Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

My Search Engines working so slowly they are useless [Solved]


  • This topic is locked This topic is locked

#1
SydneyCarton

SydneyCarton

    Member

  • Member
  • PipPip
  • 12 posts

When I search for something in in one of my browsers, a website for instance with Chrome, nothing happens for about 10 minutes, then a list of one item appears. I click on it and the little arrow in the tab goes round and round for ages, maybe 20 mins, and eventually the website appears. Navigation within the website is similarly compromised.

My email (Outlook) works glacially, it takes a long time to receive mail, and an enormous amount of time to send mail. I cannot access my gmail account because the link on the Chrome browser page is missing.

This just happened suddenly. I think it happened when I restarted my computer, but I'm not sure. I'm not sure where it came from, probably a malicious website.

So basically I am cut off from the internet.

I'd appreciate any help anyone can give me

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.07.2024

Ran by Martin (administrator) on DESKTOP-OTB3QSE (ASUSTeK COMPUTER INC. G752VY) (23-07-2024 10:40:52)

Running from C:\Users\Martin\Desktop\FRST64.exe

Loaded Profiles: Martin

Platform: Microsoft Windows 10 Home Version 22H2 19045.4651 (X64) Language: English (United States) -> English (United Kingdom)

Default browser: Chrome

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe

(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe

(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe

(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

(ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

(ASUS Cloud Corporation -> ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.9.564\AsusWSPanel.exe

(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

(A-Volute -> ) C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe

(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe

(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe

(C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplms.exe ->) (Gemalto, Inc. -> SafeNet, Inc.) C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplmv.exe

(C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe ->) (ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac

(C:\Program Files (x86)\Epson Software\Epson Printer Connection Checker\EPPCCMON.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe

(C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Pub\PubPlatform.exe

(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe

(C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.14\ksde.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.14\ksdeui.exe

(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe

(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe

(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>

(C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe

(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe

(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe

(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\js\node_modules\adobe-cr\build\Release\Adobe Crash Processor.exe

(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe

(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Creative Cloud UI Helper.exe <4>

(C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe ->) () [File not signed] C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2Svc64.exe

(C:\Program Files\Tablet\Pen\WacomHost.exe ->) (Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe

(C:\Program Files\Tablet\Pen\WTabletServiceCon.exe ->) (Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe

(C:\Program Files\Tablet\Pen\WTabletServiceCon.exe ->) (Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe

(C:\Program Files\Tablet\Pen\WTabletServiceCon.exe ->) (Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe

(C:\Program Files\WD Desktop App\kdd.exe ->) (Western Digital Technologies, Inc. -> ) C:\Program Files\WD Desktop App\wdsync.exe

(C:\Users\Martin\AppData\Local\Reverso\Reverso\Reverso.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.113\msedgewebview2.exe <6>

(C:\Windows\SysWOW64\cmd.exe ->) (Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files\WD Desktop App\kdd.exe

(C:\Windows\SysWOW64\esif_uf.exe ->) (Intel® Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe

(cmd.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\plugins_nms.exe

(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <8>

(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\1.3.911.1\DropboxCrashHandler.exe

(explorer.exe ->) (ABBYY SOLUTIONS LIMITED -> ABBYY) C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint\Bonus.ScreenshotReader.exe

(explorer.exe ->) (Amazon Services LLC -> Audible, Inc.) C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe

(explorer.exe ->) (Antibody Software Limited -> Antibody Software) C:\Program Files (x86)\Bulk Image Downloader\BIDDropBox.exe

(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>

(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE

(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe

(explorer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(explorer.exe ->) (REVERSO S.A.S. -> Reverso Inc.) C:\Users\Martin\AppData\Local\Reverso\Reverso\Reverso.exe

(explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\Epson Software\Epson Printer Connection Checker\EPPCCMON.EXE

(explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files\epson\Epson Data Collection Agent\DataCollectionAgentController.exe

(explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIYAE.EXE <2>

(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.123.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <6>

(explorer.exe ->) (Spotify AB -> Spotify Ltd) C:\Users\Martin\AppData\Roaming\Spotify\SpotifyWebHelper.exe

(explorer.exe ->) (Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe

(explorer.exe ->) (Toshiba Electronic Devices & Storage Corporation -> TOSHIBA ELECTRONIC DEVICES & STORAGE CORPORATION) C:\Program Files (x86)\TOSHIBA\Storage Security Software\TosHddscctrl.exe

(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

(Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe

(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SystemSettingsAdminFlows.exe

(NTI Corporation -> NTI Corporation) C:\Program Files (x86)\NTI\NTI Backup Now EZ 4\Bunez4Tray.exe

(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe

(services.exe ->) (ABBYY SOLUTIONS LIMITED -> ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe

(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

(services.exe ->) (ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

(services.exe ->) (ASUS Cloud Corporation) [File not signed] C:\Program Files (x86)\ASUS\WebStorage\2.2.5.541\AsusWSWinService.exe

(services.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ROG MacroKey\MacroSrv.exe

(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe

(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe

(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

(services.exe ->) (Digital Wave Ltd -> Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe

(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe

(services.exe ->) (Gemalto, Inc. -> SafeNet, Inc.) C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplms.exe

(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe

(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe

(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe

(services.exe ->) (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe

(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe

(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

(services.exe ->) (Intel® Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe

(services.exe ->) (Intel® Software -> Intel® Corporation) C:\Program Files (x86)\Intel\Intel® Extreme Tuning Utility\XtuService.exe

(services.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe

(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe <2>

(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.14\ksde.exe

(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe

(services.exe ->) (NTI Corporation -> ) C:\Program Files (x86)\NTI\NTI Backup Now EZ 4\ScheduleService.exe

(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>

(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe

(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe

(services.exe ->) (Private Internet Access, Inc. -> ) C:\Program Files\Private Internet Access\pia-service.exe

(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe

(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe

(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe

(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files\epson\Epson Data Collection Agent\DCAgent.exe

(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe

(services.exe ->) (Shenzhen Moyea Software -> Leawo Software) C:\Program Files (x86)\Common Files\cdagtsvc\cdagtsvc_v1.0.0_x86.exe

(services.exe ->) (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

(services.exe ->) (Toshiba Electronic Devices & Storage Corporation -> TOSHIBA ELECTRONIC DEVICES & STORAGE CORPORATION) C:\Program Files (x86)\TOSHIBA\Storage Security Software\ToshddscSvc.exe

(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe

(services.exe ->) (Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe

(services.exe ->) (WDC) [File not signed] C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

(services.exe ->) (Western Digital Technologies, Inc. -> ) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe

(services.exe ->) (Western Digital Technologies, Inc. -> ) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe

(services.exe ->) (WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe

(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2405.2.0_x64__8wekyb3d8bbwe\CalculatorApp.exe

(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_6.0.0.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe

(svchost.exe ->) (ASUS) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe

(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe

(svchost.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe

(svchost.exe ->) (Janos Mathe -> H.D.S. Hungary) C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe

(svchost.exe ->) (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_tray.exe

(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.126.0623.0001\FileCoAuth.exe

(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2405.8.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.4585_none_7e06e2187c9234e2\TiWorker.exe

(svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(svchost.exe ->) (Western Digital Technologies, Inc. -> ) C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe

(svchost.exe ->) (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe

(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe <4>

(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WDDiscoveryMonitor.exe

 

==================== Registry (Whitelisted) ===================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-04] (NVIDIA Corporation -> NVIDIA Corporation)

HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [1710568 2015-10-04] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]

HKLM\...\Run: [SS2UILauncher] => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe [970720 2015-08-15] (A-Volute -> )

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116912 2024-06-06] (Adobe Inc. -> Adobe Systems, Incorporated)

HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [455968 2023-05-26] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)

HKLM\...\Run: [DataCollectionAgentController] => C:\Program Files\EPSON\Epson Data Collection Agent\DataCollectionAgentController.exe [397608 2023-10-30] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)

HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.9.564\ASUSWSLoader.exe [63968 2016-06-22] (ASUS Cloud Corporation -> ASUS Cloud Corporation)

HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [9248144 2024-07-09] (Dropbox, Inc -> Dropbox, Inc.)

HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-09-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-09-25] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [203264 2009-10-10] (ArcSoft, Inc. -> ArcSoft Inc.)

HKLM-x32\...\Run: [BackupNowEZ4Tray] => C:\Program Files (x86)\NTI\NTI Backup Now EZ 4\Bunez4Tray.exe [1093808 2015-11-10] (NTI Corporation -> NTI Corporation)

HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [81380632 2023-05-26] (Western Digital Technologies, Inc. -> Western Digital Corporation)

HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [133128 2024-05-07] (Adobe Inc. -> Adobe Inc.)

HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2756368 2023-08-09] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [750672 2024-03-13] (Oracle America, Inc. -> Oracle Corporation)

HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1136560 2024-06-27] (Adobe Inc. -> Adobe Inc.)

HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION

HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION

HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919200 2024-07-06] (Microsoft Corporation -> Microsoft Corporation)

HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [6024456 2024-07-17] (Tonec Inc. -> Tonec Inc.)

HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\Run: [Spotify Web Helper] => C:\Users\Martin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1560176 2017-05-26] (Spotify AB -> Spotify Ltd)

HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4407656 2024-07-17] (Valve Corp. -> Valve Corporation)

HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\Run: [BID Drop Box] => C:\Program Files (x86)\Bulk Image Downloader\BIDDropBox.exe [1209160 2018-01-25] (Antibody Software Limited -> Antibody Software)

HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [133128 2024-05-07] (Adobe Inc. -> Adobe Inc.)

HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44970408 2024-07-17] (Gen Digital Inc. -> Piriform Software Ltd)

HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\Run: [ABBYY Screenshot Reader Bonus] => C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint\Bonus.ScreenshotReader.exe [939272 2011-12-14] (ABBYY SOLUTIONS LIMITED -> ABBYY)

HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\Run: [AdobeBridge] => [X]

HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\Run: [Reverso] => C:\Users\Martin\AppData\Local\Reverso\Reverso\Reverso.exe [1213680 2024-06-20] (REVERSO S.A.S. -> Reverso Inc.)

HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\Run: [MicrosoftEdgeAutoLaunch_B808638226F52F22B08BF8F7E5687BBA] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3883472 2024-07-18] (Microsoft Corporation -> Microsoft Corporation)

HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIYAE.EXE [485976 2020-09-11] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)

HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIYAE.EXE [485976 2020-09-11] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)

HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\Run: [Advanced SystemCare] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [5461872 2024-05-07] (IObit CO., LTD -> IObit)

HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1

HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\MountPoints2: {29893032-b487-11eb-ad24-a434d9223345} - "F:\WD Drive Unlock.exe" autoplay=true

HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\MountPoints2: {6679736c-28d4-11e9-ac9b-a434d9223345} - "F:\unlock.exe" autoplay=true

HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\MountPoints2: {f78355b8-9aa1-11e7-ac69-a434d9223342} - "F:\unlock.exe" autoplay=true

HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3544592 2023-02-23] (Razer USA Ltd. -> Razer Inc.)

HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55872 2015-09-25] (Adobe Systems, Incorporated -> Adobe Systems Inc)

HKLM\...\Print\Monitors\EPSON ET-8500 Series 64MonitorBE: C:\Windows\system32\E_YLMBYAE.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)

HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]

HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\126.0.6478.182\Installer\chrmstp.exe [2024-07-18] (Google LLC -> Google LLC)

Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2024-07-22]

ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk [2016-08-30]

ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Amazon Services LLC -> Audible, Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2016-08-03]

ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass (Marvasol Inc) -> LastPass)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2016-08-03]

ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass (Marvasol Inc) -> LastPass)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Storage Security Software.lnk [2020-12-23]

ShortcutTarget: Storage Security Software.lnk -> C:\Program Files (x86)\TOSHIBA\Storage Security Software\TosHddscCtrl.exe (Toshiba Electronic Devices & Storage Corporation -> TOSHIBA ELECTRONIC DEVICES & STORAGE CORPORATION)

 

==================== Scheduled Tasks (Whitelisted) =================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {33c0afb4-a082-4e3e-b663-67739cb69616} - no filepath. <==== ATTENTION

Task: {3D025ABC-AEF8-4EE4-B554-C23235573773} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

Task: {E56B054C-E1D3-437F-B8B4-81BE43EFC365} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1558984 2024-06-25] (Adobe Inc. -> Adobe Inc.)

Task: {AB8534B6-DF77-4D6C-9AEA-1E4CA00E2A8D} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-OTB3QSE-Martin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

Task: {229450ED-AD47-44A6-B71B-A3368C021DE4} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

Task: {6170350D-5233-44A4-B261-303CD3D0B4FA} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116912 2024-06-06] (Adobe Inc. -> Adobe Systems, Incorporated)

Task: {B8401BE3-F748-4E14-AA2C-B1E9C031EDF7} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [4454832 2024-06-06] (Adobe Inc. -> Adobe Systems, Incorporated)

Task: {A8FBF7DC-A466-4E44-82B6-41AF603F0346} - System32\Tasks\ASC_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [5511536 2024-03-15] (IObit CO., LTD -> IObit) -> C:\Program Files (x86)\IObit\Advanced SystemCare\\/Task

Task: {F88DCB77-46C9-45A6-978E-768EAFBE0140} - System32\Tasks\ASC_SkipUac_Martin => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [10551664 2024-05-08] (IObit CO., LTD -> IObit) -> C:\Program Files (x86)\IObit\Advanced SystemCare\\/SkipUac

Task: {C11E9D24-91FB-4586-B34D-B3E76A4D4F50} - System32\Tasks\ASUS ROG Macro Key Listener => C:\Program Files (x86)\ASUS\ROG MacroKey\AsListen.exe [516000 2015-10-20] (ASUSTeK Computer Inc. -> ASUS)

Task: {3431D1F3-402C-4255-A6A5-8B4AEFEBE108} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [55296 2015-08-26] (ASUS) [File not signed]

Task: {BAB04E49-C970-47A4-B3FD-C2521AFF1F36} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19782224 2015-05-26] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)

Task: {E7E45266-BFC2-4249-B257-9289E6BFCF56} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1618080 2015-05-15] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]

Task: {D5BF20C2-BF8D-4888-9E5A-16F92D115D99} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-11] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)

Task: {4ECF1EA5-3B2E-4B5B-B8C1-B5012B00789A} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\SplitmediaLabs\XSplit Gamecaster\XSplit.Gamecaster.exe [34403512 2015-08-05] (SplitmediaLabs Limited -> SplitmediaLabs)

Task: {30F4508C-9494-4973-9036-DD04E03C2B35} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-07-17] (Gen Digital Inc. -> Gen Digital Inc.)

Task: {90E502AA-54A3-4F74-8426-EDD9673C8DEA} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-07-17] (Gen Digital Inc. -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "d4e8ed8f-f485-461f-bd2c-b945f4f04b61" --version "6.26.11169" --silent

Task: {D3C7E353-3549-4286-995F-96B029392647} - System32\Tasks\CCleanerSkipUAC - Martin => C:\Program Files\CCleaner\CCleaner.exe [38931368 2024-07-17] (Gen Digital Inc. -> Piriform Software Ltd)

Task: {F0F1A6B6-E100-4EDD-9708-3903244C4247} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)

Task: {CA876458-0303-4CE9-9936-24978771B1B8} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)

Task: {BFF45C6B-CABC-42B9-8A82-CF5B3A817C4B} - System32\Tasks\EPSON ET-8500 Series Update {3D425FA5-076F-4EA3-934C-CAD48D6DAE66} => C:\Windows\System32\spool\drivers\x64\3\E_YTSYAE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)

Task: {9BAE7C61-4999-402C-8D57-1FD76A4AC3BF} - System32\Tasks\EPSON ET-8500 Series Update {BE86C5C2-FF63-40CF-A3DD-BE65D476164E} => C:\Windows\System32\spool\drivers\x64\3\E_YTSYAE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)

Task: {6C7DB497-D61A-4FE9-9C04-5F068A358D12} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6597.0{112CBAAE-04C4-4F59-9762-ECFD258DC18E} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6597.0\updater.exe [4889704 2024-07-15] (Google LLC -> Google LLC)

Task: {D6D72DED-FF57-4BF8-A159-CB436F9283D0} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_Martin => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [5968264 2021-01-14] (Janos Mathe -> H.D.S. Hungary)

Task: {CEEF6EE8-7F2E-4BBD-97A1-51BED591A860} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\Thunderbolt.exe [346792 2015-06-11] (Intel® Client Connectivity Division SW -> Intel Corporation) -> C:\Program Files (x86)\Intel\Thunderbolt Software\\IF_SERVICE

Task: {9442087D-18C6-4ED7-A47D-53135930E2A4} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\Thunderbolt.exe [346792 2015-06-11] (Intel® Client Connectivity Division SW -> Intel Corporation) -> C:\Program Files (x86)\Intel\Thunderbolt Software\\RUN_YOURSELF

Task: {84044C41-6680-40D3-9570-674847D6BCB9} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [1723048 2015-06-11] (Intel® Client Connectivity Division SW -> Intel Corporation) -> C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalServiceStart

Task: {968D1F17-18C3-4D13-B179-8E85F6234047} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => C:\Windows\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> C:\Program Files (x86)\Intel\Thunderbolt Software\\start ThunderboltService

Task: {859E5FC3-92E6-4E54-B5DE-76CF1DF427E7} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2021-04-22] (Kaspersky Lab JSC -> AO Kaspersky Lab)

Task: {C38CE9B9-391F-4097-B48A-6976A7F577C1} - System32\Tasks\kpm_tray.exe => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_tray.exe [629352 2020-04-01] (Kaspersky Lab -> AO Kaspersky Lab)

Task: {39C8AC03-993E-4584-9478-8E9B220DA81A} - System32\Tasks\Launch Adobe CCXProcess => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [194056 2024-07-12] (Adobe Inc. -> Adobe Inc.)

Task: {20444033-0B42-4A76-8075-17EF7B7F8B02} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28512336 2024-07-08] (Microsoft Corporation -> Microsoft Corporation)

Task: {C8A84C8E-5120-4FA4-9910-8E9B3379CEFB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28512336 2024-07-08] (Microsoft Corporation -> Microsoft Corporation)

Task: {9433FEE6-C266-4706-B247-5D41355A59C6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309936 2024-07-14] (Microsoft Corporation -> Microsoft Corporation)

Task: {E59737DC-145F-4BB1-B4D7-0D8D942AD5CC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309936 2024-07-14] (Microsoft Corporation -> Microsoft Corporation)

Task: {A2E334DD-2227-4217-837D-945FFBBA1BAB} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169408 2024-06-29] (Microsoft Corporation -> Microsoft Corporation)

Task: {7092A3D4-0C2C-435B-B654-DA4A73A14BFB} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [666488 2022-08-03] () [File not signed] -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).

Task: {F9CC7286-96F2-4E5C-BC1B-E22383156451} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [710008 2022-08-03] () [File not signed]

Task: {9E7CBEB1-D39E-4340-BDEA-D112491227B0} - System32\Tasks\NvNotifier_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\GFExperience.Deployer\NvNotifier.exe [2013264 2017-12-12] (NVIDIA Corporation -> ) -> C:\Program Files\NVIDIA Corporation\GFExperience.Deployer\-showOnChangeOnly

Task: {49C50721-1298-4079-B2D3-F3FE7E21CC27} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209056 2024-07-06] (Microsoft Corporation -> Microsoft Corporation)

Task: {E4C63AC9-C407-436D-B3C0-188257080C44} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3624156614-4154489229-1379725982-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209056 2024-07-06] (Microsoft Corporation -> Microsoft Corporation)

Task: {88C5DA63-D959-45D6-9793-9D75481ACDE1} - System32\Tasks\ROG Gaming Center => C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingKey.exe [3641152 2015-08-13] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)

Task: {70B6D757-79BE-4CFF-A5B5-11396C24D85E} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2015-11-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)

Task: {DCA08C30-1E02-4B42-92C3-B16D7B1CF7BD} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8725248 2015-11-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)

Task: {F1E267F9-E03D-4079-9E01-29E23CF7D956} - System32\Tasks\SS2svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2svc32.exe [2608128 2015-08-15] () [File not signed]

Task: {C46B26C9-18AF-4022-B09F-E930DFCB711E} - System32\Tasks\SS2svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2svc64.exe [301056 2015-08-15] () [File not signed]

Task: {1A440506-415F-443A-9820-CE516D864607} - System32\Tasks\SS2UILauncherRun => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe [970720 2015-08-15] (A-Volute -> )

Task: {71CCF05B-B191-441D-B7B1-D4B1B4A401DB} - System32\Tasks\Uninstaller_SkipUac_Martin => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [9914736 2024-06-26] (IObit CO., LTD -> IObit) -> C:\Program Files (x86)\IObit\IObit Uninstaller\\/UninstallExplorer

Task: {0008E49D-2CD7-4C74-9AA0-2069821BF36E} - System32\Tasks\WD Device Agent Task martin => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe [724760 2023-05-26] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)

Task: {F3635965-CEEC-40A6-B867-54225DCA8793} - System32\Tasks\WD Discovery Service Task martin => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [79640 2023-05-26] (Western Digital Technologies, Inc. -> )

Task: {A794DBAC-2749-452E-A13E-95EB7A9B616B} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5178\wtoolex\wpsnotify.exe [513896 2015-11-25] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)

Task: {B551AD13-0663-4781-B830-9C89E42F557E} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5178\wtoolex\wpsupdate.exe [480616 2015-11-25] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\EPSON ET-8500 Series Update {3D425FA5-076F-4EA3-934C-CAD48D6DAE66}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSYAE.EXE:/EXE:{3D425FA5-076F-4EA3-934C-CAD48D6DAE66} /F:UpdateWORKGROUP\DESKTOP-OTB3QSE$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

Task: C:\WINDOWS\Tasks\EPSON ET-8500 Series Update {BE86C5C2-FF63-40CF-A3DD-BE65D476164E}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSYAE.EXE:/EXE:{BE86C5C2-FF63-40CF-A3DD-BE65D476164E} /F:UpdateWORKGROUP\DESKTOP-OTB3QSE$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5178\wtoolex\wpsnotify.exe

Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5178\wtoolex\wpsupdate.exe

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

Tcpip\..\Interfaces\{3e5a52b0-73e4-4ade-8e9b-1e582a88d787}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Tcpip\..\Interfaces\{82ebbd22-8da2-413c-a123-2a262a5c336c}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Tcpip\..\Interfaces\{82ebbd22-8da2-413c-a123-2a262a5c336c}: [DhcpDomain] home

Tcpip\..\Interfaces\{91ad9b4b-f5fa-49f5-a875-0519e64ae4d3}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Tcpip\..\Interfaces\{91ad9b4b-f5fa-49f5-a875-0519e64ae4d3}: [DhcpDomain] home

Tcpip\..\Interfaces\{91ad9b4b-f5fa-49f5-a875-0519e64ae4d3}\4505D2C496E6B6F523333343: [DhcpNameServer] 192.168.1.1 0.0.0.0

Tcpip\..\Interfaces\{91ad9b4b-f5fa-49f5-a875-0519e64ae4d3}\75966496D2E4144463D25374: [DhcpNameServer] 192.168.1.1 192.168.1.1

Tcpip\..\Interfaces\{91ad9b4b-f5fa-49f5-a875-0519e64ae4d3}\75966496D2E4144463D25374: [DhcpDomain] home

Tcpip\..\Interfaces\{91ad9b4b-f5fa-49f5-a875-0519e64ae4d3}\75966496D2E4144463F5235485: [DhcpNameServer] 192.168.1.1 192.168.1.1

Tcpip\..\Interfaces\{91ad9b4b-f5fa-49f5-a875-0519e64ae4d3}\75966496D2E4144463F5235485: [DhcpDomain] home

Tcpip\..\Interfaces\{c4950e03-3c31-41ea-8681-36d2da44cebc}: [NameServer] 192.168.1.1,198.153.192.1

Tcpip\..\Interfaces\{c4950e03-3c31-41ea-8681-36d2da44cebc}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Tcpip\..\Interfaces\{c4950e03-3c31-41ea-8681-36d2da44cebc}: [DhcpDomain] home

Tcpip\..\Interfaces\{cbdceb2e-b69f-40dd-b58e-32e17cd3119c}: [DhcpNameServer] 209.222.18.222 209.222.18.218

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

 

Edge:

=======

Edge DefaultProfile: Default

Edge Profile: C:\Users\Martin\AppData\Local\Microsoft\Edge\User Data\Default [2024-07-23]

Edge Notifications: Default -> hxxps://www.facebook.com

Edge Extension: (Kaspersky Protection) - C:\Users\Martin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2024-05-23]

Edge Extension: (Google Docs Offline) - C:\Users\Martin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-02]

Edge Extension: (Edge relevant text changes) - C:\Users\Martin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-01]

Edge Extension: (IDM Integration Module) - C:\Users\Martin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2024-07-16]

Edge Extension: (IDM Integration Module) - C:\Users\Martin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2024-07-18]

Edge Profile: C:\Users\Martin\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2024-06-21]

Edge Extension: (Kaspersky Protection) - C:\Users\Martin\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2024-04-23]

Edge Extension: (Google Docs Offline) - C:\Users\Martin\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-02]

Edge Extension: (Edge relevant text changes) - C:\Users\Martin\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]

Edge Extension: (IDM Integration Module) - C:\Users\Martin\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2024-04-23]

Edge HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]

Edge HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2024-07-17]

Edge HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2024-07-17]

 

FireFox:

========

FF DefaultProfile: t60635rz.default-1652673025996

FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\dqil2cj2.default-release [2024-07-23]

FF Extension: (Bulk Image Downloader) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\dqil2cj2.default-release\Extensions\{524B8EF8-C312-11DB-8039-536F56D89593}.xpi [2019-06-13]

FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\t60635rz.default-1652673025996 [2024-07-23]

FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi => not found

FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn

FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2017-01-12] [Legacy] [not signed]

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi => not found

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found

FF HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi

FF Extension: (IDM Integration Module) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2024-07-09]

FF HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Users\Martin\AppData\Roaming\IDM\idmmzcc5

FF Extension: (IDM CC) - C:\Users\Martin\AppData\Roaming\IDM\idmmzcc5 [2017-04-07] [Legacy] [not signed]

FF HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\SeaMonkey\Extensions: [[email protected]] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi

FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] [Legacy]

FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-08-03] (LastPass (Marvasol Inc) -> LastPass)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom) [File not signed]

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2024-06-27] (Adobe Inc. -> Adobe Systems)

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-04-22] (Foxit Software Incorporated -> Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-04-22] (Foxit Software Incorporated -> Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-04-22] (Foxit Software Incorporated -> Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-04-22] (Foxit Software Incorporated -> Foxit Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-25] (Intel® Identity Protection Technology Software -> Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-25] (Intel® Identity Protection Technology Software -> Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.411.2 -> C:\Program Files (x86)\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2024-03-13] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.411.2 -> C:\Program Files (x86)\Java\jre-1.8\bin\plugin2\npjp2.dll [2024-03-13] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2016-08-03] (LastPass (Marvasol Inc) -> LastPass)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-12-05] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-12-05] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]

FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Users\Martin\Dropbox\Programs\VLC\npvlc.dll [2023-10-31] (VideoLAN -> VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Users\Martin\Dropbox\Programs\VLC\npvlc.dll [2023-10-31] (VideoLAN -> VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Users\Martin\Dropbox\Programs\VLC\npvlc.dll [2023-10-31] (VideoLAN -> VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Users\Martin\Dropbox\Programs\VLC\npvlc.dll [2023-10-31] (VideoLAN -> VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=3.0.20 -> C:\Users\Martin\Dropbox\Programs\VLC\npvlc.dll [2023-10-31] (VideoLAN -> VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Users\Martin\Dropbox\Programs\VLC\npvlc.dll [2023-10-31] (VideoLAN -> VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Users\Martin\Dropbox\Programs\VLC\npvlc.dll [2023-10-31] (VideoLAN -> VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Users\Martin\Dropbox\Programs\VLC\npvlc.dll [2023-10-31] (VideoLAN -> VideoLAN)

FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom) [File not signed]

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] (WildTangent Inc -> )

FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-09-25] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2024-06-27] (Adobe Inc. -> Adobe Systems)

FF Plugin HKU\S-1-5-21-3624156614-4154489229-1379725982-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom) [File not signed]

FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2019-06-13] <==== ATTENTION (Points to *.cfg file)

FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2019-06-13] <==== ATTENTION

 

Chrome:

=======

CHR DefaultProfile: Profile 1

CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default [2024-07-22]

CHR Extension: (Kaspersky Protection) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2024-05-29]

CHR Extension: (Google Docs Offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-07]

CHR Extension: (IDM Integration Module) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2024-07-21]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]

CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-06-21]

CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-07-23]

CHR Notifications: Profile 1 -> hxxps://book.qantas.com; hxxps://savesubs.com; hxxps://www.instagram.com; hxxps://www.intelius.com; hxxps://www.italki.com; hxxps://www.justwatch.com; hxxps://www.messenger.com; hxxps://www.netflix.com; hxxps://www.oneflare.com.au; hxxps://www.qatarairways.com; hxxps://z-m-www.facebook.com

CHR Extension: (Kaspersky Protection) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2024-05-24]

CHR Extension: (Dark Mode) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dmghijelimhndkbmpgbldicpogfkceaj [2023-10-31]

CHR Extension: (Google Docs Offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-06-21]

CHR Extension: (LastPass: Free Password Manager) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2024-06-07]

CHR Extension: (Language Reactor) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hoombieeljmmljlkjmnheibnpciblicm [2023-05-24]

CHR Extension: (Office - Enable Copy and Paste) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ifbmcpbgkhlpfcodhjhdbllhiaomkdej [2022-09-12]

CHR Extension: (No History) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ljamgkbcojbnmcaonjokopmcblmmpfch [2019-05-10]

CHR Extension: (History On/Off) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ljbpakpmiimdmblcjjhhbfabbkmcgmdp [2018-11-08]

CHR Extension: (Classic Blue) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mdifmgkofhcnndinbbdbaplplnmdalnc [2023-03-24]

CHR Extension: (IDM Integration Module) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2024-07-18]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]

CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-06-21]

CHR Extension: (Kaspersky Protection) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2024-05-27]

CHR Extension: (Google Docs Offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-05-26]

CHR Extension: (IDM Integration Module) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2024-05-26]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-17]

CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 3 [2024-07-14]

CHR Extension: (Kaspersky Protection) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2024-06-09]

CHR Extension: (Google Docs Offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-09]

CHR Extension: (IDM Integration Module) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2024-07-08]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-31]

CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4 [2024-07-22]

CHR Notifications: Profile 4 -> hxxps://www.youtube.com

CHR Extension: (Kaspersky Protection) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2024-07-20]

CHR Extension: (Google Docs Offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-06]

CHR Extension: (IDM Integration Module) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2024-07-20]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-17]

CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 5 [2024-07-22]

CHR Extension: (Kaspersky Protection) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2024-05-27]

CHR Extension: (Google Docs Offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-14]

CHR Extension: (IDM Integration Module) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2024-07-22]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-01]

CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 6 [2024-06-21]

CHR Extension: (Kaspersky Protection) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2024-04-26]

CHR Extension: (Google Docs Offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-26]

CHR Extension: (IDM Integration Module) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2024-04-26]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-02-03]

CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\System Profile [2024-07-23]

CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm

CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2024-07-17]

CHR HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2024-07-17]

CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm

CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2024-07-17]

 

==================== Services (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY SOLUTIONS LIMITED -> ABBYY)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-09-28] (ArcSoft, Inc. -> ArcSoft Inc.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-06-25] (Adobe Inc. -> Adobe Inc.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944048 2024-06-27] (Adobe Inc. -> Adobe Inc.)

R2 AdvancedSystemCareService17; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [1268744 2024-03-07] (IObit CO., LTD -> IObit)

R2 AsHidService; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe [111416 2015-06-27] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)

R2 ASUS Rog Macro Key; C:\Program Files (x86)\ASUS\ROG MacroKey\MacroSrv.exe [492344 2015-07-03] (ASUSTeK Computer Inc. -> ASUS)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.5.541\AsusWSWinService.exe [75264 2015-10-22] (ASUS Cloud Corporation) [File not signed]

R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe [184768 2021-06-17] (Kaspersky Lab JSC -> AO Kaspersky Lab)

S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1085864 2024-07-17] (Gen Digital Inc. -> Piriform Software Ltd)

R2 CdRomAccessAgentService; C:\Program Files (x86)\Common Files\cdagtsvc\cdagtsvc_v1.0.0_x86.exe [105672 2022-07-17] (Shenzhen Moyea Software -> Leawo Software)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14023752 2024-06-26] (Microsoft Corporation -> Microsoft Corporation)

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)

S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)

R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2024-07-09] (Dropbox, Inc -> Dropbox, Inc.)

R2 DCAgent; C:\Program Files\EPSON\Epson Data Collection Agent\DCAgent.exe [19240 2023-10-30] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)

R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-03-22] (Digital Wave Ltd -> Digital Wave Ltd.)

S3 DropboxElevationService; C:\Program Files (x86)\Dropbox\Client\203.4.4857\DropboxElevationService.exe [1659288 2024-07-09] (Dropbox, Inc -> Dropbox, Inc.)

R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [206304 2020-10-02] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)

S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.126.0623.0001\FileSyncHelper.exe [3519392 2024-07-06] (Microsoft Corporation -> Microsoft Corporation)

R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-15] (WildTangent Inc -> WildTangent)

R2 hasplms; C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplms.exe [5730312 2020-05-29] (Gemalto, Inc. -> SafeNet, Inc.)

R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-20] (Intel Corporation) [File not signed]

S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [167432 2024-04-26] (IObit CO., LTD -> IObit)

S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-20] () [File not signed]

S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5178\wtoolex\wpsupdatesvr.exe [133480 2015-11-25] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)

S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)

S3 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [354152 2020-04-01] (Kaspersky Lab -> AO Kaspersky Lab)

R2 KSDE5.14; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.14\ksde.exe [32008 2023-07-13] (Kaspersky Lab JSC -> AO Kaspersky Lab)

R2 NTI Backup Now EZ 4 Scheduler; C:\Program Files (x86)\NTI\NTI Backup Now EZ 4\ScheduleService.exe [104112 2015-11-10] (NTI Corporation -> )

S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.126.0623.0001\OneDriveUpdaterService.exe [3860400 2024-07-06] (Microsoft Corporation -> Microsoft Corporation)

R2 PrivateInternetAccessService; C:\Program Files\Private Internet Access\pia-service.exe [1391840 2023-12-12] (Private Internet Access, Inc. -> )

S3 PrivateInternetAccessWireguard; C:\Program Files\Private Internet Access\pia-wgservice.exe [4455000 2023-12-12] (Private Internet Access, Inc. -> )

R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256264 2023-02-10] (Razer USA Ltd. -> Razer Inc)

R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [301576 2023-02-23] (Razer USA Ltd. -> Razer Inc.)

S3 ROGGamingCenterService; C:\Program Files (x86)\ASUS\ROG Gaming Center\ROGGamingCenterService.exe [76032 2015-08-13] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.)

R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [537912 2023-03-02] (Razer USA Ltd. -> Razer Inc.)

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11665136 2019-01-17] (TeamViewer GmbH -> TeamViewer GmbH)

R2 TosHddscSvc; C:\Program Files (x86)\TOSHIBA\Storage Security Software\TosHddscSvc.exe [2154376 2020-04-08] (Toshiba Electronic Devices & Storage Corporation -> TOSHIBA ELECTRONIC DEVICES & STORAGE CORPORATION)

R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [288768 2011-03-09] (WDC) [File not signed]

R2 WDFME; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [1066896 2011-03-09] (Western Digital Technologies, Inc. -> )

S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-07-19] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 WDSC; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [491920 2011-03-09] (Western Digital Technologies, Inc. -> )

S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-07-19] (Microsoft Windows Publisher -> Microsoft Corporation)

 

===================== Drivers (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 aksdf; C:\WINDOWS\system32\drivers\aksdf.sys [389560 2020-05-29] (Gemalto, Inc. -> SafeNet, Inc.)

R2 aksfridge; C:\WINDOWS\system32\drivers\aksfridge.sys [510800 2020-05-29] (Gemalto, Inc. -> SafeNet, Inc.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)

R3 AscFileFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [47904 2024-03-07] (IObit CO., LTD -> IObit)

R3 AscRegistryFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [46552 2024-03-07] (IObit CO., LTD -> IObit)

R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-09] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)

R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-09] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)

R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [237288 2022-02-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)

R3 cpuz154; C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [40976 2024-07-22] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

S3 GeneStor; C:\WINDOWS\system32\DRIVERS\GeneStor.sys [115704 2015-07-15] (GENESYS LOGIC, INC. -> GenesysLogic)

R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [1970104 2020-05-29] (Gemalto, Inc. -> SafeNet, Inc.)

R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)

R2 IDMWFP; C:\WINDOWS\system32\DRIVERS\idmwfp.sys [173736 2023-11-26] (Microsoft Windows Hardware Compatibility Publisher -> Tonec Inc.)

R3 iobit_monitor_server2021; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win10_x64.sys [33256 2024-03-07] (IObit CO., LTD -> IObit)

R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [105280 2022-02-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)

R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [206600 2022-02-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)

R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [119568 2022-02-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)

S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)

R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [533040 2024-04-04] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)

R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [845112 2024-06-05] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)

R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [2090304 2024-06-05] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)

R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [236440 2024-07-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)

R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1051184 2024-04-04] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)

R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [90896 2022-02-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)

R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [104728 2022-02-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)

R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [107328 2022-02-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)

R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [78088 2022-02-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)

R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [88328 2022-02-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)

R3 kltun; C:\WINDOWS\system32\DRIVERS\kltun.sys [86760 2023-07-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)

R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [384656 2024-07-11] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)

R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [358736 2024-06-10] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)

R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [183728 2024-06-10] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)

R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [265416 2024-07-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)

R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [150280 2022-02-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)

R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [325400 2022-02-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)

R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [294680 2022-02-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)

R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [51904 2015-01-14] (TITAN ARC CORP. TAIWAN BRANCH (SAMOA) -> Titan ARC Corp.)

S3 PHYMEM2; C:\Program Files (x86)\Leawo\Blu-ray Player\phymem_ext64.sys [16032 2021-12-16] (Shenzhen Moyea Software -> )

R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)

R3 RzDev_0098; C:\WINDOWS\System32\drivers\RzDev_0098.sys [55624 2021-01-29] (Razer USA Ltd. -> Razer Inc)

S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

R3 tap-pia-0901; C:\WINDOWS\System32\drivers\tap-pia-0901.sys [39944 2020-01-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)

R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2018-01-30] (OpenVPN Technologies, Inc. -> The OpenVPN Project)

R0 toshddsc; C:\Windows\System32\Drivers\toshddsc.sys [26232 2017-08-21] (Microsoft Windows Hardware Compatibility Publisher -> TOSHIBA Corporation)

S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)

S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2022-07-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [25704 2022-10-03] (WDKTestCert user,132375440089837053 -> Western Digital Technologies, Inc.)

S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [452856 2022-07-19] (Microsoft Windows -> Microsoft Corporation)

R1 wdfsconnect2017; C:\WINDOWS\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)

S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-07-19] (Microsoft Windows -> Microsoft Corporation)

R3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)

R2 WinI2C-DDC; C:\WINDOWS\system32\drivers\DDCDrv.sys [20832 2011-06-22] (PC Micro Systems Inc. -> Nicomsoft Ltd.)

S3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One month (created) (Whitelisted) =========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2024-07-23 10:35 - 2024-07-23 10:33 - 002396672 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe

2024-07-22 08:40 - 2024-07-22 08:40 - 000454235 _____ C:\Users\Martin\Downloads\Set bottle mocks.pdf

2024-07-20 09:32 - 2024-07-20 09:32 - 001185839 _____ C:\Users\Martin\Downloads\3696_34925 HSSA 281.pdf

2024-07-18 19:20 - 2024-07-22 22:06 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job

2024-07-18 19:20 - 2024-07-18 19:20 - 000003382 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting

2024-07-18 12:32 - 2024-07-18 12:32 - 000592249 _____ C:\Users\Martin\Downloads\JB HiFi Vacuum.pdf

2024-07-16 23:29 - 2024-07-16 23:29 - 003112140 _____ C:\Users\Martin\Downloads\IMG_0452a.tif

2024-07-16 18:51 - 2024-07-16 18:51 - 000534646 _____ C:\Users\Martin\Downloads\IMG_0393.JPEG

2024-07-16 18:50 - 2024-07-16 18:50 - 000760795 _____ C:\Users\Martin\Downloads\IMG_0457.JPEG

2024-07-16 18:49 - 2024-07-16 18:49 - 001247119 _____ C:\Users\Martin\Downloads\IMG_4183.JPEG

2024-07-16 18:49 - 2024-07-16 18:49 - 000603526 _____ C:\Users\Martin\Downloads\IMG_0452.JPEG

2024-07-16 12:39 - 2024-07-16 12:39 - 000000000 ____D C:\Users\Martin\Downloads\VueScan-Settings.pdf_2

2024-07-16 12:38 - 2024-07-16 12:39 - 000483222 _____ C:\Users\Martin\Downloads\VueScan-Settings.pdf_2.zip

2024-07-15 18:41 - 2024-07-15 18:41 - 000545585 _____ C:\Users\Martin\Downloads\IMG_0385.JPEG

2024-07-15 18:41 - 2024-07-15 18:41 - 000481569 _____ C:\Users\Martin\Downloads\IMG_0387.JPEG

2024-07-15 14:55 - 2024-07-15 14:55 - 000062244 _____ C:\Users\Martin\Downloads\Application Summary.pdf

2024-07-15 14:53 - 2024-07-15 14:53 - 000835176 _____ C:\Users\Martin\Downloads\Application Checklist.pdf

2024-07-15 09:46 - 2024-07-15 09:46 - 000634081 _____ C:\Users\Martin\Downloads\26326_Research.pdf

2024-07-14 15:55 - 2024-07-14 15:55 - 002948938 _____ C:\Users\Martin\Downloads\Swooping Lines border.jpeg

2024-07-14 14:17 - 2024-07-14 14:18 - 001858436 _____ C:\Users\Martin\Downloads\Swooping Lines.jpeg

2024-07-11 15:55 - 2024-07-11 15:55 - 000851942 _____ C:\Users\Martin\Downloads\iCloud Photos_3.zip

2024-07-11 15:55 - 2024-07-11 15:55 - 000000000 ____D C:\Users\Martin\Downloads\iCloud Photos_3

2024-07-11 14:28 - 2024-07-11 14:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox

2024-07-11 06:25 - 2024-07-11 06:25 - 000851444 _____ C:\Users\Martin\Downloads\IMG_8242.JPEG

2024-07-10 23:56 - 2024-07-10 23:56 - 000000000 ____D C:\WINDOWS\system32\compatrel

2024-07-10 13:12 - 2024-07-10 13:12 - 000021724 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json

2024-07-10 13:11 - 2024-07-10 13:11 - 000021724 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json

2024-07-10 13:01 - 2024-07-10 13:01 - 000000000 ___HD C:\$WinREAgent

2024-07-09 23:00 - 2024-07-09 23:00 - 011781569 _____ C:\Users\Martin\Downloads\WS5 - Developing a loose style.pdf

2024-07-09 20:32 - 2024-07-09 20:32 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe

2024-07-09 14:30 - 2024-07-09 14:30 - 000876202 _____ C:\Users\Martin\Downloads\IMG_0272.JPEG

2024-07-09 14:30 - 2024-07-09 14:30 - 000698799 _____ C:\Users\Martin\Downloads\IMG_0274.JPEG

2024-07-06 22:17 - 2024-07-06 22:17 - 001674101 _____ C:\Users\Martin\Downloads\wetransfer_richard-s-pics_2024-07-04_0724.zip

2024-07-06 11:27 - 2024-07-06 11:27 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task

2024-07-06 11:27 - 2024-07-06 11:27 - 000002134 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2024-07-05 16:34 - 2024-07-05 16:34 - 011976078 _____ C:\Users\Martin\Downloads\WS4 - Line weight and quality.pdf

2024-07-05 10:15 - 2024-07-05 10:15 - 000003530 _____ C:\WINDOWS\system32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0

2024-07-05 10:15 - 2024-07-05 10:15 - 000003506 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0

2024-07-02 21:26 - 2024-07-02 21:26 - 001456994 _____ C:\Users\Martin\Downloads\IMG_0205 (1).JPEG

2024-07-02 21:25 - 2024-07-02 21:25 - 002924867 _____ C:\Users\Martin\Downloads\IMG_0205.JPEG

2024-07-02 13:14 - 2024-07-18 19:20 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update

2024-07-01 09:22 - 2024-07-01 09:22 - 000082935 _____ C:\Users\Martin\Downloads\drawtobyandcolinslighthouse.jpeg

2024-06-30 12:06 - 2024-06-30 12:06 - 001877332 _____ C:\WINDOWS\Minidump\063024-56593-01.dmp

2024-06-30 08:14 - 2024-06-30 08:14 - 015672508 _____ C:\Users\Martin\Downloads\WS3 - Shapes and structure.pdf

2024-06-29 21:29 - 2024-06-29 21:29 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task

2024-06-29 10:55 - 2024-06-29 10:55 - 000001101 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk

2024-06-29 04:23 - 2024-06-29 04:23 - 000003150 _____ C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_Martin

2024-06-29 04:23 - 2024-06-29 04:23 - 000001436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk

2024-06-29 04:23 - 2024-06-29 04:23 - 000001424 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk

2024-06-27 09:32 - 2024-06-27 09:32 - 001272437 _____ C:\Users\Martin\Downloads\IMG_0222.JPEG

2024-06-27 09:13 - 2024-06-27 09:13 - 000001406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk

2024-06-27 09:13 - 2024-06-27 09:13 - 000001376 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk

2024-06-27 09:10 - 2024-06-27 09:10 - 003951012 _____ C:\Users\Martin\Downloads\IMG_4643.tif

2024-06-26 22:19 - 2024-06-26 22:19 - 001090773 _____ C:\Users\Martin\Downloads\iCloud Photos_2.zip

2024-06-26 22:13 - 2024-06-26 22:13 - 000000000 ____D C:\Users\Martin\Downloads\iCloud Photos

2024-06-26 12:49 - 2024-06-26 12:49 - 001090235 _____ C:\Users\Martin\Downloads\IMG_4643.JPEG

2024-06-26 12:32 - 2023-08-13 10:08 - 001367669 _____ C:\Users\Martin\Downloads\IMG_1675.JPEG

2024-06-26 11:27 - 2024-06-26 11:27 - 011735640 _____ C:\Users\Martin\Downloads\iCloud Photos.zip

2024-06-26 11:24 - 2024-06-26 11:24 - 004517811 _____ C:\Users\Martin\Downloads\IMG_6356.JPEG

2024-06-25 21:29 - 2024-06-25 21:29 - 010617786 _____ C:\Users\Martin\Downloads\WS2 - Get some perspective.pdf

2024-06-25 14:14 - 2024-06-25 14:14 - 000074129 _____ C:\Users\Martin\Downloads\ASIC Annual Co Renewal - Behesht Pty Ltd.pdf

2024-06-23 12:19 - 2024-06-23 12:20 - 076395280 _____ C:\Users\Martin\Downloads\Sketch Loose Full.pdf

2024-06-23 11:26 - 2024-06-30 12:05 - 1903159720 ____N C:\WINDOWS\MEMORY.DMP

2024-06-23 11:26 - 2024-06-23 11:26 - 002058980 _____ C:\WINDOWS\Minidump\062324-42062-01.dmp

2024-06-23 10:37 - 2024-06-23 10:37 - 000001270 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reverso.lnk

2024-06-23 10:37 - 2024-06-23 10:37 - 000001262 _____ C:\Users\Martin\Desktop\Reverso.lnk

2024-06-23 09:06 - 2024-06-23 09:06 - 002674498 _____ C:\Users\Martin\Downloads\Statement20240508.pdf

2024-06-23 09:03 - 2024-06-23 09:03 - 000900817 _____ C:\Users\Martin\Downloads\Statement20240607.pdf

2024-06-23 09:01 - 2024-06-23 09:01 - 000907162 _____ C:\Users\Martin\Downloads\Statement20231107.pdf

2024-06-23 08:59 - 2024-06-23 08:59 - 000906120 _____ C:\Users\Martin\Downloads\Statement20230508.pdf

2024-06-23 08:55 - 2024-06-23 08:55 - 000575529 _____ C:\Users\Martin\Downloads\Statement20230109.pdf

2024-06-23 08:53 - 2024-06-23 08:53 - 000581218 _____ C:\Users\Martin\Downloads\Statement20220707_2.pdf

 

==================== One month (modified) ==================

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2024-07-23 10:41 - 2019-11-12 10:24 - 000077916 _____ C:\Users\Martin\Desktop\FRST.txt

2024-07-23 10:41 - 2017-09-21 11:08 - 000000000 ____D C:\FRST

2024-07-23 10:29 - 2016-06-16 15:39 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Word

2024-07-23 10:28 - 2019-12-07 18:44 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2024-07-23 10:24 - 2017-09-13 14:47 - 000000000 ____D C:\Program Files (x86)\Steam

2024-07-23 10:21 - 2018-06-12 15:29 - 000000000 ___RD C:\Users\Martin\OneDrive

2024-07-23 10:15 - 2016-06-19 12:39 - 000000000 ____D C:\Users\Martin\AppData\Local\Dropbox

2024-07-23 10:11 - 2021-05-14 16:26 - 000000000 ____D C:\Users\Martin\AppData\Roaming\WD Discovery

2024-07-23 10:11 - 2021-05-14 16:26 - 000000000 ____D C:\Users\Martin\.wdc

2024-07-23 10:11 - 2016-06-19 12:44 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Dropbox

2024-07-23 10:10 - 2023-04-11 16:27 - 000000000 ____D C:\Users\Martin\AppData\Local\CrashDumps

2024-07-23 10:10 - 2021-12-29 14:37 - 000000000 ____D C:\Program Files\CCleaner

2024-07-23 10:10 - 2019-12-07 18:44 - 000000000 ____D C:\WINDOWS\AppReadiness

2024-07-22 23:04 - 2017-06-15 14:22 - 000000000 ____D C:\ProgramData\NVIDIA

2024-07-22 23:04 - 2016-09-09 13:47 - 000000000 ____D C:\Users\Martin\AppData\Roaming\DMCache

2024-07-22 22:51 - 2023-11-20 11:48 - 000002554 _____ C:\WINDOWS\SysWOW64\pubfreeware.ini

2024-07-22 22:36 - 2020-08-24 21:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2024-07-22 22:13 - 2020-08-24 22:04 - 000840602 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2024-07-22 22:13 - 2019-12-07 18:43 - 000000000 ____D C:\WINDOWS\INF

2024-07-22 22:07 - 2023-08-08 18:08 - 000000000 ____D C:\ProgramData\ProductData3

2024-07-22 22:06 - 2024-06-10 09:17 - 000008192 ___SH C:\DumpStack.log.tmp

2024-07-22 22:06 - 2020-08-24 22:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2024-07-22 22:06 - 2019-12-07 18:44 - 000000000 ____D C:\WINDOWS\ServiceState

2024-07-22 22:06 - 2016-09-09 13:47 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager

2024-07-22 22:06 - 2015-11-25 15:03 - 000000000 ____D C:\Program Files (x86)\TeamViewer

2024-07-22 22:05 - 2019-12-07 18:33 - 001048576 _____ C:\WINDOWS\system32\config\BBI

2024-07-22 13:56 - 2016-09-09 13:47 - 000000000 ____D C:\Users\Martin\AppData\Roaming\IDM

2024-07-22 12:09 - 2024-02-22 17:41 - 000003586 _____ C:\WINDOWS\system32\Tasks\Launch Adobe CCXProcess

2024-07-21 22:39 - 2017-11-11 13:53 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Anki2

2024-07-21 16:13 - 2017-01-17 07:00 - 000000000 ____D C:\KMPlayer

2024-07-21 10:04 - 2016-06-17 11:42 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Outlook

2024-07-21 09:52 - 2018-08-19 22:46 - 000000000 ____D C:\Users\Martin\AppData\Local\D3DSCache

2024-07-21 08:59 - 2021-12-16 18:07 - 000000000 ____D C:\WINDOWS\SystemTemp

2024-07-20 09:44 - 2019-12-07 18:44 - 000000000 ___HD C:\Program Files\WindowsApps

2024-07-20 09:16 - 2019-12-07 18:44 - 000000000 ____D C:\WINDOWS\LiveKernelReports

2024-07-19 22:15 - 2020-07-12 09:03 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk

2024-07-19 22:15 - 2020-07-12 09:03 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk

2024-07-18 19:26 - 2016-08-05 11:49 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Excel

2024-07-18 13:13 - 2017-05-17 10:45 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2024-07-18 13:13 - 2017-05-17 10:45 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2024-07-16 10:14 - 2022-08-28 12:16 - 000000000 ___HD C:\adobeTemp

2024-07-15 23:04 - 2020-08-24 21:52 - 000000000 ____D C:\Users\Martin

2024-07-14 10:08 - 2023-03-21 14:36 - 000000000 ____D C:\Program Files\Microsoft Office

2024-07-14 09:38 - 2019-12-07 18:44 - 000000000 ____D C:\WINDOWS\security

2024-07-12 17:15 - 2020-08-24 22:03 - 000003534 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA

2024-07-12 17:15 - 2020-08-24 22:03 - 000003410 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

2024-07-11 15:54 - 2022-08-26 14:36 - 000000000 ____D C:\Users\Martin\AppData\Roaming\com.adobe.dunamis

2024-07-11 14:28 - 2015-11-25 15:02 - 000000000 ____D C:\Program Files (x86)\Dropbox

2024-07-10 23:58 - 2020-08-24 21:51 - 000455176 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2024-07-10 23:57 - 2023-03-21 22:07 - 000000000 ____D C:\Program Files\Microsoft OneDrive

2024-07-10 23:56 - 2023-12-13 22:25 - 000000000 ____D C:\WINDOWS\InboxApps

2024-07-10 23:56 - 2019-12-07 18:44 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel

2024-07-10 23:56 - 2019-12-07 18:44 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism

2024-07-10 23:56 - 2019-12-07 18:44 - 000000000 ____D C:\WINDOWS\SystemResources

2024-07-10 23:56 - 2019-12-07 18:44 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns

2024-07-10 23:56 - 2019-12-07 18:44 - 000000000 ____D C:\WINDOWS\system32\setup

2024-07-10 23:56 - 2019-12-07 18:44 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates

2024-07-10 23:56 - 2019-12-07 18:44 - 000000000 ____D C:\WINDOWS\system32\oobe

2024-07-10 23:56 - 2019-12-07 18:44 - 000000000 ____D C:\WINDOWS\system32\Dism

2024-07-10 23:56 - 2019-12-07 18:44 - 000000000 ____D C:\WINDOWS\system32\appraiser

2024-07-10 23:56 - 2019-12-07 18:44 - 000000000 ____D C:\WINDOWS\ShellExperiences

2024-07-10 23:56 - 2019-12-07 18:44 - 000000000 ____D C:\WINDOWS\ShellComponents

2024-07-10 23:56 - 2019-12-07 18:44 - 000000000 ____D C:\WINDOWS\PolicyDefinitions

2024-07-10 23:56 - 2019-12-07 18:44 - 000000000 ____D C:\WINDOWS\bcastdvr

2024-07-10 13:15 - 2019-12-07 18:33 - 000000000 ____D C:\WINDOWS\CbsTemp

2024-07-10 13:11 - 2020-08-24 21:54 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

2024-07-10 12:59 - 2022-09-07 19:08 - 000000000 ____D C:\Program Files (x86)\dotnet

2024-07-10 12:59 - 2015-11-25 14:56 - 000000000 ____D C:\ProgramData\Package Cache

2024-07-10 12:25 - 2016-06-15 18:52 - 000000000 ____D C:\WINDOWS\system32\MRT

2024-07-10 12:15 - 2016-06-15 18:52 - 194135240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2024-07-10 10:19 - 2016-08-21 21:33 - 000000000 ____D C:\Program Files\Common Files\Adobe

2024-07-06 11:27 - 2021-12-11 18:21 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3624156614-4154489229-1379725982-1001

2024-07-02 21:28 - 2023-04-15 13:04 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Evernote

2024-06-30 12:06 - 2020-10-19 11:28 - 000000000 ____D C:\WINDOWS\Minidump

2024-06-29 10:59 - 2016-08-21 20:56 - 000000000 ____D C:\ProgramData\Adobe

2024-06-29 10:55 - 2016-08-21 21:32 - 000000000 ____D C:\Program Files\Adobe

2024-06-29 04:23 - 2018-07-16 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller

2024-06-27 09:12 - 2016-08-21 20:56 - 000000000 ____D C:\Program Files (x86)\Adobe

2024-06-24 16:34 - 2024-06-18 08:42 - 000023295 _____ C:\Users\Martin\Downloads\Hours.xlsx

2024-06-24 16:24 - 2016-06-16 15:39 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Office

2024-06-24 16:23 - 2017-12-04 12:37 - 000000000 ____D C:\Users\Martin\AppData\Local\Packages

2024-06-23 10:34 - 2016-06-19 12:39 - 000000940 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job

2024-06-23 10:34 - 2016-06-19 12:39 - 000000936 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job

 

==================== Files in the root of some directories ========

 

2019-08-21 14:04 - 2019-08-21 14:04 - 000000000 _____ () C:\Users\Martin\youtube-dl.exe

2020-03-07 15:15 - 2020-03-07 15:15 - 006112768 _____ (FreeImage) C:\Program Files (x86)\FreeImage64.dll

2020-03-07 15:15 - 2020-03-07 15:14 - 002108928 _____ (CMCEI) C:\Program Files (x86)\Language64.dll

2020-03-07 15:15 - 2020-03-07 15:14 - 011316248 _____ (CMCEI) C:\Program Files (x86)\newsbinpro64.exe

2008-04-25 21:54 - 2008-04-25 21:54 - 000009916 _____ () C:\Program Files (x86)\notices.txt

2018-10-10 03:08 - 2018-10-10 03:08 - 000000081 _____ () C:\Program Files (x86)\order.txt

2018-01-13 10:29 - 2018-01-13 10:29 - 000306176 _____ () C:\Program Files (x86)\par2Repair64.dll

2017-04-21 05:16 - 2017-04-21 05:16 - 000005407 _____ () C:\Program Files (x86)\readme.txt

2011-01-31 23:15 - 2011-01-31 23:15 - 000570583 _____ () C:\Program Files (x86)\sqlite3.exe

2016-06-15 08:51 - 2016-06-15 08:51 - 000363008 _____ (Intel Corporation) C:\Program Files (x86)\tbb.dll

2020-03-07 15:15 - 2020-03-07 15:15 - 000200054 _____ () C:\Program Files (x86)\Uninst64.exe

2018-09-13 06:35 - 2018-09-13 06:35 - 000003064 _____ () C:\Program Files (x86)\v681relnotes.txt

2016-06-19 10:51 - 2016-08-03 19:42 - 021874200 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe

2021-03-04 15:48 - 2021-03-04 15:48 - 000000171 _____ () C:\Users\Martin\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0

2016-09-25 14:12 - 2023-03-21 14:12 - 000038432 _____ () C:\Users\Martin\AppData\Roaming\Comma Separated Values (Windows).ADR

2016-06-15 15:21 - 2019-08-18 23:48 - 000000164 _____ () C:\Users\Martin\AppData\Roaming\sp_data.sys

2019-09-07 11:03 - 2022-12-02 12:42 - 000001456 _____ () C:\Users\Martin\AppData\Local\Adobe Save for Web 13.0 Prefs

2021-08-21 11:04 - 2021-10-22 17:56 - 000005120 _____ () C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2018-11-07 21:22 - 2018-11-07 21:22 - 000000000 _____ () C:\Users\Martin\AppData\Local\oobelibMkey.log

2016-09-01 23:03 - 2016-09-01 23:03 - 000000000 _____ () C:\Users\Martin\AppData\Local\{4DE834CF-A185-43F8-A115-00A0F032F008}

 

==================== SigCheck ============================

 

(There is no automatic fix for files that do not pass verification.)

 

==================== End of FRST.txt ========================

 


  • 0

Advertisements


#2
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,258 posts

Hello.

 

FRST tool created 2 logs when you run it. You posted only one. Please find Addition.txt on your Desktop and post it too, so I can review both. 


  • 0

#3
SydneyCarton

SydneyCarton

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Sorry, here's the Addition:

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.07.2024

Ran by Martin (23-07-2024 10:44:47)

Running from C:\Users\Martin\Desktop

Microsoft Windows 10 Home Version 22H2 19045.4651 (X64) (2020-08-24 12:34:09)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

 

(If an entry is included in the fixlist, it will be removed.)

 

Administrator (S-1-5-21-3624156614-4154489229-1379725982-500 - Administrator - Disabled)

alexg (S-1-5-21-3624156614-4154489229-1379725982-1002 - Limited - Enabled)

DefaultAccount (S-1-5-21-3624156614-4154489229-1379725982-503 - Limited - Disabled)

Guest (S-1-5-21-3624156614-4154489229-1379725982-501 - Limited - Disabled)

Martin (S-1-5-21-3624156614-4154489229-1379725982-1001 - Administrator - Enabled) => C:\Users\Martin

WDAGUtilityAccount (S-1-5-21-3624156614-4154489229-1379725982-504 - Limited - Disabled)

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}

FW: Kaspersky Internet Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

 

==================== Installed Programs ======================

 

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

7-Zip 23.01 (HKLM-x32\...\7-Zip) (Version: 23.01 - Igor Pavlov)

ABBYY FineReader 9.0 Sprint (HKLM-x32\...\{F9000000-0018-0000-0000-074957833700}) (Version: 9.00.631.5823 - ABBYY) Hidden

ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.631.5823 - ABBYY)

Adobe Acrobat X Standard - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-BA7E-000000000005}) (Version: 10.1.16 - Adobe Systems)

Adobe Bridge 2024 (HKLM-x32\...\KBRG_14_1_1) (Version: 14.1.1 - Adobe Inc.)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.3.0.207 - Adobe Inc.)

Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.9 - Adobe Systems Incorporated)

Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.5.0.43 - Adobe Inc.)

Adobe Lightroom Classic (HKLM-x32\...\LTRM_13_4) (Version: 13.4 - Adobe Inc.)

Adobe Photoshop 2024 (HKLM-x32\...\PHSP_25_9_1) (Version: 25.9.1.626 - Adobe Inc.)

Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601078}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden

Advanced SystemCare (HKLM-x32\...\Advanced SystemCare_is1) (Version: 17.4.0 - IObit)

Amazon Kindle (HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\Amazon Kindle) (Version: 1.39.1.65323 - Amazon)

Anki (HKLM-x32\...\Anki) (Version: 2.1.30 - )

Apowersoft Online Launcher version 1.4.5 (HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.4.5 - APOWERSOFT LIMITED)

ArcSoft MediaImpression 2 (HKLM-x32\...\{FB46F473-333E-4A06-A777-31C54188593E}) (Version: 2.0.14.672 - ArcSoft)

ArcSoft Scan-n-Stitch Deluxe (HKLM-x32\...\{FF8455A9-21E8-457D-AC64-510A705D53B3}) (Version: 1.1.2.35 - ArcSoft)

Asus Sonic Suite Plugins (HKLM-x32\...\{538766d1-8795-4e62-b3d3-cf65517bae51}) (Version: 2.0.7 - ASUSTeKcomputer.Inc)

ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.13.0004 - ASUS)

ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)

ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0041 - ASUS)

Audacity 3.3.2 (HKLM\...\Audacity_is1) (Version: 3.3.2 - Audacity Team)

Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.19 - Audible, Inc.)

Audible Plugin for iTunes (HKLM-x32\...\{52076254-FA2B-4540-AD7E-CCD0BD74EBC6}) (Version: 1.0.0 - Audible)

Bulk Image Downloader v5.42.0.0 (HKLM-x32\...\Bulk Image Downloader_is1) (Version: 5.41 - Antibody Software)

calibrite PROFILER 1.2.8 (HKLM\...\c3ea73ae-7d77-5009-bad5-7caab7879966) (Version: 1.2.8 - Calibrite LLC)

CCleaner (HKLM\...\CCleaner) (Version: 6.26 - Piriform)

CheckerBoard 1.70 (HKLM-x32\...\CheckerBoard_is1) (Version:  - Martin Fierz)

Chess Tutor Step 1 (HKLM-x32\...\{8A6FDA71-871C-4F35-9392-A27B7E9B7A54}_is1) (Version:  - Cor van Wijgerden)

ClassicsOnline HD*LL (HKLM-x32\...\{B95398F2-A21C-4B74-B5C5-89BB63313769}) (Version: 0.3 - ClassicsOnlineHD)

Dam 2.2 (HKLM-x32\...\Dam 2.2_is1) (Version:  - )

Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 4.08 - NCH Software)

Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.)

Document Capture Pro (HKLM-x32\...\{B4A3C072-87AF-4937-880D-3D7997111C0D}) (Version: 1.01.0000 - Seiko Epson Corporation)

Dropbox (HKLM-x32\...\Dropbox) (Version: 203.4.4857 - Dropbox, Inc.)

Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.911.1 - Dropbox, Inc.) Hidden

DVDFab 12 (x64) (26/02/2021) (HKLM-x32\...\DVDFab 12 (x64)) (Version: 12.0.1.9 - DVDFab Software Inc.)

EaseFab LosslessCopy (HKLM-x32\...\EaseFabLosslessCopy) (Version: 5.6.3 - EaseFab)

Epson Data Collection Agent (HKLM\...\{E2094675-7F14-4DAD-ADD3-FC863F05469C}) (Version: 7.1 - Seiko Epson Corporation)

EPSON ET-8500 Series Printer Uninstall (HKLM\...\EPSON ET-8500 Series) (Version:  - Seiko Epson Corporation)

Epson Event Manager (HKLM-x32\...\{067039C9-A41C-42F5-9571-B06E0700AAA4}) (Version: 3.11.77 - Seiko Epson Corporation)

Epson Manuals (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 2.0.4.0 - Seiko Epson Corporation)

Epson Photo+ (HKLM-x32\...\{12DE33D1-6FE8-42E1-B54B-6114806BBA40}) (Version: 3.8.2.0 - Seiko Epson Corporation)

Epson Printer Connection Checker (HKLM-x32\...\{DE32F90E-1A29-4D74-BCF1-E7DDB25D713A}) (Version: 3.4.0.0 - Seiko Epson Corporation)

EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)

Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version:  - Seiko Epson Corporation)

EPSON Scan OCR Component (HKLM-x32\...\{3615C893-F844-4A5B-B949-8409EAB62271}) (Version: 3.00.05 - Seiko Epson Corporation)

EPSON Scan PDF Extensions (HKLM-x32\...\{E4C6B326-8218-4FC2-8B48-85A19DAB3AE4}) (Version: 1.03.02.01 - Seiko Epson Corporation)

Epson ScanSmart (HKLM-x32\...\{1A1B60BB-F156-4F6D-AD79-8A096B67E9AB}) (Version: 3.7.10 - Seiko Epson Corporation)

Epson Software Updater (HKLM-x32\...\{711E8536-AB71-4455-A6C4-357FDBBEBF91}) (Version: 4.6.7 - Seiko Epson Corporation)

Epson User's Guide EPSON Perfection V370 Photo (HKLM-x32\...\EPSON Perfection V370 Photo Useg) (Version:  - )

EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)

Evernote 10.71.2 (HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\e4251011-875e-51f3-a464-121adaff5aaa) (Version: 10.71.2 - Evernote Corporation)

Excel (HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)

FastStone Image Viewer 6.4 (HKLM-x32\...\FastStone Image Viewer) (Version: 6.4 - FastStone Soft)

FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )

Foxit PhantomPDF (HKLM-x32\...\{E40149BB-552F-44C8-A10F-4188ADC5AD70}) (Version: 7.0.510.429 - Foxit Software Inc.)

GameFirst IV (HKLM-x32\...\{2B5BE4E7-3E40-4BC4-A534-5342E3078F89}) (Version: 1.5.12 - ASUS) Hidden

GameFirst IV (HKLM-x32\...\GameFirst IV 1.5.12) (Version: 1.5.12 - ASUS)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 126.0.6478.182 - Google LLC)

HandBrake 1.3.3 (HKLM-x32\...\HandBrake) (Version: 1.3.3 - )

Hard Disk Sentinel PRO (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: 5.70 - Janos Mathe)

IncredibleCharts Pro (HKLM-x32\...\{134959C1-E63F-11D5-87EF-444553540000}_is1) (Version:  - Incredible Charts Pty Ltd)

Intel® Chipset Device Software (HKLM\...\{55398EAC-F58E-4F19-B553-BDF8B9EFD839}) (Version: 10.1.1.9 - Intel Corporation) Hidden

Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel® Corporation) Hidden

Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10603.192 - Intel Corporation)

Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1169 - Intel Corporation)

Intel® Management Engine Components (HKLM\...\{7EEC6C54-5441-472A-8792-A5185CC17DF1}) (Version: 11.0.0.1169 - Intel Corporation) Hidden

Intel® Management Engine Components (HKLM\...\{846DE3C3-F079-4E2D-AE25-74D2B62B1D9F}) (Version: 1.0.0.0 - Intel Corporation) Hidden

Intel® ME UninstallLegacy (HKLM\...\{D622E3AC-0583-4CEC-9455-8B9139C7B4A2}) (Version: 1.0.1.0 - Intel Corporation) Hidden

Intel® Serial IO (HKLM\...\{30E935B2-0DAC-455E-AC76-3C8504DC3D18}) (Version: 30.100.1519.07 - Intel Corporation) Hidden

Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)

Intel® Wireless Bluetooth® (HKLM-x32\...\{588DA478-D4FF-48E3-8290-49F8C4B21283}) (Version: 18.1.1527.1551 - Intel Corporation)

Intel® PROSet/Wireless Software (HKLM-x32\...\{5853172b-5520-4089-9ef4-e26c594382b3}) (Version: 19.30.0 - Intel Corporation)

Intel® PROSet/Wireless WiFi Software (HKLM\...\{224CC1EA-2433-4106-81BA-5D5432B11744}) (Version: 19.30.0.0905 - Intel Corporation) Hidden

Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)

Intel® Trusted Connect Service Client (HKLM\...\{7D84E343-A23D-451C-B123-0195B2D903A6}) (Version: 1.42.17.0 - Intel Corporation) Hidden

Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)

Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version:  - Intel Corporation)

Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: 6.42.15 - Tonec Inc.)

IObit Uninstaller 13 (HKLM-x32\...\IObitUninstall) (Version: 13.6.0.5 - IObit)

Java 8 Update 411 (HKLM-x32\...\{77924AE4-039E-4CA4-87B4-2F32180411F0}) (Version: 8.0.4110.9 - Oracle Corporation)

Kaspersky Internet Security (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden

Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)

Kaspersky Password Manager (HKLM-x32\...\{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab) Hidden

Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{B2F7333E-6C8D-4994-AAC4-FEC8EBBF9611}) (Version: 9.0.2.767 - Kaspersky Lab)

Kaspersky VPN (HKLM-x32\...\{836E6477-FBFF-3ACE-983C-94E91D6FA845}) (Version: 21.14.5.462 - Kaspersky) Hidden

Kaspersky VPN (HKLM-x32\...\InstallWIX_{836E6477-FBFF-3ACE-983C-94E91D6FA845}) (Version: 21.14.5.462 - Kaspersky)

KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.1.5.8 - PandoraTV)

Kodu Game Lab (HKLM-x32\...\{FE2B8481-DF02-4283-B278-02BFEFBF01EB}) (Version: 1.4.184 - Microsoft Research)

LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )

LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)

LauncherSetup (HKLM\...\{FAF92126-24C9-4241-A922-FA6F2C896B4A}) (Version: 2.0.701 - ASUSTeKcomputer.Inc) Hidden

LAV Filters 0.77.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.77.1 - Hendrik Leppkes)

Leawo Blu-ray Player version  3.0.0.0 (HKLM-x32\...\{CF7F52BF-DEE0-44CD-A7E1-AADD5CCECCDD}_is1) (Version: 3.0.0.0 - Leawo Software)

LSI-PS-SRDx (remove only) (HKLM-x32\...\LSI-SRDx) (Version:  - )

Microsoft .NET Host - 5.0.17 (x86) (HKLM-x32\...\{54DE7EA9-E391-4BD2-A373-3A72A18EBDB5}) (Version: 40.68.31213 - Microsoft Corporation) Hidden

Microsoft .NET Host - 6.0.32 (x86) (HKLM-x32\...\{1855786F-395A-4EB8-8927-581D53B129E8}) (Version: 48.128.16743 - Microsoft Corporation) Hidden

Microsoft .NET Host FX Resolver - 5.0.17 (x86) (HKLM-x32\...\{AF01038B-6523-4EA7-9D9E-4F1E2927D88B}) (Version: 40.68.31213 - Microsoft Corporation) Hidden

Microsoft .NET Host FX Resolver - 6.0.32 (x86) (HKLM-x32\...\{8B44FB6C-6343-40DA-97DB-C206A054C9F4}) (Version: 48.128.16743 - Microsoft Corporation) Hidden

Microsoft .NET Runtime - 5.0.17 (x86) (HKLM-x32\...\{59650A2A-3839-46EC-9D9C-6B3B1C743C55}) (Version: 40.68.31213 - Microsoft Corporation) Hidden

Microsoft .NET Runtime - 6.0.32 (x86) (HKLM-x32\...\{7A3488C1-1FF3-4F64-A6FA-5CFCD533A5DB}) (Version: 48.128.16743 - Microsoft Corporation) Hidden

Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.17726.20160 - Microsoft Corporation)

Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 126.0.2592.113 - Microsoft Corporation)

Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 126.0.2592.113 - Microsoft Corporation)

Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.126.0623.0001 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)

Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)

Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)

Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden

Microsoft Windows Desktop Runtime - 5.0.17 (x86) (HKLM-x32\...\{098c6ff7-1af1-4c4a-b86f-c60608c98e31}) (Version: 5.0.17.31219 - Microsoft Corporation)

Microsoft Windows Desktop Runtime - 5.0.17 (x86) (HKLM-x32\...\{0D02D706-44F2-4957-A448-E7259A0B56B9}) (Version: 40.68.31219 - Microsoft Corporation) Hidden

Microsoft Windows Desktop Runtime - 6.0.32 (x86) (HKLM-x32\...\{8E331834-5413-4C57-8E5E-FB2FF60B6D1D}) (Version: 48.128.16742 - Microsoft Corporation) Hidden

Microsoft Windows Desktop Runtime - 6.0.32 (x86) (HKLM-x32\...\{d84a656c-01d4-408c-9586-2c04c996d6ed}) (Version: 6.0.32.33814 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)

Movavi Screen Capture Studio 8 (HKLM-x32\...\Movavi Screen Capture Studio 8) (Version: 8.6.0 - Movavi)

Movavi Video Editor 15 (HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\Movavi Video Editor 15) (Version: 15.4.0 - Movavi)

Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 103.0 (x64 en-US)) (Version: 103.0 - Mozilla)

Mozilla Firefox 72.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 72.0.2 (x64 en-US)) (Version: 72.0.2 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 100.0 - Mozilla)

MyHarmony (HKLM-x32\...\{2AD8F8A1-ECE5-4890-BCC2-B4396370A0D4}) (Version: 1.0.308 - Logitech)

Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.6 - Notepad++ Team)

NTI Backup Now EZ 4 (HKLM-x32\...\{249E38A7-26F9-4C82-A95B-CDA5184A54CF}) (Version: 4.0.2.58c - NTI Corporation) Hidden

NTI Backup Now EZ 4 (HKLM-x32\...\InstallShield_{249E38A7-26F9-4C82-A95B-CDA5184A54CF}) (Version: 4.0.2.58c - NTI Corporation)

NVIDIA 3D Vision Driver 388.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.57 - NVIDIA Corporation)

NVIDIA GeForce Experience 2.5.15.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.46 - NVIDIA Corporation)

NVIDIA Graphics Driver 388.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.57 - NVIDIA Corporation)

NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)

NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.13.7500 - NVIDIA Corporation) Hidden

Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20110 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17726.20108 - Microsoft Corporation) Hidden

OpenShot Video Editor version 2.5.1 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.5.1 - OpenShot Studios, LLC)

Outlook (HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)

Pantone Color Manager 1.0.0 (HKLM-x32\...\Pantone Color Manager_is1) (Version:  - PANTONE)

Pavtube ByteCopy Trial Ver 4.9.3.0 (HKLM-x32\...\{1B559EFF-8E4B-4AD6-9A13-491A0E119906}_is1) (Version:  - )

PDFgear 2.1.5 (HKLM\...\{7DACF63A-4EE4-4837-9AF9-C65D4509FFB4}_is1) (Version: 2.1.5 - PDFgear)

PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 210929 - Kakao Corp.)

PowerPoint (HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)

Private Internet Access (HKLM\...\{33023371-7761-4F81-BBB1-0E0D0D175ACF}) (Version: 3.5.3+07926 - Private Internet Access, Inc.)

Private Internet Access WinTUN Driver (HKLM\...\{0419A0C0-4CC8-459E-9BAE-F3BF5D2E2CCB}) (Version: 1.0 - Private Internet Access, Inc.) Hidden

ProductDaemonSetup (HKLM\...\{0F5183BD-29DA-48CC-93DB-3924DA7EA212}) (Version: 2.0.701 - ASUSTeKcomputer.Inc) Hidden

Radiant Manager (HKLM\...\{31878E8E-C760-4C32-9315-BBA3F780A983}) (Version: 1.0.1.82 - Radiant Imaging Labs)

Radiant Photo (HKLM\...\{68A00392-2F43-4F77-8FC8-FABA5F86FE05}) (Version: 1.3.0.373 - Radiant Imaging Labs)

Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.8.0228.022313 - Razer Inc.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7647 - Realtek Semiconductor Corp.)

Reverso (HKLM-x32\...\{C0D4BC23-E512-47C3-AA47-04A76B61B330}) (Version: 2.13.4.845 - Reverso)

ROG Gaming Center (HKLM-x32\...\{CC182DBF-FC67-4F79-9930-6A2682E60BDD}) (Version: 1.0.1 - ASUS)

ROG MacroKey (HKLM-x32\...\{1101D2B9-7E8C-4361-88D5-AB0A2EB705EC}) (Version: 1.0.4 - ASUS)

SES Driver (HKLM\...\{D8CC254C-C671-4664-9A38-FA368D1E2C97}) (Version: 1.0.0 - Western Digital)

ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 16.0.1 - ShareX Team)

SonicRadarSetup (HKLM\...\{490C61FF-D5A6-4335-A51E-0FC7DC65F591}) (Version: 1.0.0.0 - ASUSTeKcomputer.Inc) Hidden

SonicStudioSetup (HKLM\...\{34BCBD15-E877-4277-A4E1-A8C1E2DE0FE2}) (Version: 2.0.701 - ASUSTeKcomputer.Inc) Hidden

Spotify (HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\Spotify) (Version: 1.0.55.487.g256699aa - Spotify AB)

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

Storage Security Software (HKLM-x32\...\{5D7665A5-9B8B-432E-B9A4-67D2EA8EB268}) (Version: 1.40.0410 - TOSHIBA ELECTRONIC DEVICES & STORAGE CORPORATION)

Subtitle Edit 3.5.14 (HKLM\...\SubtitleEdit_is1) (Version: 3.5.14.1 - Nikse)

SubtitleCreator (HKLM-x32\...\SubtitleCreator) (Version: V2.2 - Erik Vullings)

TCCalc (HKLM-x32\...\E17C2DEA-DD03-430A-8383-D5F3BFEF7401) (Version: 4.1 - Drastic Technologies ltd)

TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.9025 - TeamViewer)

Thunderbolt™ Software (HKLM-x32\...\{E265C71F-14DA-462C-A06A-CBA776B695F1}) (Version: 15.2.32.250 - Intel Corporation)

TreeSize Free V4.7 (64 bit) (HKLM\...\TreeSize Free_is1) (Version: 4.7 - JAM Software)

TypeIt (Trial Version) (HKLM-x32\...\TypeIt) (Version: 1.2.1 - Tomasz P. Szynalski)

UBot Studio 5 (HKLM-x32\...\{5466A53E-389D-4BF6-9A67-E39D735A70BB}) (Version: 5.0.0.0 - Seth Turin Media, Inc.)

Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)

Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden

UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)

V3 Addon Black_and_White_Contrast_Looks (HKLM-x32\...\{00141824-A03A-447D-9B8B-2CAF123C29EA}) (Version: 1.0.1.0 - Radiant Imaging Labs)

V3 Addon Blue_Mondays_Looks (HKLM-x32\...\{1DC2007C-39FA-4FA2-B024-8CEE3E33E8F0}) (Version: 1.0.0.0 - Radiant Imaging Labs)

V3 Addon Looks_by_Matt_Kloskowski (HKLM-x32\...\{6F1F8FC1-4E8E-4FF0-8BF6-A6EED197AE75}) (Version: 1.0.0.0 - Radiant Imaging Labs)

V3 Addon Perfectly_Clear_Legacy_Presets_and_Looks (HKLM-x32\...\{FA5FA81A-DEA8-4252-8801-BDD8B22C5D72}) (Version: 1.0.1.0 - Radiant Imaging Labs)

V3 Addon Randy_Van_Duinen_Architectural (HKLM-x32\...\{F5F466DD-617A-466F-949A-D90C2862269D}) (Version: 1.0.0.0 - Radiant Imaging Labs)

V3 Addon SharkPixel_1_Click_Portrait (HKLM-x32\...\{CB4D6AE2-ABC6-47BB-B956-3482C6A6343F}) (Version: 1.0.0.0 - Radiant Imaging Labs)

V3 Addon SharkPixel_Portrait_Pack (HKLM-x32\...\{2372B960-73BD-481E-ACF5-D4BA179532A8}) (Version: 1.0.0.0 - Radiant Imaging Labs)

V3 Addon Tropical_Summer_Looks (HKLM-x32\...\{92477AF1-601F-4479-A3DE-8F71D3F9796E}) (Version: 1.0.0.0 - Radiant Imaging Labs)

V3 Addon Vivid_Landscapes (HKLM-x32\...\{2C39AE34-607A-4174-9196-856FB7435198}) (Version: 1.0.3.0 - Radiant Imaging Labs)

VidJuice UniTube version 5.5.1 (HKLM\...\VidJuice UniTube_is1) (Version: 5.5.1 - Mobee Technology Co., Limited)

VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.20 - VideoLAN)

VueScan x64 (HKLM\...\VueScan x64) (Version: 9.7.89 - Hamrick Software)

Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden

Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.7.7.0 - Azureus Software, Inc.)

Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.3-3 - Wacom Technology Corp.)

WD Desktop App 2.1.0.335 (HKLM-x32\...\{fdd55732-32b6-4783-9b31-db9ad9f96792}) (Version: 2.1.0.335 - Western Digital Corporation) Hidden

WD Desktop App 2.1.0.335 (x64) (HKLM\...\{CA7F7232-526E-41BD-971A-47BE28C18516}) (Version: 2.1.0.335 - Western Digital Corporation) Hidden

WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 4.4.407 - Western Digital Technologies, Inc.)

WD SES Driver Setup (HKLM-x32\...\{D9ABF771-729C-471F-A6DF-1010527DB376}) (Version: 2.1.0 - Western Digital) Hidden

WD SmartWare (HKLM\...\{07179D37-D5FE-4373-90D9-A25B992EFB3E}) (Version: 1.4.5.5 - Western Digital)

WebStorage (HKLM-x32\...\WebStorage) (Version: 2.2.9.564 - ASUS Cloud Corporation)

WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)

WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)

WFDownloaderApp (HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\{wfdownloaderapp}}_is1) (Version: BETA - WFDownloaderApp)

WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.16 - WildTangent)

Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM  (03/06/2009 1.0.0008.0) (HKLM\...\422991454CB076E9B856C21BBF99AF2B82317EDA) (Version: 03/06/2009 1.0.0008.0 - Western Digital Technologies)

Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)

WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)

WizTree v3.23 (HKLM\...\WizTree_is1) (Version:  - Antibody Software)

Word (HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)

WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.5178 - Kingsoft Corp.)

XRD i1d3 (HKLM-x32\...\{DAEEE97F-6A57-46C9-BE1D-371249F8CAB4}) (Version: 1.0.135 - X-Rite) Hidden

XSplit Gamecaster (HKLM-x32\...\{0E12BEC0-F2EE-43FA-AEA0-24B5E9F80167}) (Version: 2.5.1507.3011 - SplitmediaLabs)

Xvid MPEG-4 Video Codec (HKLM-x32\...\xvid) (Version:  - Xvid Development Team)

Zinio Web Reader (HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\ZinioWebReader) (Version: 4.56.0 - Zinio LLC)

Zoom (HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\ZoomUMX) (Version: 5.13.11 (13434) - Zoom Video Communications, Inc.)

 

Chrome apps:

============

Office (HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\56e6f414d937b4d25b50954b5bdf2b64) (Version: 1.0 - Google\Chrome)

Sight and Sound (HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\46a2d12a8934cd7dcae6830bcdf728ee) (Version: 1.0 - Google\Chrome)

 

Packages:

=========

 

Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_6.0.0.1_x86__enpm4xejd91yc [2024-05-22] (Adobe Systems Incorporated)

Audiobooks from Audible -> C:\Program Files\WindowsApps\AudibleInc.AudibleforWindowsPhone_10.5.67.0_x64__xns73kv1ymhp2 [2021-02-11] (Audible Inc)

Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)

AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.2.1293.0_x64__8wekyb3d8bbwe [2024-06-08] (Microsoft Corporation)

Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.272.400.0_x64__kgqvnymyfvs32 [2024-07-12] (king.com)

Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2024-07-11] (Dropbox Inc.)

HEVC Video Extensions -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_2.1.1804.0_x64__8wekyb3d8bbwe [2024-07-16] (Microsoft Corporation)

IDM Integration Module -> C:\Program Files\WindowsApps\TonecInc.IDMIntegrationModule_6.38.19.0_neutral__e7b5mm5d3r6v2 [2021-03-06] (Tonec FZE)

iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa [2024-05-22] (Apple Inc.) [Startup Task]

Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]

MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-23] (Microsoft Corporation)

Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-01-15] (MAGIX)

Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-14] (Microsoft Corporation)

Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-12-12] (Microsoft Corporation)

PowerPoint -> C:\Program Files\WindowsApps\powerpoint.office.com-3532D2AB_1.0.0.3_neutral__sxc7ffma4ybfy [2023-11-01] (powerpoint.office.com)

PowerPoint -> C:\Program Files\WindowsApps\powerpoint.office.com-8D456796_1.0.0.2_neutral__sxc7ffma4ybfy [2022-11-12] (powerpoint.office.com)

R Player Plus -> C:\Program Files\WindowsApps\56016Ohishi.RPlayerPlus_1.2.0.0_x64__2gg5rf57t5442 [2018-01-13] (Ohishi)

TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2020-12-12] (TripAdvisor LLC)

Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-13] (Twitter Inc.)

Windows File Recovery -> C:\Program Files\WindowsApps\Microsoft.WindowsFileRecovery_0.1.20151.0_x64__8wekyb3d8bbwe [2023-01-05] (Microsoft Corporation)

ZINIO -> C:\Program Files\WindowsApps\www.zinio.com-F553E9BE_1.0.0.3_neutral__ha0z4kz9e0e54 [2023-11-01] (www.zinio.com)

ZINIO -> C:\Program Files\WindowsApps\www.zinio.com-F8E0C4CE_1.0.0.2_neutral__ha0z4kz9e0e54 [2022-11-12] (www.zinio.com)

Zip Extractor Pro -> C:\Program Files\WindowsApps\38526MediaLife.ZipPlus_2.0.4.0_x86__1crh1k73ty8mg [2021-01-13] (Media Life)

 

==================== Custom CLSID (Whitelisted): ==============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKU\S-1-5-21-3624156614-4154489229-1379725982-1001_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) [File not signed]

CustomCLSID: HKU\S-1-5-21-3624156614-4154489229-1379725982-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-7ECD9146228B} -> [Creative Cloud Files Personal Account [email protected] BB74632747CF4DD7992016B8@AdobeID] => C:\Users\Martin\Creative Cloud Files Personal Account [email protected] BB74632747CF4DD7992016B8@AdobeID [2016-08-21 21:31]

CustomCLSID: HKU\S-1-5-21-3624156614-4154489229-1379725982-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)

CustomCLSID: HKU\S-1-5-21-3624156614-4154489229-1379725982-1001_Classes\CLSID\{3311951C-7CCA-41AC-A91F-294E8266D394}\InprocServer32 -> C:\Users\Martin\AppData\Local\Reverso\Reverso\Reverso.Addin.Control.dll (REVERSO S.A.S. -> Reverso Inc.)

CustomCLSID: HKU\S-1-5-21-3624156614-4154489229-1379725982-1001_Classes\CLSID\{5BF80CC0-C89A-4A30-A482-1CE51A0A4888}\InprocServer32 -> C:\Users\Martin\AppData\Local\Reverso\Reverso\Reverso.Addin.dll (REVERSO S.A.S. -> Reverso Inc.)

CustomCLSID: HKU\S-1-5-21-3624156614-4154489229-1379725982-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Martin\Dropbox [2016-06-19 12:47]

CustomCLSID: HKU\S-1-5-21-3624156614-4154489229-1379725982-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)

SSODL: WDFSMountNotificator-wdfsconnect2017 - {A31ABAD4-B79D-48B0-AFC2-B2B16FB06187} - C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]

SSODL-x32: WDFSMountNotificator-wdfsconnect2017 - {A31ABAD4-B79D-48B0-AFC2-B2B16FB06187} - C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]

ShellServiceObjects: Virtual Storage Mount Notification -> {A31ABAD4-B79D-48B0-AFC2-B2B16FB06187} => C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]

ShellServiceObjects-x32: Virtual Storage Mount Notification -> {A31ABAD4-B79D-48B0-AFC2-B2B16FB06187} => C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]

ShellIconOverlayIdentifiers: [                                     IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2021-03-03] (Tonec Inc. -> Tonec FZE)

ShellIconOverlayIdentifiers: [    WDDesktopIconOverlay01] -> {4F8A325E-9DAF-44B8-A825-1A14DFA0FA78} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-29] (Western Digital Technologies, Inc. -> Western Digital Corporation)

ShellIconOverlayIdentifiers: [    WDDesktopIconOverlay02] -> {0176BDDE-B59A-4A1E-808B-CAD461415CCA} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-29] (Western Digital Technologies, Inc. -> Western Digital Corporation)

ShellIconOverlayIdentifiers: [    WDDesktopIconOverlay03] -> {B65909D1-57AF-41F5-AB94-BEB733F62B35} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-29] (Western Digital Technologies, Inc. -> Western Digital Corporation)

ShellIconOverlayIdentifiers: [    WDDesktopIconOverlay04] -> {C6C2397D-8238-4332-8935-86C39C7C165F} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-29] (Western Digital Technologies, Inc. -> Western Digital Corporation)

ShellIconOverlayIdentifiers: [    WDDesktopIconOverlay05] -> {E7B3BCF9-0386-4B5F-AE6A-91B9F1423973} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-29] (Western Digital Technologies, Inc. -> Western Digital Corporation)

ShellIconOverlayIdentifiers: [    WDDesktopIconOverlay06] -> {564EA121-D9DA-485D-82C2-C2ED7BFCCEAD} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-29] (Western Digital Technologies, Inc. -> Western Digital Corporation)

ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-07-16] (Adobe Inc. -> )

ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-07-16] (Adobe Inc. -> )

ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-07-16] (Adobe Inc. -> )

ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.2.9.564\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]

ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.9.564\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]

ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.9.564\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]

ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.126.0623.0001\FileSyncShell64.dll [2024-07-06] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]

ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-07-16] (Adobe Inc. -> )

ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu64.dll [2015-09-25] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2024-03-07] (IObit CO., LTD -> IObit)

ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\contextMenu\NppShell.dll [2023-11-24] (Notepad++ -> Bjarke I. Pedersen [email protected])

ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-05-01] (Foxit Software Incorporated -> Foxit Software Inc.)

ContextMenuHandlers1: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2024-04-26] (IObit CO., LTD -> IObit)

ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2024-04-26] (IObit CO., LTD -> IObit)

ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2022-02-18] (AO Kaspersky Lab -> AO Kaspersky Lab)

ContextMenuHandlers1: [WDDesktopContextMenu] -> {f97d48aa-d72e-39ad-bf37-0b90de70ca2a} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-29] (Western Digital Technologies, Inc. -> Western Digital Corporation)

ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2024-03-07] (IObit CO., LTD -> IObit)

ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2022-02-18] (AO Kaspersky Lab -> AO Kaspersky Lab)

ContextMenuHandlers3: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2024-03-07] (IObit CO., LTD -> IObit)

ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.2.9.564\ASUSWSContextMenu.dll [2016-06-22] (ASUS Cloud Corporation -> ASUS Cloud Corporation)

ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.126.0623.0001\FileSyncShell64.dll [2024-07-06] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]

ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll [2024-03-07] (IObit CO., LTD -> IObit)

ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers4: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2024-04-26] (IObit CO., LTD -> IObit)

ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2024-04-26] (IObit CO., LTD -> IObit)

ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2022-02-18] (AO Kaspersky Lab -> AO Kaspersky Lab)

ContextMenuHandlers4: [WDDesktopContextMenu] -> {f97d48aa-d72e-39ad-bf37-0b90de70ca2a} => C:\Program Files\WD Desktop App\kda.DLL [2022-09-29] (Western Digital Technologies, Inc. -> Western Digital Corporation)

ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.126.0623.0001\FileSyncShell64.dll [2024-07-06] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.75.0.dll [2024-06-25] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-05] (NVIDIA Corporation -> NVIDIA Corporation)

ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]

ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-07-16] (Adobe Inc. -> )

ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu64.dll [2015-09-25] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

ContextMenuHandlers6: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2024-04-26] (IObit CO., LTD -> IObit)

ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2024-04-26] (IObit CO., LTD -> IObit)

ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2022-02-18] (AO Kaspersky Lab -> AO Kaspersky Lab)

 

==================== Codecs (Whitelisted) ====================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [236544 2011-12-19] () [File not signed]

HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

HKLM\...\Drivers32: [vidc.MPG4] => C:\Windows\SysWOW64\MPG4c32.dll [413760 2001-01-07] (Microsoft Corporation) [File not signed]

HKLM\...\Drivers32: [vidc.MP42] => C:\Windows\SysWOW64\MPG4c32.dll [413760 2001-01-07] (Microsoft Corporation) [File not signed]

HKLM\...\Drivers32: [vidc.MP43] => C:\Windows\SysWOW64\MPG4c32.dll [413760 2001-01-07] (Microsoft Corporation) [File not signed]

 

==================== Shortcuts & WMI ========================

 

(The entries could be listed to be restored or removed.)

 

Shortcut: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 12 (x64)\DVDFab 12 Online.lnk -> hxxp://www.dvdfab.cn/?s=dvdfab12&v=12.0.1.

ShortcutWithArgument: C:\Users\Martin\Desktop\[email protected] - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"

ShortcutWithArgument: C:\Users\Martin\Desktop\Office.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 1" --app-id=ocdlmjhbenodhlknglojajgokahchlkk

ShortcutWithArgument: C:\Users\Martin\Desktop\Personal - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Default"

ShortcutWithArgument: C:\Users\Martin\Desktop\Sight and Sound (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 1" --app-id=fphkannleppkbhgdoidhmonmbhnekiao

ShortcutWithArgument: C:\Users\Martin\Desktop\Sight and Sound.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 1" --app-id=fphkannleppkbhgdoidhmonmbhnekiao

ShortcutWithArgument: C:\Users\Martin\Desktop\Sydney - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

ShortcutWithArgument: C:\Users\Martin\Desktop\ZINIO.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 1" --app-id=alijdkkemaoikmmpgjanpgmgecbinjcn

ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm --app-url=hxxps://excel.office.com/

ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb --app-url=hxxps://outlook.com/

ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf --app-url=hxxps://powerpoint.office.com/

ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) ->  --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi --app-url=hxxps://word.office.com/

ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Office.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 1" --app-id=ocdlmjhbenodhlknglojajgokahchlkk

ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sight and Sound (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 1" --app-id=fphkannleppkbhgdoidhmonmbhnekiao

ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sight and Sound.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 1" --app-id=fphkannleppkbhgdoidhmonmbhnekiao

ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\ZINIO.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 1" --app-id=alijdkkemaoikmmpgjanpgmgecbinjcn

ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\ff13ca23fee04978\martin - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 5"

ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\maggie - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 4"

ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Martin ([email protected]) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"

 

==================== Loaded Modules (Whitelisted) =============

 

2010-03-05 08:24 - 2010-03-05 08:24 - 000886272 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\System.Data.SQLite.dll

2015-08-26 03:10 - 2015-08-26 03:10 - 000124928 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll

2015-08-26 03:10 - 2015-08-26 03:10 - 000027648 _____ () [File not signed] C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll

2023-05-26 12:36 - 2023-05-26 12:36 - 001987072 _____ () [File not signed] C:\Program Files (x86)\Western Digital\Discovery\Current\ffmpeg.dll

2023-05-26 12:36 - 2023-05-26 12:36 - 000117248 _____ () [File not signed] C:\Program Files (x86)\Western Digital\Discovery\Current\swiftshader\libegl.dll

2023-05-26 12:36 - 2023-05-26 12:36 - 002250240 _____ () [File not signed] C:\Program Files (x86)\Western Digital\Discovery\Current\swiftshader\libglesv2.dll

2015-08-15 02:43 - 2015-08-15 02:43 - 000120320 _____ () [File not signed] C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\sradarlauncher.dll

2020-07-20 23:28 - 2020-07-20 23:28 - 002637985 _____ () [File not signed] C:\Program Files\WD Desktop App\libfusewdfs.dll

2015-04-22 23:29 - 2015-04-22 23:29 - 001489920 _____ (ASUS Cloud Corporation.) [File not signed] C:\Program Files (x86)\Common Files\AWS\2.2.9.564\ASUSWSShellExt64.dll

2015-08-26 03:10 - 2015-08-26 03:10 - 001680384 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ApplyLUT.dll

2015-08-26 03:10 - 2015-08-26 03:10 - 000178688 _____ (ASUS TeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\GenLUT.dll

2015-08-26 03:10 - 2015-08-26 03:10 - 000164864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\Splendid\ColorU.dll

2011-11-04 11:26 - 2011-11-04 11:26 - 000430592 _____ (Audible, Inc.) [File not signed] C:\Program Files (x86)\Audible\Bin\AAXSDKWin.dll

2008-07-29 01:51 - 2008-07-29 01:51 - 000245760 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\msvcm90.dll

2008-07-29 02:54 - 2008-07-29 02:54 - 000225280 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\msvcm90.dll

2008-04-11 10:54 - 2008-04-11 10:54 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint\MSVCR71.dll

2008-04-11 10:54 - 2008-04-11 10:54 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\MSVCR71.dll

2017-01-09 12:53 - 2004-08-17 11:00 - 000413696 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\MSVCP60.dll

2023-03-21 14:41 - 2023-03-21 14:41 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll

2023-03-21 14:41 - 2023-03-21 14:41 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll

2015-12-25 15:20 - 2015-10-04 17:53 - 001439184 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll

2015-12-25 15:20 - 2015-10-04 17:52 - 001710568 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\WINDOWS\system32\nvspcap64.dll

2020-08-24 21:55 - 2017-12-05 04:13 - 000760032 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll

2020-08-24 21:55 - 2017-12-05 04:13 - 000874696 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll

2020-08-24 21:55 - 2017-12-05 04:13 - 000339256 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll

2024-03-04 09:51 - 2023-12-12 22:51 - 000170472 _____ (Private Internet Access, Inc. -> ) [File not signed] C:\Program Files\Private Internet Access\kapps_core.dll

2024-03-04 09:51 - 2023-12-12 22:51 - 000249832 _____ (Private Internet Access, Inc. -> ) [File not signed] C:\Program Files\Private Internet Access\kapps_net.dll

2024-03-04 09:51 - 2023-12-12 22:51 - 000386536 _____ (Private Internet Access, Inc. -> ) [File not signed] C:\Program Files\Private Internet Access\kapps_regions.dll

2024-03-04 09:51 - 2023-12-12 22:51 - 001127400 _____ (Private Internet Access, Inc. -> ) [File not signed] C:\Program Files\Private Internet Access\pia-commonlib.dll

2024-03-04 09:51 - 2023-12-12 22:51 - 000566248 _____ (Private Internet Access, Inc. -> Microsoft Corporation) [File not signed] C:\Program Files\Private Internet Access\MSVCP140.dll

2024-03-04 09:51 - 2023-12-12 22:51 - 000024040 _____ (Private Internet Access, Inc. -> Microsoft Corporation) [File not signed] C:\Program Files\Private Internet Access\MSVCP140_1.dll

2024-03-04 09:51 - 2023-12-12 22:51 - 000097256 _____ (Private Internet Access, Inc. -> Microsoft Corporation) [File not signed] C:\Program Files\Private Internet Access\VCRUNTIME140.dll

2024-03-04 09:51 - 2023-12-12 22:51 - 000037352 _____ (Private Internet Access, Inc. -> Microsoft Corporation) [File not signed] C:\Program Files\Private Internet Access\VCRUNTIME140_1.dll

2024-03-04 09:51 - 2023-12-12 22:51 - 003695160 _____ (Private Internet Access, Inc. -> The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Private Internet Access\libcrypto-1_1-x64.dll

2024-03-04 09:51 - 2023-12-12 22:51 - 000933576 _____ (Private Internet Access, Inc. -> The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Private Internet Access\libssl-1_1-x64.dll

2024-03-04 09:51 - 2023-12-12 22:51 - 006025704 _____ (Private Internet Access, Inc. -> The Qt Company Ltd.) [File not signed] C:\Program Files\Private Internet Access\Qt5Core.dll

2024-03-04 09:51 - 2023-12-12 22:51 - 001342440 _____ (Private Internet Access, Inc. -> The Qt Company Ltd.) [File not signed] C:\Program Files\Private Internet Access\Qt5Network.dll

2024-03-04 09:51 - 2023-12-12 22:51 - 000215528 _____ (Private Internet Access, Inc. -> The Qt Company Ltd.) [File not signed] C:\Program Files\Private Internet Access\Qt5Xml.dll

2023-08-08 18:59 - 2023-08-08 18:59 - 000242688 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\epnsm.dll

2023-08-08 18:59 - 2023-08-08 18:59 - 000057856 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\EPNWPSHDevFinder.DLL

2023-08-08 18:59 - 2023-08-08 18:59 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\LcMgr.dll

2016-09-14 13:31 - 2016-09-14 13:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll

2015-06-02 15:19 - 2015-06-02 15:19 - 000340480 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\Audible\Bin\AuthPortalActivation.dll

2021-05-14 17:21 - 2017-11-10 12:51 - 000180224 _____ (Western Digital Technologies, Inc.) [File not signed] C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll

2011-03-09 10:15 - 2011-03-09 10:15 - 000105472 _____ (Western Digital) [File not signed] C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\Vista\Shadow.dll

 

==================== Alternate Data Streams (Whitelisted) ========

 

(If an entry is included in the fixlist, only the ADS will be removed.)

 

AlternateDataStreams: C:\Users\Martin\Desktop\youtube-dl.exe:com.dropbox.attrs [54]

 

==================== Safe Mode (Whitelisted) ==================

 

==================== Association (Whitelisted) =================

 

==================== Internet Explorer (Whitelisted) ==========

 

HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE

SearchScopes: HKU\S-1-5-21-3624156614-4154489229-1379725982-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-21-3624156614-4154489229-1379725982-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2021-11-08] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)

BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2024-04-26] (IObit CO., LTD -> IObit)

BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2016-08-03] (LastPass (Marvasol Inc) -> LastPass)

BHO: No Name -> {A31ABAD4-B79D-48B0-AFC2-B2B16FB06187}' -> No File

BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2021-11-08] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre-1.8\bin\ssv.dll [2024-03-13] (Oracle America, Inc. -> Oracle Corporation)

BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2016-08-03] (LastPass (Marvasol Inc) -> LastPass)

BHO-x32: No Name -> {A31ABAD4-B79D-48B0-AFC2-B2B16FB06187}' -> No File

BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre-1.8\bin\jp2ssv.dll [2024-03-13] (Oracle America, Inc. -> Oracle Corporation)

BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2016-08-03] (LastPass (Marvasol Inc) -> LastPass)

Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2016-08-03] (LastPass (Marvasol Inc) -> LastPass)

Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-25] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

Toolbar: HKU\S-1-5-21-3624156614-4154489229-1379725982-1001 -> No Name - {EF293C5A-9F37-49FD-91C4-2B867063FC54} -  No File

Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-29] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-29] (Microsoft Corporation -> Microsoft Corporation)

Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-29] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-29] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-29] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-29] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-29] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-29] (Microsoft Corporation -> Microsoft Corporation)

 

==================== Hosts content: =========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2015-10-30 16:54 - 2015-10-30 16:51 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

 

==================== Other Areas ===========================

 

(Currently there is no automatic fix for this section.)

 

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\java8path;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\dotnet\

HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper

DNS Servers: 192.168.1.1 - 198.153.192.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)

Windows Firewall is enabled.

 

Network Binding:

=============

Local Area Connection: Private Internet Access Network Adapter -> tap-pia-0901.sys

Ethernet 3: TAP-Windows Adapter V9 -> tap0901.sys

Bluetooth Network Connection 2: Bluetooth Device (Personal Area Network) #2 -> bthpan.sys

Ethernet: Realtek PCIe GBE Family Controller -> rt640x64.sys

Wi-Fi: Intel® Dual Band Wireless-AC 8260 -> Netwtw06.sys

Local Area Connection 2: Kaspersky VPN -> kltun.sys

Ethernet 7: Kaspersky Security Data Escort Adapter #2 ->

 

KL_KLIM6: Kaspersky Anti-Virus NDIS 6 Filter

netvsc_vfpp: Microsoft NetVsc Failover VF Protocol

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

==================== FirewallRules (Whitelisted) ================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [UDP Query User{0B34AA04-5D82-4538-A3BF-714E7053BE60}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)

FirewallRules: [TCP Query User{D83869E0-9F60-4D38-B40B-81C1676C08E4}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)

FirewallRules: [{79935722-FD69-4B5F-9398-56197C0CA019}] => (Allow) C:\Users\Martin\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FirewallRules: [{57EF28EB-CAA4-4D01-9CBE-F0DA5D985A53}] => (Allow) C:\Users\Martin\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FirewallRules: [{2525B00C-84C2-4599-9787-C46ADC99883B}] => (Allow) C:\Program Files (x86)\newsbinpro64.exe (DJI Interprises, LLC -> CMCEI) [File not signed]

FirewallRules: [{9D305F37-73DF-49E9-BEBC-1BD9F5B151E1}] => (Allow) C:\Program Files (x86)\newsbinpro64.exe (DJI Interprises, LLC -> CMCEI) [File not signed]

FirewallRules: [{0B9082BD-0F49-4523-A274-0D4058E39E11}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{B24D8236-3CE3-47E4-92BE-8C85C3A22834}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{00E259F9-B93E-4B9D-8057-96ECAE7E16B0}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )

FirewallRules: [{78B84070-4CEF-4E34-8EFC-C36DE4EF7614}] => (Block) C:\users\martin\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{A10F6991-DB11-480D-87CD-4942F025875C}] => (Block) C:\users\martin\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [UDP Query User{93AC9E75-431B-46C5-8D6D-145A8B63CE47}C:\users\martin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\martin\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [TCP Query User{E5D3377C-0AB1-4F03-9ADC-544B722FDA9D}C:\users\martin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\martin\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [{3A07D589-AB07-49FA-AE91-DE04C2C3A54C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{EA01AC6D-83DC-4A39-80EE-95BADB912462}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{5FFF7424-6A8F-4737-A9B7-2E2720EB9FBE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{18CF9B46-1A4F-4107-A9BE-2E450CF492F4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{78D73C70-0A44-4835-B244-990C1F411184}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{CBF686E1-C7FF-4118-9879-09761D99C648}] => (Allow) C:\Windows\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{70F6DDFB-C93F-4F38-82F7-0458F9D636B9}] => (Allow) C:\Windows\system32\ftp.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{C5C6161D-D234-438A-92DD-BF4F9921BF4D}] => (Allow) C:\Windows\SysWOW64\ftp.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{E1912AFB-A3D6-4704-8C0A-A806D72CDFE7}] => (Allow) C:\Windows\SysWOW64\ftp.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{D77EF182-58CB-43CD-9B6B-362126CF2E96}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe () [File not signed]

FirewallRules: [{A9D4BD1A-5CB8-4939-9FE9-9C4B6CF9447F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe () [File not signed]

FirewallRules: [TCP Query User{681817F9-FCAB-4F6A-A99C-F5DDFA20C4DC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe () [File not signed]

FirewallRules: [UDP Query User{8917F0CC-F64F-4313-8195-DFD3616E903A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe () [File not signed]

FirewallRules: [{F4046FDA-AD16-4552-9319-74AB281E63C1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)

FirewallRules: [{7BCAA610-8434-4009-81D9-F60AFF69B6C7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)

FirewallRules: [{1F20F0BE-366D-4662-B16E-30081F0247FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Memoir '44 Online\Memoir'44 Online.exe (Days of Wonder) [File not signed]

FirewallRules: [{3079EFF6-10CA-4972-B927-E89919A41C3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Memoir '44 Online\Memoir'44 Online.exe (Days of Wonder) [File not signed]

FirewallRules: [{F8941F5D-8401-462E-B781-2F5482C21662}] => (Allow) C:\Program Files (x86)\IncredibleCharts\IncredibleCharts.exe (Incredible Charts Pty ltd -> )

FirewallRules: [{BCE16F33-81DA-42E6-B139-C19AF65B6A54}] => (Allow) C:\Program Files (x86)\IncredibleCharts\IncredibleCharts.exe (Incredible Charts Pty ltd -> )

FirewallRules: [{239D1A8B-78DD-48B9-95E0-3C48B277FF2E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)

FirewallRules: [{8876D9BB-09B0-4F36-BB92-E850472E92DF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)

FirewallRules: [{C8764300-6CC7-47BC-B145-CC70BBA06E40}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)

FirewallRules: [{5236571B-DEB3-4909-BF8E-79DFB9E11F05}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)

FirewallRules: [{28D0DF66-7159-441A-8FF5-C2FC051648DB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)

FirewallRules: [{A69D4450-B8CC-4598-997F-86DF36F56D6B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)

FirewallRules: [{2F1D0136-7F84-4DE5-BD89-F8E1DD66AA3B}] => (Allow) C:\Program Files (x86)\TOSHIBA\Storage Security Software\TosHddscSvc.exe (Toshiba Electronic Devices & Storage Corporation -> TOSHIBA ELECTRONIC DEVICES & STORAGE CORPORATION)

FirewallRules: [{ACC3DDA8-64D7-4934-BBAB-38D1D67E5AF3}] => (Allow) C:\Program Files (x86)\TOSHIBA\Storage Security Software\Toshddsc.exe (Toshiba Electronic Devices & Storage Corporation -> TOSHIBA ELECTRONIC DEVICES & STORAGE CORPORATION)

FirewallRules: [{CE75EC1E-D4A2-4A10-8FE5-3564CBDF631A}] => (Allow) C:\Program Files\OpenShot Video Editor\openshot-qt.exe (OpenShot Studios, LLC) [File not signed]

FirewallRules: [{9E3A838C-B032-434C-98B1-35AC797D0307}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)

FirewallRules: [{E6EE1BFE-7E7B-4BAD-8817-CC082F16CA46}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)

FirewallRules: [{EBAA3E2C-D88F-479B-B8D5-EF7CA7B3DA68}] => (Allow) C:\Program Files\VueScan\vuescan.exe (Hamrick Software -> Hamrick Software)

FirewallRules: [{50EBDFED-9B51-42B8-A89F-3CE47B382EE8}] => (Allow) C:\Program Files\VueScan\vuescan.exe (Hamrick Software -> Hamrick Software)

FirewallRules: [{88E2874D-6070-4A06-A522-16AF3D6A98C9}] => (Allow) C:\Users\Martin\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File

FirewallRules: [{74E19CD6-78A3-4F64-AAF3-AE6AFD0D6ABE}] => (Allow) C:\Users\Martin\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File

FirewallRules: [{DE805E51-7238-41C7-AB8F-5957BC8922E6}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)

FirewallRules: [{3D3D5264-3013-4298-96A7-C435751F68AF}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)

FirewallRules: [{F8A88748-C1FA-4DC8-802C-4E7A11A0EAE0}] => (Allow) C:\Program Files (x86)\Pantone Color Manager\PantoneColorManager.exe (X-Rite) [File not signed]

FirewallRules: [{5848BDF2-AA88-4B81-91C1-C1DB058118BF}] => (Allow) C:\Program Files (x86)\Pantone Color Manager\PantoneColorManager.exe (X-Rite) [File not signed]

FirewallRules: [{79F53F8A-CCA6-4289-9427-E91D66A86909}] => (Allow) C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplms.exe (Gemalto, Inc. -> SafeNet, Inc.)

FirewallRules: [{E55CB47F-BAD6-4F25-B645-C7174D426F4E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)

FirewallRules: [{83231117-7C4B-4C44-983F-F0DB39846F46}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)

FirewallRules: [{123B9B4D-366F-4ED5-B493-E4F8173C0A51}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)

FirewallRules: [{1EF7E2F3-F56D-45B6-A44E-06D9210BE771}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)

FirewallRules: [{44BEA72B-2DDA-4904-8B67-082853A418AF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)

FirewallRules: [{6637D182-D29E-42E7-ABC3-95E1FA5FD2B8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)

FirewallRules: [{20D3FA7C-0B4D-48C3-ABEE-46BBA17A9D42}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)

FirewallRules: [{2F685E8C-5790-4675-9088-21F48A96126F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)

FirewallRules: [{20A2741B-CB63-4234-9014-15E6C4A0373A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{F129D6B2-4866-4107-BB45-81EDE2190C97}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.123.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{464BB2C6-30CE-4588-B70B-1D41DC74D8A6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.123.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{41D48243-9C19-4769-B85A-B7C7FE81D423}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.123.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{CA9AF409-0B90-4922-A267-29E4F3E83E08}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.123.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{885B438B-E39D-46AE-B1BE-C69445A3A1FD}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

FirewallRules: [{65D6945E-02AB-4A9B-B9A4-6CF7A4583581}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

FirewallRules: [{49374907-489A-4D61-9008-7BC6203C092A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

FirewallRules: [{D42C89F1-BDEB-4FCC-A295-7D40633C3833}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.113\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

 

==================== Restore Points =========================

 

19-07-2024 12:40:28 Scheduled Checkpoint

 

==================== Faulty Device Manager Devices ============

 

Name: Kaspersky Security Data Escort Adapter #2

Description: Kaspersky VPN

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Kaspersky VPN Provider

Service: kltap

Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)

Resolution: A registry problem was detected.

 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

 

Name: Unknown USB Device (Device Descriptor Request Failed)

Description: Unknown USB Device (Device Descriptor Request Failed)

Class Guid: {36fc9e60-c465-11cf-8056-444553540000}

Manufacturer: (Standard USB Host Controller)

Service:

Problem: : Windows has stopped this device because it has reported problems. (Code 43)

Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

 

 

==================== Event log errors: ========================

 

Application errors:

==================

Error: (07/23/2024 10:18:35 AM) (Source: DbxSvc) (EventID: 281) (User: )

Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

 

Error: (07/23/2024 10:18:35 AM) (Source: DbxSvc) (EventID: 281) (User: )

Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

 

Error: (07/23/2024 10:18:35 AM) (Source: DbxSvc) (EventID: 322) (User: )

Description: Failed to get driver message: (-2147024890) The handle is invalid.

 

Error: (07/23/2024 10:18:35 AM) (Source: DbxSvc) (EventID: 281) (User: )

Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

 

Error: (07/23/2024 10:11:21 AM) (Source: DbxSvc) (EventID: 281) (User: )

Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

 

Error: (07/23/2024 10:10:15 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: SS2svc32.exe, version: 0.0.0.0, time stamp: 0x55cd952a

Faulting module name: ntdll.dll, version: 10.0.19041.4522, time stamp: 0xb524fb5b

Exception code: 0xc0000005

Fault offset: 0x0005f791

Faulting process ID: 0x530

Faulting application start time: 0x01dadc98e146bd10

Faulting application path: C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2svc32.exe

Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll

Report ID: 578b9c57-b911-48f7-a5b4-3a689322812e

Faulting package full name:

Faulting package-relative application ID:

 

Error: (07/22/2024 10:12:03 PM) (Source: DbxSvc) (EventID: 281) (User: )

Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

 

Error: (07/22/2024 10:12:03 PM) (Source: DbxSvc) (EventID: 281) (User: )

Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.

 

 

System errors:

=============

Error: (07/22/2024 10:06:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Kingsoft_WPS_UpdateService service failed to start due to the following error:

The service did not respond to the start or control request in a timely fashion.

 

Error: (07/22/2024 10:06:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (45000 milliseconds) while waiting for the Kingsoft_WPS_UpdateService service to connect.

 

Error: (07/22/2024 10:05:46 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OTB3QSE)

Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

 

Error: (07/22/2024 10:05:46 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OTB3QSE)

Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

 

Error: (07/22/2024 10:05:40 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OTB3QSE)

Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

 

Error: (07/21/2024 10:39:52 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OTB3QSE)

Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

 

Error: (07/21/2024 10:39:52 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OTB3QSE)

Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

 

Error: (07/21/2024 10:39:52 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OTB3QSE)

Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

 

 

CodeIntegrity:

===============

Date: 2024-07-23 10:41:23

Description:

Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

 

==================== Memory info ===========================

 

BIOS: American Megatrends Inc. G752VY.208 12/08/2015

Motherboard: ASUSTeK COMPUTER INC. G752VY

Processor: Intel® Core™ i7-6700HQ CPU @ 2.60GHz

Percentage of memory in use: 49%

Total physical RAM: 16322.36 MB

Available physical RAM: 8263.76 MB

Total Virtual: 32194.36 MB

Available Virtual: 23168.76 MB

 

==================== Drives ================================

 

Drive c: (OS) (Fixed) (Total:237.4 GB) (Free:24.81 GB) (Model: NVMe SAMSUNG MZVPV256) NTFS ==>[system with boot components (obtained from drive)]

Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:402.84 GB) (Model: HGST HTS541010A9E680) NTFS

Drive f: (POCKET) (Removable) (Total:3.6 GB) (Free:3.33 GB) FAT32

 

\\?\Volume{4e5d5228-3e56-429f-91c7-273e12eb4910}\ () (Fixed) (Total:0.81 GB) (Free:0.09 GB) NTFS

\\?\Volume{f9046407-34d0-4c9d-a60b-5226098eaa40}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.05 GB) FAT32

 

==================== MBR & Partition Table ====================

 

==========================================================

Disk: 0 (Size: 931.5 GB) (Disk ID: E7B4C6B6)

 

Partition: GPT.

 

==========================================================

Disk: 1 (Size: 238.5 GB) (Disk ID: 26F40E11)

 

Partition: GPT.

 

==========================================================

Disk: 2 (MBR Code: Windows XP) (Size: 3.6 GB) (Disk ID: C3072E18)

Partition 1: (Not Active) - (Size=3.6 GB) - (Type=FAT32)

 

==================== End of Addition.txt =======================


  • 0

#4
SydneyCarton

SydneyCarton

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

News Flash - my computer is suddenly running OK again!
I just checked it without much hope, and found that Chrome and Edge are now working, my email is working again, and another problem I had - that I couldn't download files from OneDrive - is fixed. It's weird, I had three days when I  couldn't really work with the computer, and now it's working again. This didn't affect my wife's computer, which is what I used to contact Greeks to Go. I don't know if the problem will return, but for the moment I seem to be alright. The Addition.txt was from when I had the the original problem - I don't know if it gives any clues.


  • 0

#5
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,258 posts

Hi, SydnayCarton.
 
I'm glad to hear that your computer is back to normal!
 
However, it needs some maintenance, and I can do this for you, if you like.
 
In case you do like me to guide you, you must first consent to the following:


1. Always ask before acting. Do not continue if you are not sure, or if something unexpected happens!

2. Do not run any tools unless instructed to do so. Also, do not uninstall or install any software during the procedure, unless I ask you to do so.

3. Cracked or pirated programs are not only illegal, but also can make your computer a malware target. Having such programs installed, is the easiest way to get infected. Thus, no need to clean the computer, since, soon or later, it will get infected again. If you have such programs, please uninstall them now, before we start the cleaning procedure.

4. If your computer seems to start working normally, don't abandon the topic. Even if your system is behaving normally, there may still be some malware remnants left over. Additionally, malware can re-infect the computer if some remnants are left. Therefore, please complete all requested steps to make sure any malware is successfully eradicated from your PC.

5. You have to reply to my posts within 3 days. If you need some additional time, just let me know. Otherwise, I will leave the topic due to lack of feedback. If you are able, I would request you to check this thread at least once per day so that we can resolve your issues effectively and efficiently.

6. Logs from malware diagnostic or removal programs can take some time to get analyzed. Also, have in mind that all the experts here are volunteers and may not be available to assist when you post. Please, be patient, while I analyze your logs.

 

 

=====================

 

Let me know about your decision. 


  • 0

#6
SydneyCarton

SydneyCarton

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Hi Dr M

I really appreciate your generous offer of help. I will follow the guidelines you listed above. Let's do it
As far as I know I don't have any cracked or pirated programs.

SC


Edited by SydneyCarton, 24 July 2024 - 06:04 PM.

  • 0

#7
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,258 posts

Hi, Sydney.
 
Let's begin, then.
 

1. P2P programs

You have Vuze installed in your computer. This is a P2P program. P2P programs form a direct conduit on to a computer. They have always been a target of malware writers and are increasingly so of late. P2P security measures are easily circumvented and if your P2P program is not configured correctly, you may be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to the file sharing network by a badly configured program. If you don't uninstall it, your computer will probably get infected, soon or later. But it is your computer and of course your decision.

  • If you decide to keep it, DON'T use it during the cleaning procedure.
  • If you decide to uninstall it, uninstall it along with the unwanted programs in Step 2 below.

 

2. Optimizers

Have in mind that the optimizer Advance System Care by IOBit, as well as other driver updaters and system optimizers, are often marked as potentially unwanted programs. Here it is an article about Advance System Care by Malwarebytes, if you want to get more information about it. My recommendation is to uninstall it now.

 

 

 

In your next reply, please post:

  1. Your decision about the above programs. If you uninstalled them, let me know if the procedure ran smoothly.
  2. Fresh FRST logs after the uninstalls. Please, attach them for me, instead of copy/paste them. (To attach the files, click on the More Reply Options at the bottom right of the reply area, and then choose Attach File)
     

  • 0

#8
SydneyCarton

SydneyCarton

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Hi Dr M

I will uninstall both Vuze and Advanced System Care.

What about IOBIT uninstaller, is that OK?

Can I use it to do the uninstalls, or should I use the Windows uninstaller? I heard that the IOBIT uninstaller was more effective.
SC


  • 0

#9
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,258 posts

Hi, Sydney.

 

Yes, you can keep the Uninstaller. My warning is related to the optimizers.


  • 0

#10
SydneyCarton

SydneyCarton

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Hi Dr M

OK, I uninstalled both programs. When I uninstalled Advanced System Care, I got a message that said "Advanced System Care uninstall completed. Some elements could not be removed. These can be removed manually."

During the uninstall I got a message saying that there were some extensions that would be uninstalled at the next start-up - I don't know if those are the elements referred to.Attached File  FRST.txt   91.79KB   24 downloadsAttached File  Addition.txt   88.47KB   28 downloads 


  • 0

Advertisements


#11
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,258 posts

Hi, Sydney.
 
Thanks for the logs and the info given.
 
 
1. FRST fix

Please do the following to run a FRST fix.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

  • Select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.
Start::
CreateRestorePoint:
CloseProcesses:
BHO: No Name -> {A31ABAD4-B79D-48B0-AFC2-B2B16FB06187}' -> No File
BHO-x32: No Name -> {A31ABAD4-B79D-48B0-AFC2-B2B16FB06187}' -> No File
FirewallRules: [{88E2874D-6070-4A06-A522-16AF3D6A98C9}] => (Allow) C:\Users\Martin\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File
FirewallRules: [{74E19CD6-78A3-4F64-AAF3-AE6AFD0D6ABE}] => (Allow) C:\Users\Martin\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe => No File
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\MountPoints2: {29893032-b487-11eb-ad24-a434d9223345} - "F:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\MountPoints2: {6679736c-28d4-11e9-ac9b-a434d9223345} - "F:\unlock.exe" autoplay=true
HKU\S-1-5-21-3624156614-4154489229-1379725982-1001\...\MountPoints2: {f78355b8-9aa1-11e7-ac69-a434d9223342} - "F:\unlock.exe" autoplay=true
Task: {33c0afb4-a082-4e3e-b663-67739cb69616} - no filepath. <==== ATTENTION
Task: {3D025ABC-AEF8-4EE4-B554-C23235573773} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 18.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
CHR Notifications: Profile 1 -> hxxps://book.qantas.com; hxxps://savesubs.com; hxxps://www.instagram.com; hxxps://www.intelius.com; hxxps://www.italki.com; hxxps://www.justwatch.com; hxxps://www.messenger.com; hxxps://www.netflix.com; hxxps://www.oneflare.com.au; hxxps://www.qatarairways.com; hxxps://z-m-www.facebook.com
R3 cpuz154; C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [40976 2024-07-22] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
2024-07-27 11:26 - 2022-08-02 11:46 - 000000000 ____D C:\Program Files (x86)\Vuze
DeleteKey: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\mountpoints2
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: SFC /scannow
EmptyTemp:
End::
  • Right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt on your Desktop.
  • Post the log in your next reply.

 

 

2. Free some hard disk space

It seems that you have limited hard disk space. This can have a negative impact to your computer's functionality. You will not be able to update your operating system if you haven't got enough space. Of course, you have plenty of space in drive D, but your operating system is on drive C. A good idea would be saving your files in D from now on, especially those taking much space. To free some C space, do the following:

Disc cleanup

  • Press the Windows icon on your keyboard, together with the letter R.
  • Type in the blank area cleanmgr and then press OK.
  • Select Drive C and press OK.
  • Select everything you don't need in the list that will appear. Actually, you can select everything there, but be careful if you need some files in the Downloads folder.
  • Press the button Clean up system files and wait a bit.
  • Again, select everything you don't need, including old Windows installations, if any.
  • Select the tab More options.
  • Under the title System Restore and Shadow Copies, press Clean up.
  • Press Delete and OK if you are asked to.
  • Wait some time (depending of the items that are deleted).
  • Make a restart when the process is finished.
  • Go to This PC and check how much free space the C drive has now. 

 

 

In your next reply, please post:

  1. The fixlog.txt
  2. The free space for C
  3. How is the computer running? Still everything is fine?

  • 0

#12
SydneyCarton

SydneyCarton

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Hi Dr M

I have attached the fixlog.txt.

I have a lot of files in my Downloads folder – I have been going through them and sorting out the ones I want to keep and transferring them to other parts of the computer. However, I haven’t managed to finish the job yet. When I have, hopefully tomorrow, I will carry out the Clean-Up.

SC

 

Attached Files


  • 0

#13
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,258 posts

Hi, Sydney.

 

As you can see in the fixlog.txt:

 

Windows Resource Protection found corrupt files and successfully repaired them.
 

 
Yes, please do the disk cleanup procedure. After that, to check the disk, please do the following. 

Check disk

  • Click on the Start button and in the search box, type Command Prompt.
  • When you see Command Prompt on the list, right-click on it and select Run as administrator.
  • Enter the command below and press on Enter and wait for it to finish (~15 minutes).
       chkdsk C: /r
    
  • You will receive a message that the operation cannot be performed while the system is in use and ask if you want to check when you restart your computer. Choose Yes, and then restart the computer, allowing disk check to run at startup.
  • The process will take some time, depending on the disk condition.
  • Download ListChkdskResult by SleepyDude and save it on your Desktop.
  • Double click on the created icon.
  • A notepad file will open. Copy its content and paste it in your next reply.

 

 

In your next reply, please post:

  1. The free space for C
  2. The check disk report
  3. Feedback: How is the computer running? Still everything is fine?

  • 0

#14
SydneyCarton

SydneyCarton

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts

Drive C.jpg

 

Hi Dr M

The free space for C: The First fix saved about 2 GB, and then the Disk cleanup today freed another 10GB, so 12GB freed altogether. The C: Drive bar is no longer bright red, it’s now a much calmer blue. I have 27.7GB free of 237GB.

That’s much better than it was, but it’s still a problem as it will soon fill up again. It’s been a problem for some time and I’m not sure what to do about it. I’ve put all my videos and pictures onto Drive D: and most of my documents are in the cloud with One Drive.

I’ve attached a tree showing where everything is. I’m a bit confused as to why OneDrive is clogging up 21% of the Users share.  

The check disc report:

ListChkdskResult by SleepyDude v0.1.7 Beta | 21-09-2013

 

------< Log generate on 29/07/2024 11:24:50 PM >------

No Events found for Winlogon, Chkdsk or Wininit!

 

I’m not sure what happened here. I did all the steps as you listed them. After I entered the command you gave, I got a complicated message about the wrong volume, which ended with the Y/N question about restarting. I entered Y and restarted the computer. Nothing seemed to happen when it started. I waited for about 40 mins, but it was getting late, so I downloaded the ChkdskResult.

I’m not sure what went wrong. I could try running it again.

 

How is the computer running? It’s running well

 

  • 0

#15
DR M

DR M

    The Grecian Geek

  • Malware Removal
  • 4,258 posts

Hi!

 

Files saved in OneDrive are saved in the Cloud, but when you open them on the computer, they get saved locally too. If you don't want that, you can use OneDrive only in browser. Not very practical, though.

 

Make sure to restart the computer before you try the chkedsk command again. 


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP