roaming\Mozilla\Firefox\Profiles\bsh8s6mf.default-release\Extensions\
[email protected] [2021-02-03]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\motti\AppData\Roaming\Mozilla\Firefox\Profiles\bsh8s6mf.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-09-08]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\motti\AppData\Roaming\Mozilla\Firefox\Profiles\bsh8s6mf.default-release\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2023-05-06]
FF Extension: (FF Facebook Pixel Helper) - C:\Users\motti\AppData\Roaming\Mozilla\Firefox\Profiles\bsh8s6mf.default-release\Extensions\{f78d2e9e-892f-43bf-8bd2-a79a85203a0b}.xpi [2021-12-09]
FF HKLM\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-05-29]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2024-06-27] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-06-27] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2024-06-27] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\motti\AppData\Local\Google\Chrome\User Data\Default [2024-07-15]
CHR Notifications: Default -> hxxps://app.hubspot.com; hxxps://calendar.google.com; hxxps://cm.zoho.eu; hxxps://crm.zoho.eu; hxxps://harbourclub.pushcrew.com; hxxps://mail.google.com; hxxps://property.mitula.co.uk; hxxps://saymineapp.com; hxxps://teams.microsoft.com; hxxps://web.whatsapp.com; hxxps://www.insta360.com; hxxps://www.loom.com; hxxps://www.upwork.com
CHR Extension: (lock) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeblfdkhhhdcdjpifhhbdiojplfjncoa [2024-06-21]
CHR Extension: (ColorZilla) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2024-05-29]
CHR Extension: (DuckDuckGo) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2024-06-21]
CHR Extension: (Honey: Automatic Coupons & Rewards) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2024-07-10]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-07-06]
CHR Extension: (MozBar) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp [2022-01-25]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-07-06]
CHR Extension: (GoFullPage - Full Page Screen Capture) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2024-06-21]
CHR Extension: (Google Docs Offline) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-06-12]
CHR Extension: (Save to Pinterest) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2024-07-06]
CHR Extension: (Keywords Everywhere - Keyword Tool) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbapdpeemoojbophdfndmlgdhppljgmp [2024-07-06]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-06-12]
CHR Extension: (Fontanello) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdlhfjlpaijjhklfadlhbbmpjfddkglc [2024-04-03]
CHR Extension: (Gmail reverse conversation) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgepjmmgamniaefbjlbacahkjjnjoaa [2023-08-03]
CHR Extension: (Loom – Screen Recorder & Screen Capture) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Default\Extensions\liecbddmkiiihnedobmlmillhodjkdmb [2024-07-10]
CHR Extension: (WebChatGPT: ChatGPT with internet access) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpfemeioodjbpieminkklglpmhlngfcn [2024-07-13]
CHR Extension: (Endole QuickView) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfbbahbhaadfdhedpoifbamfdcfnflei [2020-07-30]
CHR Extension: (Clipt) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpicahlgepngcpigiiebnheihgbaenh [2022-06-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Scribe: AI Documentation, SOPs & Screenshots) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfkdaglfjjjfefdcppliegebpoegaii [2024-07-10]
CHR Extension: (Streak CRM for Gmail) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik [2024-07-13]
CHR Profile: C:\Users\motti\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-07-13]
CHR Profile: C:\Users\motti\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-07-13]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-03-27]
CHR Extension: (Google Docs Offline) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-27]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-03-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-06]
CHR Profile: C:\Users\motti\AppData\Local\Google\Chrome\User Data\Profile 3 [2024-07-13]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-09-07]
CHR Extension: (Google Docs Offline) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-07]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-09-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-05-27]
CHR Profile: C:\Users\motti\AppData\Local\Google\Chrome\User Data\Profile 4 [2024-07-13]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-06-13]
CHR Extension: (Google Docs Offline) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-05-31]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-06-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\motti\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-05-31]
CHR Profile: C:\Users\motti\AppData\Local\Google\Chrome\User Data\System Profile [2024-07-15]
CHR HKU\.DEFAULT\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-633662038-590885182-3186226141-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\motti\AppData\Roaming\Opera Software\Opera Stable [2024-07-13]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\motti\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-05-05]
OPR Extension: (Opera Wallet) - C:\Users\motti\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-05-05]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\motti\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-10-30]
OPR Extension: (Opera AI Prompts) - C:\Users\motti\AppData\Roaming\Opera Software\Opera Stable\Extensions\mljbnbeedpkgakdchcmfapkjhfcogaoc [2023-05-05]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-06-25] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944048 2024-06-27] (Adobe Inc. -> Adobe Inc.)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\126.0.25558.127\elevation_service.exe [1773360 2024-07-03] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1085856 2024-06-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14023752 2024-06-21] (Microsoft Corporation -> Microsoft Corporation)
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2024-04-08] (Dropbox, Inc -> Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2024-04-08] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2024-07-09] (Dropbox, Inc -> Dropbox, Inc.)
S4 DropboxElevationService; C:\Program Files (x86)\Dropbox\Client\203.4.4857\DropboxElevationService.exe [1659288 2024-07-09] (Dropbox, Inc -> Dropbox, Inc.)
R2 ElanTouchXiSvc; C:\WINDOWS\SysWOW64\ElanTouchXiSvc.exe [560864 2022-12-19] (ELAN MICROELECTRONICS CORPORATION -> )
S4 hp-one-agent-service; C:\Program Files\HP\HP One Agent\hp-one-agent-service.exe [1939472 2024-06-11] (HP Inc. -> HP Inc; HP Development Company, L.P.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_62028dfcb8fe6a80\x64\AppHelperCap.exe [928312 2024-06-15] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_62028dfcb8fe6a80\x64\DiagsCap.exe [926672 2024-06-15] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_62028dfcb8fe6a80\x64\NetworkCap.exe [922576 2024-06-15] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-06-21] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_62028dfcb8fe6a80\x64\SysInfoCap.exe [927800 2024-06-15] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe [569008 2024-05-07] (HP Inc. -> HP Inc.)
R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_5260ddd49ca9ef3b\AS\IAS\IntelAudioService.exe [412152 2022-10-24] (Intel Corporation -> Intel)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8901528 2024-07-15] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-05-25] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe [1505416 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 RLHostService; C:\Program Files (x86)\Common Files\Reallusion\RLHostService\RLHostService.exe [285008 2022-01-13] (Reallusion Inc. -> Reallusion.Inc)
R2 TbtP2pShortcutService; C:\WINDOWS\TbtP2pShortcutService.exe [256856 2023-08-16] (Intel Corporation -> Intel Corporation)
S4 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [140424 2024-04-19] (TunnelBear (McAfee Canada ULC) -> TunnelBear)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe [3236728 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe [133704 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZoomCptService; "C:\Program Files\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\motti\AppData\Roaming\Zoom"
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 AX88179A; C:\WINDOWS\System32\DriverStore\FileRepository\axusbeth.inf_amd64_00da554e0fe424fd\AxUsbEth.sys [168048 2024-06-11] (WDKTestCert asix,133111579530933026 -> ASIX Electronics Corp.)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [394176 2024-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Bluestack System Inc.)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [218608 2024-06-12] (Microsoft Windows -> Microsoft Corporation)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1421dec2010cc057\x64\hpcustomcapdriver.sys [18984 2024-05-06] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [221136 2024-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-11-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-02-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl88900e6e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B7BD91E6-9079-41D1-B112-1D09D0493EE6}\MpKslDrv.sys [271640 2024-07-15] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsld09cbaa0; C:\WINDOWS\system32\MpEngineStore\MpKslDrv.sys [222464 2023-10-02] (Microsoft Windows -> Microsoft Corporation)
S3 polarbear-split-tunneling; C:\Program Files (x86)\TunnelBear\Drivers\x64\SplitTunnelingDriver.sys [29176 2023-07-10] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2020-11-14] (TunnelBear, Inc. -> The OpenVPN Project)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [94208 2023-11-14] (Microsoft Windows -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602520 2024-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105880 2024-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2022-10-21] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-07-15 15:12 - 2024-07-15 15:12 - 000003858 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2024-07-15 15:12 - 2024-07-15 15:12 - 000003416 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2024-07-15 15:12 - 2024-07-15 15:12 - 000000722 _____ C:\Users\motti\OneDrive\Desktop\eset.txt
2024-07-15 12:15 - 2024-07-15 17:00 - 000001378 _____ C:\Users\motti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2024-07-15 12:15 - 2024-07-15 17:00 - 000001278 _____ C:\Users\motti\OneDrive\Desktop\ESET Online Scanner.lnk
2024-07-15 12:15 - 2024-07-15 12:15 - 000000000 ____D C:\Users\motti\AppData\Local\ESET
2024-07-15 12:14 - 2024-07-15 12:14 - 008389496 _____ (ESET) C:\Users\motti\OneDrive\Desktop\esetonlinescanner.exe
2024-07-15 11:10 - 2024-07-15 11:10 - 008790880 _____ (Malwarebytes) C:\Users\motti\OneDrive\Desktop\adwcleaner(1).exe
2024-07-15 11:09 - 2024-07-15 12:11 - 000000000 ____D C:\AdwCleaner
2024-07-15 11:09 - 2024-07-15 11:09 - 000001238 _____ C:\Users\motti\OneDrive\Desktop\Malwarebytes Scan Report 2024-07-15 100059.txt
2024-07-15 10:42 - 2024-07-15 10:42 - 000375273 _____ C:\Users\motti\Downloads\240187-OGSO.pdf
2024-07-15 10:42 - 2024-07-15 10:42 - 000375168 _____ C:\Users\motti\Downloads\240186-OGSO.pdf
2024-07-13 16:42 - 2024-07-13 16:46 - 000060581 _____ C:\Users\motti\OneDrive\Desktop\Addition.txt
2024-07-13 16:41 - 2024-07-15 20:00 - 000054511 _____ C:\Users\motti\OneDrive\Desktop\FRST.txt
2024-07-13 16:41 - 2024-07-15 19:59 - 000000000 ____D C:\FRST
2024-07-13 16:38 - 2024-07-13 16:38 - 002395648 _____ (Farbar) C:\Users\motti\OneDrive\Desktop\FRST64.exe
2024-07-13 13:34 - 2024-07-13 13:34 - 000001460 _____ C:\Users\motti\OneDrive\Desktop\Webex.lnk
2024-07-13 13:34 - 2024-07-13 13:34 - 000000000 ____D C:\Users\motti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webex
2024-07-13 13:31 - 2024-07-13 13:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoom
2024-07-13 13:31 - 2024-07-13 13:31 - 000000000 ____D C:\Program Files\Zoom
2024-07-13 13:31 - 2024-07-13 13:31 - 000000000 ____D C:\Program Files\Common Files\Zoom
2024-07-13 13:11 - 2024-07-13 13:36 - 000000546 _____ C:\WINDOWS\Tasks\G2MUpdateTask-AllUsers.job
2024-07-13 13:11 - 2024-07-13 13:11 - 000003634 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-AllUsers
2024-07-13 13:11 - 2024-07-13 13:11 - 000000000 ____D C:\Program Files (x86)\GoToMeeting
2024-07-13 13:10 - 2024-07-13 13:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js
2024-07-13 13:10 - 2024-07-13 13:10 - 000000000 ____D C:\Program Files\nodejs
2024-07-13 13:08 - 2024-07-13 13:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2024-07-12 15:32 - 2024-07-12 15:32 - 002170904 _____ C:\Users\motti\Downloads\screencapture-lagonda-maskalls-co-uk-2024-07-12-15_31_52.pdf
2024-07-12 09:46 - 2024-07-12 09:51 - 000000000 ___HD C:\$WinREAgent
2024-07-12 09:42 - 2024-07-12 09:42 - 000050997 _____ C:\Users\motti\Downloads\Invoice INV-01280.pdf
2024-07-11 08:49 - 2024-07-11 08:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2024-07-10 13:12 - 2024-07-10 13:12 - 000077710 _____ C:\Users\motti\Downloads\Omnia_Outsourcing_Limited_-_Omnia_Monthly_Management_Reporting_Pack_-_Update_North_South (3).xlsx
2024-07-10 12:56 - 2024-07-10 12:56 - 000066300 _____ C:\Users\motti\Downloads\Omnia_Outsourcing_Limited_-_Omnia_Monthly_Management_Reporting_Pack_- May 24 - DRAFT.xlsx
2024-07-10 10:28 - 2024-07-10 10:28 - 000000000 ____D C:\ProgramData\bst_boost_interprocess
2024-07-10 10:28 - 2024-07-10 10:27 - 000007160 _____ C:\Users\motti\-1.14-windows.xml
2024-07-10 10:27 - 2024-07-10 10:28 - 000000000 ____D C:\ProgramData\BlueStacks_nxt
2024-07-10 10:27 - 2024-07-10 10:27 - 000000000 ____D C:\Program Files\BlueStacks_nxt
2024-07-10 01:59 - 2024-07-10 01:59 - 000025684 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-07-10 01:58 - 2024-07-10 01:58 - 000025684 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-07-09 15:46 - 2024-07-09 15:46 - 000155801 _____ C:\Users\motti\Downloads\RE_ Let's complete your virtual office onboarding – Omnia Outsourcing _ Sirona Medical Ltd.zip
2024-07-09 12:02 - 2024-07-09 12:02 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2024-07-08 18:28 - 2024-07-08 18:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TunnelBear
2024-07-08 10:52 - 2024-07-08 10:52 - 000000482 _____ C:\Users\motti\OneDrive\Desktop\DM director.txt
2024-07-05 15:19 - 2024-07-05 15:19 - 005229224 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw10.sys
2024-07-05 15:19 - 2024-07-05 15:19 - 001496120 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter10.dll
2024-07-05 09:19 - 2024-07-05 09:23 - 002662212 _____ C:\Users\motti\Downloads\O076 - Let Eng Accts and Tax 2023 (1).pdf
2024-07-03 18:03 - 2024-07-03 18:03 - 000110961 _____ C:\Users\motti\Downloads\R M Beckett.pdf
2024-07-03 16:57 - 2024-07-03 16:58 - 004014701 _____ C:\Users\motti\Downloads\jpg-pdf-1.zip
2024-07-02 15:13 - 2024-07-02 15:13 - 000193031 _____ C:\Users\motti\Downloads\Three Business Agreement for OMNIA BACK OFFICE LIMITED.pdf
2024-07-01 14:38 - 2024-07-01 15:14 - 000000000 ____D C:\Users\motti\OneDrive\Desktop\Jon K KC
2024-07-01 13:34 - 2024-07-12 09:26 - 000001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop (Beta).lnk
2024-06-30 11:29 - 2024-06-30 11:29 - 000131242 _____ C:\Users\motti\Downloads\return-label.pdf
2024-06-28 13:37 - 2024-06-28 13:47 - 000000957 _____ C:\Users\motti\Downloads\
[email protected]
2024-06-27 16:10 - 2024-06-28 16:46 - 000007715 _____ C:\Users\motti\Downloads\Trevor.txt
2024-06-27 15:38 - 2024-06-27 15:38 - 000000000 ____D C:\Users\motti\Downloads\Vaishvick Law
2024-06-27 15:27 - 2024-06-27 15:27 - 000000000 ____D C:\Users\motti\Downloads\asw
2024-06-27 12:20 - 2024-06-27 12:20 - 000102171 _____ C:\Users\motti\Downloads\20240517 Schedule 36 Notice-1.pdf
2024-06-27 12:19 - 2024-06-27 12:19 - 000078333 _____ C:\Users\motti\Downloads\Schedule of information.pdf
2024-06-27 12:11 - 2024-06-27 12:11 - 000135413 _____ C:\Users\motti\Downloads\Fwd_ Draft agreement for Omnia 'payroll' contract.eml
2024-06-25 16:47 - 2024-06-25 16:47 - 000475884 _____ C:\Users\motti\OneDrive\Desktop\Investec Capital Solutions - Credit Search Declaration.pdf
2024-06-21 15:41 - 2024-06-21 15:41 - 000996819 _____ C:\Users\motti\OneDrive\Desktop\self assessment.pdf
2024-06-20 11:30 - 2024-06-20 11:30 - 000053275 _____ C:\Users\motti\Downloads\statement-2023-December.pdf
2024-06-20 10:15 - 2024-06-20 10:15 - 029359096 _____ C:\Users\motti\Downloads\OmniaSirona Compliance 2024 .pdf
2024-06-18 12:55 - 2024-06-18 12:55 - 000873336 _____ C:\Users\motti\OneDrive\Desktop\Omnia Cash Flow Model 2024 05 14 cash flow forecast for 1 year V4.xlsx
2024-06-17 15:39 - 2024-06-17 15:39 - 017101472 _____ C:\Users\motti\Downloads\darrell.pdf
2024-06-17 14:40 - 2024-06-17 14:40 - 000137393 _____ C:\Users\motti\OneDrive\Desktop\GEN1500W - Pensions Declaration Document.docx.pdf
2024-06-17 09:55 - 2024-06-17 09:55 - 000036809 _____ C:\Users\motti\Downloads\Invoice_9269_from_Autism_Berkshire.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-07-15 19:59 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-07-15 19:53 - 2023-05-05 16:21 - 000000000 ____D C:\Users\motti\AppData\Local\Malwarebytes
2024-07-15 19:50 - 2023-01-14 14:02 - 2146345984 _____ C:\Users\motti\AppData\Local\SageThumbs.db3
2024-07-15 19:35 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-07-15 18:15 - 2022-10-12 09:59 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-07-15 16:58 - 2022-10-12 09:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-07-15 15:26 - 2022-10-12 09:59 - 000004164 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{1BB2B7B1-C839-4CF8-8958-D022F9BE0E67}
2024-07-15 12:59 - 2020-06-09 19:37 - 000000000 ____D C:\Users\motti\AppData\Roaming\Microsoft\Excel
2024-07-15 12:54 - 2021-02-21 13:31 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2024-07-15 12:51 - 2024-01-22 20:30 - 000000000 ____D C:\Users\motti\AppData\Roaming\1Password
2024-07-15 12:20 - 2022-10-12 10:03 - 000804924 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-07-15 12:20 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2024-07-15 12:13 - 2020-08-27 18:16 - 000000000 ____D C:\Program Files\CCleaner
2024-07-15 12:12 - 2023-01-31 19:32 - 000000000 ____D C:\ProgramData\Reallusion
2024-07-15 12:12 - 2022-10-12 09:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-07-15 12:12 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-07-15 12:12 - 2022-05-07 06:17 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2024-07-15 12:12 - 2021-03-16 19:55 - 000012288 ___SH C:\DumpStack.log.tmp
2024-07-15 12:12 - 2020-08-06 11:23 - 000000642 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-633662038-590885182-3186226141-1003.job
2024-07-15 12:12 - 2020-08-06 11:23 - 000000546 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-633662038-590885182-3186226141-1003.job
2024-07-15 12:12 - 2020-06-09 19:20 - 000000000 __SHD C:\Users\motti\IntelGraphicsProfiles
2024-07-15 12:12 - 2020-05-11 08:54 - 000000000 ____D C:\ProgramData\HP
2024-07-15 12:12 - 2020-05-11 08:46 - 000000000 ____D C:\Intel
2024-07-15 12:11 - 2023-04-10 02:16 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2024-07-15 10:47 - 2023-07-06 15:01 - 000002568 _____ C:\WINDOWS\system32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0
2024-07-15 03:06 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-07-14 11:39 - 2020-06-10 13:07 - 000000000 ____D C:\Users\motti\AppData\Local\D3DSCache
2024-07-14 02:22 - 2022-10-12 09:59 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-633662038-590885182-3186226141-1003
2024-07-14 02:22 - 2022-10-12 09:59 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-633662038-590885182-3186226141-1003
2024-07-14 02:22 - 2021-09-28 14:22 - 000000000 ___RD C:\Users\motti\Ambasco
2024-07-14 02:22 - 2021-03-16 19:56 - 000002379 _____ C:\Users\motti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-07-13 17:19 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-07-13 16:49 - 2024-01-22 20:30 - 000000000 ____D C:\Users\motti\AppData\Local\1Password
2024-07-13 13:49 - 2022-02-10 01:18 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-07-13 13:48 - 2020-06-09 19:20 - 000000000 ____D C:\Users\motti\AppData\Local\Packages
2024-07-13 13:48 - 2020-05-11 08:46 - 000000000 ____D C:\ProgramData\Packages
2024-07-13 13:37 - 2022-10-12 09:59 - 000003808 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-633662038-590885182-3186226141-1003
2024-07-13 13:37 - 2022-10-12 09:59 - 000003712 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-633662038-590885182-3186226141-1003
2024-07-13 13:37 - 2020-07-01 14:27 - 000000000 ____D C:\Users\motti\AppData\Roaming\Zoom
2024-07-13 13:36 - 2024-04-08 12:57 - 000000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2024-07-13 13:36 - 2024-04-08 12:57 - 000000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2024-07-13 13:36 - 2022-12-15 14:28 - 000000280 _____ C:\WINDOWS\Tasks\CCleanerClean.job
2024-07-13 13:35 - 2024-04-08 12:57 - 000003512 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2024-07-13 13:35 - 2024-04-08 12:57 - 000003288 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2024-07-13 13:35 - 2023-09-27 16:01 - 000000000 ____D C:\Users\motti\AppData\Roaming\bluestacks-services
2024-07-13 13:35 - 2022-10-12 09:59 - 000002532 _____ C:\WINDOWS\system32\Tasks\Adobe Creative Cloud
2024-07-13 13:35 - 2022-10-12 09:54 - 000000000 ____D C:\Users\motti
2024-07-13 13:28 - 2020-07-17 09:23 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-07-13 13:15 - 2023-09-27 16:01 - 000003014 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper_nxt
2024-07-13 13:15 - 2022-10-12 09:59 - 000003914 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1614264413
2024-07-13 13:15 - 2022-10-12 09:59 - 000003720 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1614264411
2024-07-13 13:15 - 2022-10-12 09:59 - 000002656 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2024-07-13 13:14 - 2024-01-25 10:27 - 000002814 _____ C:\WINDOWS\system32\Tasks\HPOneAgentRepairTask
2024-07-13 13:14 - 2022-12-15 14:28 - 000003120 _____ C:\WINDOWS\system32\Tasks\CCleanerClean
2024-07-13 13:10 - 2023-03-16 13:16 - 000000000 ____D C:\Users\motti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-07-13 13:10 - 2023-03-16 13:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-07-13 13:10 - 2023-03-16 13:16 - 000000000 ____D C:\Program Files\WinRAR
2024-07-13 13:08 - 2023-04-23 18:20 - 000000000 ____D C:\Program Files\Git
2024-07-13 13:08 - 2020-06-10 13:10 - 000000000 ____D C:\ProgramData\Package Cache
2024-07-13 13:06 - 2023-07-07 23:50 - 000000865 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2024-07-13 13:06 - 2023-07-07 23:50 - 000000000 ____D C:\Program Files\Audacity
2024-07-13 13:06 - 2022-02-04 15:11 - 000001100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2024-07-13 09:30 - 2022-10-19 05:18 - 000000000 ____D C:\WINDOWS\Minidump
2024-07-13 09:30 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-07-13 09:30 - 2020-11-23 10:21 - 000000000 ____D C:\Users\motti\AppData\Local\CrashDumps
2024-07-13 09:25 - 2024-04-08 12:58 - 000000000 ____D C:\Users\motti\AppData\Roaming\Dropbox
2024-07-13 09:25 - 2024-04-08 12:58 - 000000000 ____D C:\Users\motti\AppData\Local\Dropbox
2024-07-13 03:01 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-07-13 01:50 - 2023-03-30 18:47 - 000001575 _____ C:\WINDOWS\system32\config\VSMIDK
2024-07-13 01:48 - 2022-10-12 09:53 - 000643408 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-07-13 01:46 - 2023-12-15 04:24 - 000000000 ____D C:\WINDOWS\InboxApps
2024-07-13 01:46 - 2023-10-13 03:27 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-07-13 01:46 - 2022-05-07 11:09 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2024-07-13 01:46 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-07-13 01:46 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\UUS
2024-07-13 01:46 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-07-13 01:46 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-07-13 01:46 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-07-13 01:46 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-07-13 01:46 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-07-13 01:46 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-07-13 01:46 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-07-13 01:46 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-07-13 01:46 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-07-13 01:46 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-07-13 01:46 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-07-13 01:46 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-07-12 20:47 - 2020-06-10 12:53 - 000000000 ____D C:\Users\motti\AppData\Roaming\Microsoft\Word
2024-07-12 14:45 - 2021-02-21 13:31 - 000002387 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2024-07-12 09:57 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-07-12 09:26 - 2023-08-04 09:39 - 000000000 ___HD C:\adobeTemp
2024-07-12 09:25 - 2020-06-10 13:09 - 000000000 ____D C:\Program Files\Common Files\Adobe
2024-07-12 09:24 - 2022-10-12 09:59 - 000003534 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-07-12 09:24 - 2022-10-12 09:59 - 000003410 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-07-11 08:49 - 2024-04-08 12:57 - 000000000 ____D C:\Program Files (x86)\Dropbox
2024-07-10 10:27 - 2024-03-14 14:54 - 000000000 ____D C:\Users\motti\AppData\Local\BlueStacks X
2024-07-10 10:27 - 2023-09-27 15:59 - 000000000 ____D C:\Users\motti\AppData\Local\Bluestacks
2024-07-10 09:14 - 2024-01-22 20:30 - 000001352 _____ C:\Users\motti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1Password.lnk
2024-07-10 01:59 - 2022-10-12 09:54 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-07-10 01:41 - 2020-05-11 08:52 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-07-10 01:35 - 2020-05-11 08:52 - 194135240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-07-09 17:47 - 2024-01-30 14:29 - 000000000 ____D C:\Users\motti\OneDrive\Desktop\158
2024-07-08 18:28 - 2023-03-16 11:51 - 000000000 ____D C:\Program Files (x86)\TunnelBear
2024-07-06 20:14 - 2024-02-27 15:38 - 005108725 _____ C:\Users\motti\OneDrive\Desktop\BlueStacks-Support.7z
2024-07-06 20:12 - 2024-05-17 19:43 - 000002169 _____ C:\Users\motti\OneDrive\Desktop\TeamStreamsSmartersQV2.lnk
2024-07-06 20:12 - 2023-09-27 16:01 - 000000000 ____D C:\ProgramData\boost_interprocess
2024-07-06 08:39 - 2022-03-22 12:47 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-07-05 09:21 - 2024-01-12 10:24 - 000000000 __RHD C:\Users\motti\Creative Cloud Files
2024-07-02 09:52 - 2022-11-17 10:48 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-07-02 09:34 - 2020-05-11 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2024-07-01 22:55 - 2022-11-17 10:48 - 000003378 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-07-01 22:55 - 2022-10-12 09:59 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-07-01 13:34 - 2020-06-10 13:09 - 000000000 ____D C:\Program Files\Adobe
2024-07-01 13:33 - 2020-06-10 13:10 - 000000000 ____D C:\ProgramData\Adobe
2024-06-30 23:14 - 2020-06-09 19:27 - 000000000 ____D C:\Program Files\Microsoft Office
2024-06-29 10:23 - 2022-10-13 10:24 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2024-06-29 10:23 - 2022-10-13 10:24 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-06-27 08:22 - 2023-03-01 19:25 - 000001382 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2024-06-27 08:22 - 2020-06-10 13:09 - 000000000 ____D C:\Program Files (x86)\Adobe
2024-06-26 20:25 - 2020-06-09 19:58 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-06-26 17:49 - 2020-09-17 13:45 - 000000000 ____D C:\Users\motti\AppData\Roaming\vlc
2024-06-21 16:25 - 2023-05-17 10:01 - 000000000 ____D C:\Program Files (x86)\Razer
2024-06-21 05:13 - 2022-10-12 09:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2024-06-17 10:37 - 2023-10-08 10:40 - 000010720 _____ C:\Users\motti\OneDrive\Desktop\Front Garden.xlsx
==================== Files in the root of some directories ========
2023-09-22 09:19 - 2023-09-25 09:47 - 000001456 _____ () C:\Users\motti\AppData\Local\Adobe Save for Web 13.0 Prefs
2022-08-04 16:31 - 2022-08-04 23:21 - 000000457 _____ () C:\Users\motti\AppData\Local\kdeglobals
2022-08-04 16:29 - 2022-08-04 16:29 - 000008337 _____ () C:\Users\motti\AppData\Local\kdenlive-layoutsrc
2022-08-04 16:29 - 2022-08-10 12:44 - 000005364 _____ () C:\Users\motti\AppData\Local\kdenliverc
2020-06-10 13:10 - 2020-06-10 13:10 - 000000410 _____ () C:\Users\motti\AppData\Local\oobelibMkey.log
2022-08-04 16:31 - 2022-08-04 16:31 - 000000856 _____ () C:\Users\motti\AppData\Local\recently-used.xbel
2020-06-30 10:05 - 2020-06-30 10:05 - 000007605 _____ () C:\Users\motti\AppData\Local\Resmon.ResmonCfg
2023-01-14 14:02 - 2024-07-15 19:50 - 2146345984 _____ () C:\Users\motti\AppData\Local\SageThumbs.db3
2022-08-04 16:29 - 2022-08-04 16:29 - 000006414 _____ () C:\Users\motti\AppData\Local\user-places.xbel
2022-08-04 16:29 - 2022-08-04 16:29 - 000005733 _____ () C:\Users\motti\AppData\Local\user-places.xbel.bak
2022-08-04 16:29 - 2022-08-04 16:29 - 000000000 _____ () C:\Users\motti\AppData\Local\user-places.xbel.tbcache
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13.07.2024
Ran by motti (15-07-2024 20:00:55)
Running from C:\Users\motti\OneDrive\Desktop
Microsoft Windows 11 Home Version 23H2 22631.3880 (X64) (2022-10-12 08:59:49)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-633662038-590885182-3186226141-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-633662038-590885182-3186226141-503 - Limited - Disabled)
Guest (S-1-5-21-633662038-590885182-3186226141-501 - Limited - Disabled)
motti (S-1-5-21-633662038-590885182-3186226141-1003 - Administrator - Enabled) => C:\Users\motti
User (S-1-5-21-633662038-590885182-3186226141-1001 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-633662038-590885182-3186226141-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
1Password (HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\1Password) (Version: 8.10.36 - AgileBits Inc.)
Adobe Acrobat (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 24.002.20895 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.3.0.207 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.5.0.43 - Adobe Inc.)
Adobe Photoshop (Beta) (HKLM-x32\...\PHSPBETA_25_12) (Version: 25.12.0.2694 - Adobe Inc.)
Adobe Photoshop 2023 (HKLM-x32\...\PHSP_24_7_4) (Version: 24.7.4.1251 - Adobe Inc.)
Adobe Photoshop 2024 (HKLM-x32\...\PHSP_25_9_1) (Version: 25.9.1.626 - Adobe Inc.)
Adobe Premiere Rush (HKLM-x32\...\RUSH_2_10) (Version: 2.10 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601078}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Asana (HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\Asana) (Version: 1.5.1 - Asana, Inc.)
Audacity 3.5.1 (HKLM\...\Audacity_is1) (Version: 3.5.1 - Audacity Team)
BAND 1.10.5 (HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\8eaa3f09-bcc8-5716-a0a9-0da1609a4d5b) (Version: 1.10.5 - BAND)
Bing Wallpaper (HKLM-x32\...\{980089C2-9D7D-4438-8DAF-C695E82DF18D}) (Version: 1.0.9.8 - Microsoft Corporation)
BlueStacks App Player (HKLM\...\BlueStacks_nxt) (Version: 5.20.101.1002 - now.gg, Inc.)
BlueStacks Services (HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\BlueStacksServices) (Version: 3.0.9 - now.gg, Inc.)
BlueStacks X (HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\BlueStacks X) (Version: 10.10.6.1001 - now.gg, Inc.)
Bria (HKLM-x32\...\{0E0D7094-BA64-4B0A-A8ED-E19FB83EE0FF}) (Version: 64.10.6814 - CounterPath Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 6.25 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1583.3 - Piriform Software) Hidden
Cisco Webex Meetings (HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\ActiveTouchMeetingClient) (Version: 42.10.5 - Cisco Webex LLC)
Core FTP LE (x64) (HKLM-x32\...\CoreFTP(x64)) (Version: - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 203.4.4857 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.911.1 - Dropbox, Inc.) Hidden
Git (HKLM\...\Git_is1) (Version: 2.45.2 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 126.0.6478.127 - Google LLC)
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
GoToMeeting 10.20.0.19992 (HKLM-x32\...\GoToMeeting) (Version: 10.20.0.19992 - LogMeIn, Inc.)
GoToMeeting 10.20.19992 (HKLM-x32\...\{B3E0462A-A4C7-4489-B59A-21AC8EBD07D5}) (Version: 10.20.19992 - LogMeIn) Hidden
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
HP Dropbox Plugin (HKLM-x32\...\{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 - HP)
HP ENVY 5540 series Basic Device Software (HKLM\...\{7F9C00D2-32F6-4844-AC17-290D5F06F186}) (Version: 40.11.1119.1786 - HP Inc.)
HP ENVY 5540 series Help (HKLM-x32\...\{3B1BE080-D477-4B94-AAE4-8B0BEC5D0CE3}) (Version: 35.0.0 - Hewlett Packard)
HP Google Drive Plugin (HKLM-x32\...\{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 - HP)
HP One Agent (HKLM\...\{E3D1BCBD-5AC3-4D4A-B9BA-E7327F321336}) (Version: 1.1.0.55997 - HP Inc.) Hidden
HP One Agent (HKLM\...\{EC1ABEFA-64AF-46EC-B656-2BA6F30CB630}) (Version: 1.1.0.55997 - HP Inc.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
ImagenAI 23.1.8-793 (HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\3a7b72c3-feff-552b-ab36-a4bfabbea3cf) (Version: 23.1.8-793 - Imagen)
kdenlive (HKLM-x32\...\kdenlive) (Version: 22.04.3 - KDE e.V.)
LetsView V1.1.4.5 (HKLM-x32\...\{6AA74BE4-9506-4D81-A07C-A40F883C2EA7}_is1) (Version: 1.1.4.5 - LetsView LIMITED)
Loom 0.126.0 (HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\3643b966-bc28-5bc8-95ff-3d47d66438db) (Version: 0.126.0 - Loom, Inc.)
Malwarebytes version 5.1.6.117 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.6.117 - Malwarebytes)
Microsoft 365 Apps for business - en-us (HKLM\...\O365BusinessRetail - en-us) (Version: 16.0.17726.20126 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\{51DBE763-E9CF-3A77-85F1-F674E025313E}) (Version: 126.0.2592.102 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 126.0.2592.102 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-633662038-590885182-3186226141-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\OneDriveSetup.exe) (Version: 24.126.0623.0001 - Microsoft Corporation)
Microsoft Teams classic (HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\Teams) (Version: 1.7.00.6058 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.14501 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.40.33810 (HKLM-x32\...\{5af95fd8-a22e-458f-acee-c61bd787178e}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.40.33810 (HKLM-x32\...\{47109d57-d746-4f8b-9618-ed6a17cc922b}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Debug Runtime - 14.29.30139 (HKLM\...\{A6BCA173-4218-4099-B36C-E12B3EE27B5D}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Debug Runtime - 14.29.30139 (HKLM-x32\...\{3521C75E-6E25-47A6-9831-17EE6AAF01E2}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.40.33810 (HKLM\...\{59CED48F-EBFE-480C-8A38-FC079C2BEC0F}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33810 (HKLM\...\{B8B3BB4A-A10D-4F51-91B7-A64FFAC31EA7}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.40.33810 (HKLM-x32\...\{5EA6C998-D5AC-4ED9-89C3-9F25B17CCD3D}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.40.33810 (HKLM-x32\...\{0C3457A0-3DCE-4A33-BEF0-9B528C557771}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{7C0242A3-8B66-35D1-9FE0-13B426ACB609}) (Version: 10.0.60729 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60724 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 3.5.2150.18781 - Microsoft Corporation)
Microsoft Visual Studio Setup Configuration (HKLM-x32\...\{6F35042F-F35C-4339-B757-1B9F13C502DA}) (Version: 3.5.2150.18781 - Microsoft Corporation) Hidden
Microsoft Visual Studio Setup WMI Provider (HKLM-x32\...\{F59F32AE-45B5-43EF-B96A-6BF21A97021A}) (Version: 3.5.2150.18781 - Microsoft Corporation) Hidden
Node.js (HKLM\...\{FF820EDB-79A3-49B1-AFA0-7E2CD4090AA1}) (Version: 18.20.4 - Node.js Foundation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 8.6.8 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20110 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17726.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Product Improvement Study for HP ENVY 5540 series (HKLM\...\{9E4F436B-5B50-4D84-954A-5C8A18CEB836}) (Version: 40.11.1119.1786 - HP Inc.)
Python 3.11.3 (64-bit) (HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\{c6a7d2cb-61ea-4f5e-bc56-95faa938bacf}) (Version: 3.11.3150.0 - Python Software Foundation)
Python 3.11.3 Add to Path (64-bit) (HKLM\...\{9EB782CC-B2A5-4B67-BFEC-C91F5B755CAF}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Core Interpreter (64-bit) (HKLM\...\{611F1238-29A9-495F-B1F4-CFFCC98D9421}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Development Libraries (64-bit) (HKLM\...\{D307D056-AF62-4F53-810E-052AAAF0EFB2}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Documentation (64-bit) (HKLM\...\{25DC2A6F-FDC2-40D0-AA9D-3BF392BDF500}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Executables (64-bit) (HKLM\...\{A2BCB6C1-272D-437F-A5BC-92431FC521B4}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 pip Bootstrap (64-bit) (HKLM\...\{55BEEF7A-9288-497D-B5CE-960D2F3C70A3}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Standard Library (64-bit) (HKLM\...\{0D289858-69D1-4CB6-946E-659F028DDC27}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Tcl/Tk Support (64-bit) (HKLM\...\{C321A7FC-E479-4E2A-AA09-2698EFEA4CA3}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Test Suite (64-bit) (HKLM\...\{BA9ABB78-751C-4488-80A9-60E44290C060}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Utility Scripts (64-bit) (HKLM\...\{5BF6CA5B-E057-413A-B87A-CCD47600E465}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{C41DB702-D72D-40F4-A2B3-5BAC2DCA2DF2}) (Version: 3.11.3150.0 - Python Software Foundation)
Reallusion Hub (HKLM-x32\...\{CFF2760B-B727-4717-8635-5D668A0C9C4F}) (Version: 5.0.1228.1 - Reallusion Inc. )
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
SageThumbs 2.0.0.23 (HKLM\...\SageThumbs) (Version: 2.0.0.23 - Cherubic Software)
Screaming Frog SEO Spider (HKLM\...\Screaming Frog SEO Spider) (Version: 16.1 - Screaming Frog Ltd)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Stremio (HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\Stremio) (Version: 4.4.159 - Smart Code Ltd)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.9267 - Microsoft Corporation)
TunnelBear (HKLM-x32\...\{59023481-7539-4FCB-8FA3-FF3459026EF4}) (Version: 4.9.3.0 - TunnelBear) Hidden
TunnelBear (HKLM-x32\...\{a3009a1b-131b-45d6-be90-2fb6f2f2d6f3}) (Version: 4.9.3.0 - TunnelBear)
Universal CRT Redistributable (HKLM-x32\...\{0460C87B-7F4C-3170-FAC9-B7A6AE5CE4E9}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
vcpp_crt.redist.clickonce (HKLM-x32\...\{09184AC0-ACEE-44D5-95F2-05EE6D27A5E8}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Visual Studio Build Tools 2019 (HKLM-x32\...\188f620a) (Version: 16.11.26 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
vs_FileTracker_Singleton (HKLM-x32\...\{05CA3463-0B45-425D-9AF2-E1964AB85CBB}) (Version: 16.10.31303 - Microsoft Corporation) Hidden
Webex (HKLM\...\{6B6748ED-A496-5575-87CD-113C4F3C0FC4}) (Version: 44.7.0.30141 - Cisco Systems, Inc)
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
Zoom Workplace (64-bit) (HKLM\...\{C82F8B71-F488-43D0-8637-56A6E6C1D95B}) (Version: 6.1.41705 - Zoom)
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2024-02-16] (Adobe Systems Incorporated)
Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC [2024-06-29] ()
Adobe Acrobat DC -> C:\Program Files (x86)\Adobe\Acrobat DC [2024-06-29] ()
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_6.0.0.1_x86__enpm4xejd91yc [2024-05-16] (Adobe Systems Incorporated)
Adobe XD -> C:\Program Files\WindowsApps\Adobe.XD_57.1.12.2_x64__pc75e8sa7ep4e [2024-05-07] (Adobe Inc.)
Amazon Alexa -> C:\Program Files\WindowsApps\57540AMZNMobileLLC.AmazonAlexa_3.25.1177.0_x64__22t9g3sebte08 [2023-08-02] (AMZN Mobile LLC.) [Startup Task]
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5536.0_x64__8j3eq9eme6ctt [2024-06-14] (INTEL CORP) [Startup Task]
AppUp.ThunderboltControlCenter -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.37.0_x64__8j3eq9eme6ctt [2023-10-14] (INTEL CORP)
Bang & Olufsen Audio Control -> C:\Program Files\WindowsApps\AD2F1837.BangOlufsenAudioControl_1.5.189.0_x64__v10z8vjag6ke6 [2024-07-15] (HP Inc.)
CompuClever ITHMB Viewer -> C:\Program Files\WindowsApps\D5BE6627.CompuCleverITHMBViewer_2.5.18.0_x64__9pm2v9747qaaa [2022-03-23] (CompuClever Systems Inc.) [MS Ad]
Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2024-07-11] (Dropbox Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.3.7.0_x64__v10z8vjag6ke6 [2024-07-15] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_154.2.1075.0_x64__v10z8vjag6ke6 [2024-06-28] (HP Inc.)
Ink.Handwriting.en-GB.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.en-GB.1.0_0.237.110.0_x64__8wekyb3d8bbwe [2023-11-29] (Microsoft Corporation)
Ink.Handwriting.en-GB.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.en-GB.1.0_0.237.110.0_x86__8wekyb3d8bbwe [2023-11-29] (Microsoft Corporation)
Ink.Handwriting.Main.en-GB.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.Main.en-GB.1.0.1_0.237.110.0_x64__8wekyb3d8bbwe [2023-11-29] (Microsoft Corporation)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1041.0_x64__8j3eq9eme6ctt [2024-04-05] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-11-06] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-11-06] (Microsoft Corporation) [MS Ad]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-14] (Microsoft Corp.)
Microsoft Teams -> C:\Program Files\WindowsApps\MSTeams_24165.1414.2987.41_x64__8wekyb3d8bbwe [2024-07-12] (Microsoft) [Startup Task]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.21110.548.0_x64__8wekyb3d8bbwe [2024-03-07] (Microsoft Corporation)
Microsoft.AV1VideoExtension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.2.1293.0_x64__8wekyb3d8bbwe [2024-06-01] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24061.40.0_x64__cw5n1h2txyewy [2024-07-03] (Microsoft Windows) [Startup Task]
Notepad++ -> C:\Program Files (x86)\Notepad++\contextMenu [2024-07-13] (Notepad++)
Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11070.3017.0_x64__8wekyb3d8bbwe [2024-07-09] (Microsoft Corporation) [Startup Task]
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-01-06] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-07-04] (Microsoft Corporation)
RICOH Driver Utility -> C:\Program Files\WindowsApps\3EA2211E.RICOHDriverUtility_4.7.0.0_x86__fxme7667cy4q4 [2024-03-16] (Ricoh Company, Ltd.)
Speech Pack - English (United Kingdom) -> C:\Program Files\WindowsApps\MicrosoftWindows.Speech.en-GB.1_1.0.7.0_x64__cw5n1h2txyewy [2024-05-25] (Microsoft Windows)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2424.6.0_x64__cv1g1gvanyjgm [2024-06-21] (WhatsApp Inc.) [Startup Task]
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.178.1908.0_x64__8wekyb3d8bbwe [2024-07-10] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_5001.178.1908.0_x64__8wekyb3d8bbwe [2024-07-10] (Microsoft Corp.)
Windows CoPilot MSIX Pack -> C:\Program Files\WindowsApps\MicrosoftWindows.Client.CoPilot_724.1301.930.5_x64__cw5n1h2txyewy [2024-04-25] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.LKG_cw5n1h2txyewy [2024-07-13] (Microsoft Windows)
WinRAR -> C:\Program Files\WinRAR [2024-07-13] (win.rar GmbH)
Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2021-06-03] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-633662038-590885182-3186226141-1003_Classes\CLSID\{04271989-C4D2-764C-C5A5-7D14797A435B} -> [Ambasco] => C:\Users\motti\Ambasco [2021-09-28 14:22]
CustomCLSID: HKU\S-1-5-21-633662038-590885182-3186226141-1003_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-B0BAEC2A2C01} -> [Creative Cloud Files Personal Account
[email protected] AD2250B64F47619B0A490D4D@AdobeID] => C:\Users\motti\Creative Cloud Files Personal Account
[email protected] AD2250B64F47619B0A490D4D@AdobeID [2020-06-10 13:15]
CustomCLSID: HKU\S-1-5-21-633662038-590885182-3186226141-1003_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\motti\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.14501\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-633662038-590885182-3186226141-1003_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-633662038-590885182-3186226141-1003_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\GoToMeeting\19992\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.)
CustomCLSID: HKU\S-1-5-21-633662038-590885182-3186226141-1003_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\motti\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-633662038-590885182-3186226141-1003_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\motti\Dropbox [2024-04-08 13:01]
CustomCLSID: HKU\S-1-5-21-633662038-590885182-3186226141-1003_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-16] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-16] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-16] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_59691a4ee8d947dd\OptaneShellExt.dll [2021-10-12] (Intel Corporation -> )
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-16] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-03-12] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [SageThumbs] -> {4A34B3E3-F50E-4FF6-8979-7E4176466FF2} => C:\Program Files (x86)\SageThumbs\64\SageThumbs.dll [2017-05-09] (CherubicSoft) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-04] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_59691a4ee8d947dd\OptaneShellExt.dll [2021-10-12] (Intel Corporation -> )
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2023-06-02] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-04-16] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-03-12] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-04] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2023-06-02] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\motti\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\quollify.com - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2020-06-09 19:30 - 2020-06-09 19:30 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppvIsvSubsystems64.dll
2020-06-09 19:30 - 2020-06-09 19:30 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2023-01-31 19:37 - 2020-01-07 16:02 - 004679168 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\Reallusion\RLHostService\Qt5Core.dll
2023-01-31 19:37 - 2020-01-07 16:02 - 000855040 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\Reallusion\RLHostService\Qt5Network.dll
2023-01-31 19:37 - 2017-03-01 17:07 - 000109056 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\Reallusion\RLHostService\Qt5WebSockets.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKLM\...\.scr: SageThumbsImage.scr => "%1" /S <==== ATTENTION
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-06-27] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-06-27] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-06-27] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-06-27] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-06-27] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-06-27] (Adobe Inc. -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-30] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\sharepoint.com -> hxxps://ambasco-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 05:49 - 2024-07-13 13:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Python311\Scripts\;C:\Python311\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\ProgramData\chocolatey\bin;C:\Program Files\HP\HP One Agent;C:\Program Files\Git\cmd;C:\Program Files\nodejs\
HKU\S-1-5-21-633662038-590885182-3186226141-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-633662038-590885182-3186226141-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\motti\Pictures\Bellagio.jpg
DNS Servers: 192.168.4.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "StartRLCMS.lnk"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Greenshot"
HKLM\...\StartupApproved\Run: => "HPOneAgentService"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\StartupApproved\StartupFolder: => "Reallusion Hub.lnk"
HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\StartupApproved\Run: => "CCleanerBrowserAutoLaunch_8D4CC1622ACB2D8CF3B8EA616AD9F228"
HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\StartupApproved\Run: => "electron.app.Loom"
HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_2F00D187B1D9FA874EA7F713C90970C2"
HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\StartupApproved\Run: => "CiscoSpark"
HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\StartupApproved\Run: => "CiscoMeetingDaemon"
HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\StartupApproved\Run: => "1Password"
HKU\S-1-5-21-633662038-590885182-3186226141-1003\...\StartupApproved\Run: => "electron.app.BlueStacks Services"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{66E5BBAA-5198-4650-BA95-62F577653327}] => (Block) C:\program files\kdenlive\bin\kdenlive.exe (K Desktop Environment e.V. -> )
FirewallRules: [{7F68E880-03DC-4429-8ABB-98B20E6032DC}] => (Block) C:\program files\kdenlive\bin\kdenlive.exe (K Desktop Environment e.V. -> )
FirewallRules: [UDP Query User{F56B8784-0E9B-4209-92B2-D9514C922E4D}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe (K Desktop Environment e.V. -> )
FirewallRules: [TCP Query User{C2E6F02A-6A18-42DD-8907-E37EA125AA5A}C:\program files\kdenlive\bin\kdenlive.exe] => (Allow) C:\program files\kdenlive\bin\kdenlive.exe (K Desktop Environment e.V. -> )
FirewallRules: [{C3869BCB-30CC-4A4B-9193-2FB6FE377859}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{C3C5CA25-316E-4EB8-828B-4171E4C2D155}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{9124303A-8BA8-43A4-95CC-766879687697}] => (Allow) C:\Program Files (x86)\LetsView\LetsView\LetsView.exe (Apowersoft Ltd -> LetsView)
FirewallRules: [{756B2B11-02E3-4672-AC6F-BAF92EEC327C}] => (Allow) C:\Program Files (x86)\LetsView\LetsView\LetsView.exe (Apowersoft Ltd -> LetsView)
FirewallRules: [{50AE3F2E-E941-4918-923D-73D499532092}] => (Block) C:\program files (x86)\letsview\letsview\wxmcast.exe (Apowersoft Ltd -> LetsView)
FirewallRules: [{83ACF477-AB37-4B29-864B-9002E5D75F66}] => (Block) C:\program files (x86)\letsview\letsview\wxmcast.exe (Apowersoft Ltd -> LetsView)
FirewallRules: [UDP Query User{A504A0B4-ED46-458C-A1E4-E19B3D0DC459}C:\program files (x86)\letsview\letsview\wxmcast.exe] => (Allow) C:\program files (x86)\letsview\letsview\wxmcast.exe (Apowersoft Ltd -> LetsView)
FirewallRules: [TCP Query User{4150F610-C412-41BF-8D8E-43B5A96C4B6F}C:\program files (x86)\letsview\letsview\wxmcast.exe] => (Allow) C:\program files (x86)\letsview\letsview\wxmcast.exe (Apowersoft Ltd -> LetsView)
FirewallRules: [{7CFF43A8-A635-446C-867B-731C4311BA9D}] => (Allow) C:\Program Files\HP\HP ENVY 5540 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{7D586AAC-D8D8-4D03-B34A-A2D222A5544E}] => (Allow) LPort=5357
FirewallRules: [{8FB4DE8F-2BA5-4A44-B5BF-BC5D6BCAC903}] => (Allow) C:\Program Files\HP\HP ENVY 5540 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{E15BEF90-AD3C-45BF-BD41-8EEB4EFC36B2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
FirewallRules: [UDP Query User{39B01A95-94B2-4018-A1D2-6D4F98475FCA}C:\users\motti\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\motti\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{8E13D9D6-9AE4-43E1-9908-AD89D13A946C}C:\users\motti\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\motti\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{F5A3B283-DB63-4EEE-83EC-F281E63AE858}C:\program files (x86)\counterpath\bria\bria.exe] => (Allow) C:\program files (x86)\counterpath\bria\bria.exe (CounterPath Corporation -> CounterPath)
FirewallRules: [UDP Query User{DD7B16D4-B389-43D2-9860-0BA08838524E}C:\program files (x86)\counterpath\bria\bria.exe] => (Allow) C:\program files (x86)\counterpath\bria\bria.exe (CounterPath Corporation -> CounterPath)
FirewallRules: [TCP Query User{69FC49B9-2E76-4A6F-A45A-8558A93CCF39}C:\users\motti\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\motti\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{7C04E234-B699-4AC8-AB87-066BE2927BC4}C:\users\motti\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\motti\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{61602F3C-C409-4B95-97FA-A9D8007F8C6A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{72C14F2A-3219-46F7-B2FB-7A08F0393A47}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{F0D9CE8C-6621-4829-B109-E2E90632DEF0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{F0BAB3A6-6438-4192-8586-2D74C9404B58}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [TCP Query User{D0A4D96C-4DDC-40D3-BD55-120F0F48CBA0}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{79D53B96-E8A5-4C7C-A1C6-BE390520B152}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{C074D1E3-AEFC-42C6-884A-AE470E69AAEB}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe] => (Allow) C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [UDP Query User{D7F562D8-6CA0-43A1-9F52-DC15C67D6268}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe] => (Allow) C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [TCP Query User{481F3F9A-2E67-4EDD-9E4E-7F36F44A61FA}C:\users\motti\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe] => (Allow) C:\users\motti\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe (Smart Code OOD -> Stremio Runtime)
FirewallRules: [UDP Query User{DBC3CE11-01EF-49D1-8C0B-7EAA8CC69B4B}C:\users\motti\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe] => (Allow) C:\users\motti\appdata\local\programs\lnv\stremio-4\stremio-runtime.exe (Smart Code OOD -> Stremio Runtime)
FirewallRules: [TCP Query User{2278F4BF-0FD5-4923-A6FE-3192D5B6EF46}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (OpenJS Foundation -> Node.js)
FirewallRules: [UDP Query User{4F0BC7EE-3CA3-4BE7-884C-059A86B1B1BD}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (OpenJS Foundation -> Node.js)
FirewallRules: [{14FAB61F-9469-4B38-99CC-9991CEE04D11}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{70450321-E184-4862-BD34-DBDDE8BF0D72}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BC663A6D-D1CD-4CDE-B008-3A27BB3FFBC2}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Now.gg, INC -> Bluestack Systems, Inc.)
FirewallRules: [{49ABDA69-A37C-4D36-A75E-E6C51898B96C}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Now.gg, INC -> COMPANY NAME)
FirewallRules: [{F529AEEB-4F70-477D-BF3B-ADD9F1B3E92A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5A2ED3F9-B081-4842-B977-36D68958FCF7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0208EA22-A995-48BE-8EDE-74B0EE75EC0C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A6E04751-B18A-429B-BF6C-5CB881574875}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{EBE0AE2A-8090-4B77-8D96-C63EC482F7E5}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{DA9B6847-5900-451D-AB1C-3C59A4B6313E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AAC10BD7-914F-43D4-BF5B-005E6CCBC02A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.123.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6ED60168-E845-48A2-8D89-C300A588AFDA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.123.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{12A9A781-C64B-4846-93CE-E12057778A21}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.123.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{06AB65AF-8694-435A-9B87-1F8EAAF2DCDC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.123.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DFB4F45A-2EEF-47A4-9C2C-EFD37F72DD74}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Now.gg, INC -> BlueStack Systems)
FirewallRules: [{5B99A63C-9508-453D-B4B7-1F914EB41E9B}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe (Now.gg, INC -> The Qt Company Ltd.)
FirewallRules: [{CF58D22E-704C-435D-B7DF-455AB0693F9D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{F2D0C9A8-08CB-4731-B0D2-3A8A685F3E99}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{5DD70CD1-CA3C-480D-A238-A10F25D8AE6D}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24165.1414.2987.41_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{104F91A7-CCAA-45CF-AD58-9C13081ECDDA}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24165.1414.2987.41_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{17DB1663-7812-40D6-A540-92032F509CC2}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
FirewallRules: [{531AAC30-584F-455D-81D4-C3E564F7F918}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24165.1306.2986.9504_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A13F6256-4239-445C-896A-98C329FA742D}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24165.1306.2986.9504_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{78C13C46-2F9B-489B-9511-AB563B75A837}] => (Allow) C:\Program Files\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4E0ABE72-33BA-440A-AEFF-5F10D0DC2D70}] => (Allow) C:\Program Files\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{5D979BD4-02D6-4F7A-BCBD-234518D5E73D}] => (Allow) C:\Program Files\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{A4699997-A3F5-415C-9D65-367EF1169953}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.102\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
13-07-2024 13:05:51 Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.40.33810
13-07-2024 13:15:46 Piriform Driver Updater Restore Point
13-07-2024 13:48:01 Removed Bonjour
15-07-2024 12:11:32 AdwCleaner_BeforeCleaning_15/07/2024_12:11:30
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/15/2024 06:15:29 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program chrome.exe version 126.0.6478.127 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Error: (07/15/2024 06:01:35 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program chrome.exe version 126.0.6478.127 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Error: (07/15/2024 05:48:57 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program chrome.exe version 126.0.6478.127 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Error: (07/15/2024 05:31:21 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program chrome.exe version 126.0.6478.127 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Error: (07/15/2024 05:30:21 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program chrome.exe version 126.0.6478.127 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Error: (07/15/2024 12:12:11 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress..
Error: (07/15/2024 12:12:11 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.]
Error: (07/15/2024 12:12:11 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress..
System errors:
=============
Error: (07/15/2024 05:25:44 PM) (Source: DCOM) (EventID: 10010) (User: DARRELL-HP-SPEC)
Description: The server {005A3A96-BAC4-4B0A-94EA-C0CE100EA736} did not register with DCOM within the required timeout.
Error: (07/15/2024 12:13:30 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: The mutual authentication between the local Bluetooth adapter and a device with Bluetooth adapter address (10:3f:44:6f:28:15) failed.
Error: (07/15/2024 12:12:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HP Insights Analytics service depends on the User Profile Service service which failed to start because of the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (07/15/2024 12:12:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The User Profile Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (07/15/2024 12:11:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP System Info HSA Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
Error: (07/15/2024 12:11:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Graphics Command Center Service service terminated unexpectedly. It has done this 1 time(s).
Error: (07/15/2024 12:11:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP Print Scan Doctor Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
Error: (07/15/2024 12:11:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP Insights Analytics service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Windows Defender:
================
Date: 2024-07-15 03:04:14
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-07-12 10:21:08
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-07-11 03:06:34
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-07-10 10:03:19
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-07-09 03:00:33
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]
Date: 2024-05-21 21:45:30
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
Date: 2024-05-13 07:41:01
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
Date: 2024-05-04 17:18:09
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
Date: 2024-04-27 18:37:15
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
Date: 2024-04-20 21:57:00
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
CodeIntegrity:
===============
Date: 2024-07-15 12:12:50
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\detectionverificationdrv.inf_amd64_3246b80d2e1b5e83\IntelSSTPreprocStreamer.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2024-07-15 11:45:44
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: AMI F.28 03/04/2021
Motherboard: HP 86FA
Processor: Intel® Core i7-1065G7 CPU @ 1.30GHz
Percentage of memory in use: 52%
Total physical RAM: 16061.82 MB
Available physical RAM: 7689.87 MB
Total Virtual: 34493.82 MB
Available Virtual: 20582.63 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:707.81 GB) (Free:476.6 GB) (Model: INTEL HBRPEKNX0203AH) (Protected) NTFS
Drive e: (Work) (Fixed) (Total:244.14 GB) (Free:207.28 GB) (Model: INTEL HBRPEKNX0203AH) (Protected) NTFS
\\?\Volume{9de0abb6-f367-486b-acf9-9b1003770441}\ (Recovery) (Fixed) (Total:0.52 GB) (Free:0.5 GB) NTFS
\\?\Volume{9dc73b09-85e2-44a2-b023-f57d32322744}\ () (Fixed) (Total:1.28 GB) (Free:0.06 GB) NTFS
\\?\Volume{9a4c0156-4bb5-4afb-979e-c62e80564463}\ () (Fixed) (Total:0.09 GB) (Free:0.03 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: 1C25566E)
Partition: GPT.
==================== End of Addition.txt =======================