Thank you for the quick response
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2021
Ran by Ralph (administrator) on RWDESKTOP1 (26-11-2021 09:23:33)
Running from D:\
Loaded Profiles: Ralph & Administrator
Platform: Microsoft Windows 10 Home Version 21H1 19043.1348 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(ADLICE (ASCOET JULIEN) -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(ADLICE (ASCOET JULIEN) -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <36>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(HP Inc.) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_ec6acb81b9300f24\RstMwService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\4.7.101.0\McCSPServiceHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <3>
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_21_9\mcapexe.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MAT\McPvTray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MQS\QcShm.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MSC\MfeBrowserHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Ralph\Downloads\MSERT (7).exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe <2>
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(philandro Software GmbH -> philandro Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe <3>
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1187.1\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1187.1\CCleanerBrowserCrashHandler64.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe
(SurfRight B.V. -> SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe <2>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Tripp Lite -> Tripp Lite) C:\Program Files (x86)\TrippLite\PowerAlert\engine\pal.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [827200 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-06-22] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC -> Flexera Software LLC.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Nuance\PaperPort\pptd40nt.exe [36168 2013-05-14] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Nuance\PaperPort\IndexSearch.exe [18248 2013-05-14] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort14reminder] => C:\Nuance\PaperPort\Ereg\Ereg.exe [330056 2013-03-14] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] => C:\Nuance\PDFViewer\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFCreHook] => C:\Nuance\PDFCreate\pdfcreate7hook.exe [605512 2013-03-26] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF7 Registry Controller] => C:\Nuance\PDFCreate\RegistryController.exe [140616 2013-03-26] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Roxio Easy CD & DVD Burning 2\Common\RoxWatchTray15.exe [303968 2019-01-29] (Corel Corporation -> Corel Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5678624 2020-12-19] (Acronis International GmbH -> )
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [447520 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [329992 2015-06-17] (Hewlett-Packard Company -> HP Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [413000 2021-11-19] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\Run: [QuickenScheduledUpdates] => C:\Program Files (x86)\Quicken\bagent.exe [77688 2021-02-02] (Quicken Inc. -> Quicken Inc.)
HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\Run: [Zoom] => [X]
HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\Run: [PhotoSync] => C:\Program Files\PhotoSync\PhotoSync.exe [1560248 2020-07-06] (touchbyte GmbH -> touchbyte GmbH)
HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Ralph\AppData\Local\Microsoft\Teams\Update.exe [2452664 2020-12-17] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2542440 2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35342976 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\Run: [Discord] => C:\Users\Ralph\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-194608825-1360088445-740081183-500\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2542440 2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpcpp215: C:\Windows\System32\spool\prtprocs\x64\hpcpp215.dll [770232 2018-03-04] (HP Inc. -> HP Inc.)
HKLM\...\Windows x64\Print Processors\HPM1210PrintProc: C:\Windows\System32\spool\prtprocs\x64\HPM1210PP.dll [74240 2012-09-29] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\Advanced TCP/IP Port Monitor: C:\WINDOWS\system32\mvtcpmon.dll [541184 2010-01-28] (Marvell Semiconductor, Inc.) [File not signed]
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [File not signed]
HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\WINDOWS\system32\HPMPW082.DLL [128184 2018-03-04] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\HPMLM190: C:\WINDOWS\system32\hpmlm190.dll [310968 2018-03-04] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\stkMonitor: C:\WINDOWS\system32\stkMonitor.dll [519848 2019-06-07] (Amazon Services LLC -> Amazon.com, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\95.1.13052.72\Installer\chrmstp.exe [2021-11-25] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{22B65310-8D73-872E-0172-2B7FAD548AA7}] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-20] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2021-06-13]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Nuance Cloud Connector.lnk [2019-04-29]
ShortcutTarget: Nuance Cloud Connector.lnk -> C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladLauncher.exe (Gladinet, Inc. -> )
Startup: C:\Users\Ralph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WeatherLink 6.0.5.exe - Shortcut.lnk [2021-02-02]
ShortcutTarget: WeatherLink 6.0.5.exe - Shortcut.lnk -> C:\WeatherLink\WeatherLink 6.0.5.exe (Davis Instruments Corporation -> Davis Instuments Corp.)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05139207-6DA2-40C1-8C0D-F133EDD6D299} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {13F2C360-37DA-4271-B053-66AD0446FED1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-07-16] (Google Inc -> Google Inc.)
Task: {15B86106-F2C9-4E05-A251-F0EE95E2C309} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-08-02] (McAfee, LLC -> McAfee, LLC)
Task: {1E350DFD-1A67-45C4-9450-BD2669C4BB98} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1EA16E10-366D-4878-BFD2-07059F641A19} - System32\Tasks\start weather => C:\WeatherLink\WeatherLink 6.0.5.exe [2278440 2018-08-14] (Davis Instruments Corporation -> Davis Instuments Corp.)
Task: {28608118-ABD4-4BCA-9CAD-D199BE4A3016} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2C7062A6-D7FE-4688-BF76-8CFEBAFB3115} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {344A2381-0DDE-49AD-9F2B-95FF11030E25} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [39920 2018-10-24] (Garmin International, Inc. -> )
Task: {366544C6-DCDF-4A6B-BBD2-0A089B05CC9A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {47FCB8BD-84B4-4EA7-9FA5-BBEA5A2B1A1E} - System32\Tasks\CCleanerSkipUAC - Ralph => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5481FD9C-AEB0-4420-9AE2-37D126817897} - System32\Tasks\RogueKiller Anti-Malware => C:\Program Files\RogueKiller\RogueKiller64.exe [32610648 2021-11-18] (ADLICE (ASCOET JULIEN) -> )
Task: {61CCE711-C567-43FD-B339-B0F939B6F17C} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [91400 2015-12-05] (Hewlett-Packard -> HP Development Company, L.P.)
Task: {653F3403-0B05-4179-A557-E1E151FF66FD} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200600 2021-11-14] (Piriform Software Ltd -> Piriform Software)
Task: {66332BA6-F183-4724-880F-2C7E30475B45} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel® Trust Services -> Intel® Corporation)
Task: {6C0FB617-9ECC-4B44-9F7A-4803C99A1998} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {6CA06D22-038F-4C3D-A2AB-2BB2AD1E7A6B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D139206-5FE3-43D3-A71B-3EF548D15A4E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {733FDF3D-951D-4454-8E96-E188A6C0B081} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4072312 2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {75175E83-A69E-4825-A586-05CDFFD61D3C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-07-16] (Google Inc -> Google Inc.)
Task: {792E6560-6305-44FC-B8AD-B06966517702} - System32\Tasks\restart at midnight => shutdown /r
Task: {7D17178E-54BD-4F96-9A8E-EC9796902D57} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9300FF21-AC36-4597-BE98-4C3CA09546B3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {AE8BED82-9150-4881-814D-0E6A608361E1} - System32\Tasks\reboot => shutdown /f /r
Task: {BD363BB6-80E8-474E-AB27-D8B7C93A7E85} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-200F0L3-Ralph => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {BDED68A0-D06C-4EB9-9216-41042BBCB6BD} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2515248 2021-11-12] (Piriform Software Ltd -> Piriform Software)
Task: {C5B9ED05-5DD2-4FB0-8413-70DF8FF8A8C2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {CD82B053-42FA-4B6A-B1EE-21672ADF2698} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200600 2021-11-14] (Piriform Software Ltd -> Piriform Software)
Task: {D0FA0E8E-B82B-4EBF-B12F-D75215E49487} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [680888 2021-11-13] (Mozilla Corporation -> Mozilla Foundation)
Task: {D8D5D333-6ACB-488C-A57D-77B00DB5043A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform)
Task: {DF12BCC6-BC51-4014-926C-5241B05D6280} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4695104 2021-10-01] (McAfee, LLC -> McAfee, LLC)
Task: {E3AB6A26-074D-4CAD-AA3C-7F3675E586B7} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [4119992 2021-10-07] (McAfee, LLC -> McAfee, LLC)
Task: {E5DA95D4-00B9-4F30-9A3B-7112CE832BB3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Users\Ralph\Downloads\MSERT (5).exe [154218944 2021-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {E7BC217D-BFD3-4E99-A556-F0032D29F5ED} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [757944 2021-05-06] (McAfee, LLC -> McAfee, LLC)
Task: {EEBD0C02-B2C2-4BD0-995B-61182AE4E2AC} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2515248 2021-11-12] (Piriform Software Ltd -> Piriform Software)
Task: {F0E44D76-A474-419B-840F-6B15C87D193C} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-08-02] (McAfee, LLC -> McAfee, LLC)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{217a01bd-7404-41ae-adb4-66528c62818c}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b8edf699-759c-4839-bac4-093bea91afa1}: [DhcpNameServer] 192.168.1.1
Edge:
=======
DownloadDir: C:\Users\Ralph\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Ralph\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-25]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Ralph\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-11-13]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 1mni5tj0.default
FF ProfilePath: C:\Users\Ralph\AppData\Roaming\Mozilla\Firefox\Profiles\1mni5tj0.default [2021-11-26]
FF Notifications: Mozilla\Firefox\Profiles\1mni5tj0.default -> hxxps://www.cheatersbleepbook.com; hxxps://www.1800flowers.com
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Ralph\AppData\Roaming\Mozilla\Firefox\Profiles\1mni5tj0.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2021-09-22]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Ralph\AppData\Roaming\Mozilla\Firefox\Profiles\1mni5tj0.default\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-09-22]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-05-14] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2021-11-05] [Legacy] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2021-10-22] (McAfee, LLC -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-06-22] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-11-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-11-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2021-10-22] (McAfee, LLC -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-23] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-23] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1187.1\npCCleanerBrowserUpdate3.dll [2021-11-14] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1187.1\npCCleanerBrowserUpdate3.dll [2021-11-14] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.14 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-06-22] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Nuance\PDFViewer\bin\nppdf.dll [2011-07-15] (Zeon Corporation -> Zeon Corporation)
FF Plugin HKU\S-1-5-21-194608825-1360088445-740081183-1001: @ringcentral.com/RingCentralMeetingsPlugin -> C:\Users\Ralph\AppData\Roaming\RingCentralMeetings\bin\nprcmsplugin.dll [2020-08-20] (RingCentral, Inc. -> RingCentral Video Communications, Inc. and RingCentral Inc.)
StartMenuInternet: Firefox- - kernel32::GetLongPathNameW(w R8, w .R7, i 1024)i .R6
Chrome:
=======
CHR Profile: C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default [2021-11-26]
CHR DownloadDir: C:\Users\Ralph\Downloads
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://service.mcafee.com; hxxps://update.easeus.com; hxxps://www.cnet.com; hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR NewTab: Default -> Not-active:"chrome-extension://jmofnfjbcjebicmefnlbanlijkhanlmd/index.html"
CHR Extension: (Docs) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-16]
CHR Extension: (Google Drive) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (YouTube) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-16]
CHR Extension: (Magnifying Glass) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\elhdjgjjmodgmhkokebhegekjooiaofm [2021-05-21]
CHR Extension: (Sheets) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-16]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-10-31]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-11-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [504160 2017-12-14] (Corel Corporation -> )
S4 aakore; C:\Program Files (x86)\Acronis\Agent\aakore.exe [15839648 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [12905888 2020-12-19] (Acronis International GmbH -> )
S4 AcronisCyberProtectionService; C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe [1421352 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
S4 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1264400 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-06-22] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S4 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6388072 2021-03-02] (Acronis International GmbH -> )
S4 Agent; C:\Program Files\Agent\Agent.exe [5569416 2019-05-17] (DEVELOPER IN A BOX (THE PLAYFUL GROUP PTY LTD) -> DeveloperInABox)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3743984 2021-10-05] (philandro Software GmbH -> philandro Software GmbH)
S4 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [46432 2019-03-30] (Corel Corporation -> )
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200600 2021-11-14] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\95.1.13052.72\elevation_service.exe [1713640 2021-11-12] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200600 2021-11-14] (Piriform Software Ltd -> Piriform Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12034464 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
R3 EPMVssEaseusProvider; C:\WINDOWS\system32\dllhost.exe /Processid:{6D50743C-2A15-43BE-A86D-907D96A153D9} [21312 2020-10-13] (Microsoft Windows -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncHelper.exe [3279232 2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
S4 GladFileMonSvc; C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe [30032 2013-05-05] (Gladinet, Inc. -> Gladinet, INC)
S4 GSService; C:\WINDOWS\SysWOW64\GSService.exe [444640 2014-07-28] (cyan soft ltd -> )
S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [151496 2021-08-28] (SurfRight B.V. -> SurfRight B.V.)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [5155024 2021-11-17] (SurfRight B.V. -> SurfRight B.V.)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176640 2020-02-11] (HP Inc.) [File not signed]
S4 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [361888 2012-07-25] (Hewlett-Packard Company -> HP)
S4 HPSIService; C:\Windows\system32\HPSIsvc.exe [126856 2012-11-08] (Hewlett-Packard Company -> HP)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7848632 2021-11-11] (Malwarebytes Inc -> Malwarebytes)
S4 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [971976 2021-05-13] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_21_9\McApExe.exe [797576 2021-10-22] (McAfee, LLC -> McAfee, LLC)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\4.7.101.0\\McCSPServiceHost.exe [2845608 2021-10-11] (McAfee, LLC -> McAfee, LLC)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)
S4 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
S4 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
S4 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [2102096 2020-12-19] (Acronis International GmbH -> )
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1677024 2021-10-23] (McAfee, LLC -> McAfee, LLC)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2016-06-15] (HP Inc.) [File not signed]
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.220.1024.0005\OneDriveUpdaterService.exe [3736424 2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
S4 PDFProFiltSrvPP; C:\Nuance\PaperPort\PDFProFiltSrvPP.exe [77640 2013-05-14] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4288832 2021-08-31] (McAfee, LLC -> McAfee, LLC)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2016-06-15] (HP Inc.) [File not signed]
R2 PowerAlert Agent; C:\Program Files (x86)\TrippLite\PowerAlert\engine\pal.exe [1836472 2020-07-16] (Tripp Lite -> Tripp Lite)
R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [14204760 2021-11-18] (ADLICE (ASCOET JULIEN) -> )
S4 RoxioBurnLauncher; C:\Program Files (x86)\Roxio Easy CD & DVD Burning 2\Roxio Burn\RoxioBurnLauncher.exe [1234272 2019-04-14] (Corel Corporation -> )
S4 RoxMediaDB15; C:\Program Files (x86)\Roxio Easy CD & DVD Burning 2\Common\RoxMediaDB15.exe [1163616 2019-01-29] (Corel Corporation -> Corel Corporation)
S4 RoxWatch15; C:\Program Files (x86)\Roxio Easy CD & DVD Burning 2\Common\RoxWatch15.exe [300896 2019-01-29] (Corel Corporation -> Corel Corporation)
S4 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7394008 2020-12-19] (Acronis International GmbH -> )
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14657832 2021-07-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S4 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [5911456 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-14] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AsrDrv102; C:\Windows\SysWOW64\Drivers\AsrDrv102.sys [22248 2018-08-13] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2020-12-19] (Bitdefender SRL -> Bitdefender)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [74752 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 epmdkdrv; C:\WINDOWS\system32\epmdkdrv.sys [36280 2021-04-21] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2021-04-21] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows ® Codename Longhorn DDK provider)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-09-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 EUDCPEPM; C:\WINDOWS\system32\drivers\EUDCPEPM.sys [76344 2021-04-21] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
S3 EUDCPEPM0; C:\WINDOWS\system32\drivers\EUDCPEPM0.sys [76344 2021-04-21] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUEDKEPM; C:\WINDOWS\system32\drivers\EUEDKEPM.sys [33712 2021-04-21] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [721536 2021-03-02] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [392840 2021-03-02] (Acronis International GmbH -> Acronis International GmbH)
S3 gdrv2; C:\WINDOWS\gdrv2.sys [32008 2021-11-13] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R1 hmpalert; C:\WINDOWS\system32\drivers\hmpalert.sys [412656 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> SurfRight B.V.)
S3 HP1210FAX; C:\WINDOWS\System32\Drivers\HPM1210FAX.sys [16384 2011-04-15] () [File not signed]
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-10-20] (Martin Malik - REALiX -> REALiX™)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [62984 2019-08-21] (Intel Corporation -> Intel Corporation)
R0 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210352 2021-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [193448 2021-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2021-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2021-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 McPvDrv; C:\WINDOWS\system32\drivers\McPvDrv.sys [97696 2021-07-27] (McAfee, LLC -> McAfee, LLC)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [574464 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [390656 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [90048 2021-09-28] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [526336 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [1088512 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [638464 2021-09-16] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [110080 2021-09-16] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [118784 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [256512 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R3 MusCAudio; C:\WINDOWS\system32\drivers\MusCAudio.sys [36064 2014-07-28] (cyan soft ltd -> Windows ® Win 7 DDK provider)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2011-04-15] (Marvell Semiconductor, Inc.) [File not signed]
R1 ngscan; C:\WINDOWS\System32\DRIVERS\ngscan.sys [171312 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2010-07-15] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-05-29] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-05-29] (MiniTool Solution Ltd -> )
R1 PxHelpFilter; C:\WINDOWS\system32\Drivers\PxHelpFilter.sys [24032 2018-06-08] (Corel Corporation -> Corel Corporation)
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [73464 2019-03-28] (Corel Corporation -> Corel Corporation)
U3 RkFlt; C:\Windows\System32\drivers\rkflt.sys [42056 2021-11-25] (Adlice -> )
R3 RSBCdFilter; C:\WINDOWS\system32\Drivers\RSBCdFilter.sys [25568 2018-06-08] (Corel Corporation -> Corel Corporation)
U5 RSBFilter; C:\Windows\System32\Drivers\RSBFilter.sys [27616 2018-06-08] (Corel Corporation -> Corel Corporation)
R0 RSBFsFilter; C:\WINDOWS\System32\Drivers\RSBFsFilter.sys [28128 2018-06-08] (Corel Corporation -> Corel Corporation)
R0 Sahdad64; C:\WINDOWS\System32\Drivers\Sahdad64.sys [46392 2017-12-14] (Corel Corporation -> Corel Corporation)
R0 Saibad64; C:\WINDOWS\System32\Drivers\Saibad64.sys [38200 2017-12-14] (Corel Corporation -> Corel Corporation)
R1 SaibVdAd64; C:\WINDOWS\System32\Drivers\SaibVdAd64.sys [45880 2017-12-14] (Corel Corporation -> Corel Corporation)
S3 Ser2pl; C:\WINDOWS\system32\DRIVERS\ser2pl64.sys [303000 2021-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tapsurfshark; C:\WINDOWS\System32\drivers\tapsurfshark.sys [38728 2019-05-22] (WDKTestCert Lenovo,131775874531219913 -> The OpenVPN Project)
S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [887032 2021-03-02] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [176248 2021-03-02] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [694920 2021-03-02] (Acronis International GmbH -> Acronis International GmbH)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2021-11-25] (Adlice -> )
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [334984 2021-03-02] (Acronis International GmbH -> Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [251016 2021-03-02] (Acronis International GmbH -> Acronis International GmbH)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-14] (Microsoft Windows -> Microsoft Corporation)
S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]
S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X]
S3 mfeavfk01; \Device\mfeavfk01.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-11-26 06:29 - 2021-11-26 06:29 - 000000000 ____D C:\Users\Ralph\AppData\Roaming\360TotalSecurity
2021-11-26 06:29 - 2021-11-26 06:29 - 000000000 ____D C:\ProgramData\360TotalSecurity
2021-11-26 06:26 - 2021-11-26 06:26 - 000000000 ____D C:\Program Files (x86)\360
2021-11-26 06:24 - 2021-11-26 06:24 - 092417104 _____ C:\Users\Ralph\Downloads\360TS_Setup.exe
2021-11-26 06:23 - 2021-11-26 06:23 - 001530952 _____ (QIHU 360 SOFTWARE CO. LIMITED) C:\Users\Ralph\Downloads\360TS_Setup_Mini.exe
2021-11-26 06:18 - 2021-11-26 06:18 - 000000047 _____ C:\Users\Ralph\Desktop\360 protect key.txt
2021-11-26 04:52 - 2021-11-26 04:52 - 000003431 _____ C:\Users\Ralph\Desktop\rogue killer 1 rogue.txt
2021-11-25 23:59 - 2021-11-25 23:59 - 000042056 _____ C:\WINDOWS\system32\Drivers\rkflt.sys
2021-11-25 23:54 - 2021-11-25 23:54 - 000038032 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2021-11-25 23:51 - 2021-11-25 23:51 - 041660008 _____ (Adlice Software ) C:\Users\Ralph\Downloads\RogueKiller_setup.exe
2021-11-25 23:48 - 2021-11-25 23:48 - 000003146 _____ C:\WINDOWS\system32\Tasks\RogueKiller Anti-Malware
2021-11-25 20:07 - 2021-11-25 20:07 - 000193448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-11-25 20:07 - 2021-11-25 20:07 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-11-25 20:06 - 2021-11-25 20:06 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-11-25 19:08 - 2021-11-25 20:08 - 000000000 ____D C:\Users\Ralph\AppData\Local\Discord
2021-11-25 19:08 - 2021-11-25 19:38 - 000000000 ____D C:\Users\Ralph\AppData\Roaming\discord
2021-11-25 19:08 - 2021-11-25 19:08 - 082973864 _____ (Discord Inc.) C:\Users\Ralph\Downloads\DiscordSetup.exe
2021-11-25 19:08 - 2021-11-25 19:08 - 000002236 _____ C:\Users\Ralph\Desktop\Discord.lnk
2021-11-25 19:08 - 2021-11-25 19:08 - 000000000 ____D C:\Users\Ralph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-11-25 15:10 - 2021-11-26 09:37 - 000000000 ____D C:\FRST
2021-11-25 13:36 - 2021-11-25 13:36 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Ralph\Downloads\rkill (13).exe
2021-11-23 23:49 - 2021-11-23 23:49 - 000000000 ___HD C:\$Windows.~WS
2021-11-19 13:30 - 2021-11-19 13:50 - 000000163 _____ C:\Users\Ralph\Documents\k5eoc microsoft account.txt
2021-11-17 11:21 - 2021-11-17 11:21 - 001072640 _____ (SurfRight B.V.) C:\WINDOWS\system32\hmpalert.dll
2021-11-17 11:21 - 2021-11-17 11:21 - 001060848 _____ (SurfRight B.V.) C:\WINDOWS\SysWOW64\hmpalert.dll
2021-11-17 11:21 - 2021-11-17 11:21 - 000171728 _____ (SurfRight B.V.) C:\WINDOWS\system32\hmpshell.dll
2021-11-17 00:58 - 2021-11-17 00:58 - 006617697 _____ C:\Users\Ralph\Downloads\1910012704_Archer A20(US)_UG_REV1.1.0.pdf
2021-11-16 19:44 - 2021-11-16 19:44 - 000000000 ____D C:\USB Drive
2021-11-16 19:19 - 2021-11-16 19:19 - 000000000 ____D C:\Users\Ralph\Downloads\Winlink_Express_install_1-5-42-0
2021-11-16 19:18 - 2021-11-16 19:18 - 034131990 _____ C:\Users\Ralph\Downloads\Winlink_Express_install_1-5-42-0.zip
2021-11-15 14:09 - 2021-11-15 14:17 - 000000000 ____D C:\Users\Ralph\Documents\windows 10 pro 11.21
2021-11-15 14:07 - 2021-11-15 14:07 - 000000000 ____D C:\$WINDOWS.~BT
2021-11-14 20:38 - 2021-11-14 20:38 - 000040538 _____ C:\Users\Ralph\Documents\cc_20211114_203754.reg
2021-11-14 20:19 - 2021-11-14 20:19 - 000000955 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.28.lnk
2021-11-14 20:11 - 2021-11-25 04:17 - 000002396 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2021-11-14 20:11 - 2021-11-25 04:17 - 000002361 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2021-11-14 20:11 - 2021-11-25 04:17 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2021-11-14 20:11 - 2021-11-14 20:11 - 000003842 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2021-11-14 20:11 - 2021-11-14 20:11 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineUA
2021-11-14 20:11 - 2021-11-14 20:11 - 000003350 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineCore
2021-11-14 20:11 - 2021-11-14 20:11 - 000003258 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2021-11-14 20:11 - 2021-11-14 20:11 - 000000000 ____D C:\Users\Ralph\AppData\Local\CCleaner Browser
2021-11-14 20:11 - 2021-11-14 20:11 - 000000000 ____D C:\ProgramData\CCleaner Browser
2021-11-14 20:09 - 2021-11-14 20:09 - 000002894 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Ralph
2021-11-14 19:51 - 2021-11-14 19:51 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Ralph\Downloads\rkill (12).exe
2021-11-14 19:51 - 2021-11-14 19:51 - 000988112 _____ (Bleeping Computer, LLC) C:\Users\Ralph\Downloads\rkill (12)64.exe
2021-11-14 19:46 - 2021-11-14 19:46 - 001036019 _____ C:\Users\Ralph\Downloads\EqualAreaRule.pdf
2021-11-14 19:46 - 2021-11-14 19:46 - 000789247 _____ C:\Users\Ralph\Downloads\Nec2dXS_VM.zip
2021-11-14 19:46 - 2021-11-14 19:46 - 000684768 _____ C:\Users\Ralph\Downloads\Nec2d.zip
2021-11-14 19:46 - 2021-11-14 19:46 - 000116754 _____ C:\Users\Ralph\Downloads\Nec2Manual.zip
2021-11-14 19:45 - 2021-11-14 19:45 - 000071485 _____ C:\Users\Ralph\Downloads\Tutorial.pdf
2021-11-14 19:39 - 2021-11-14 19:40 - 001792509 _____ C:\Users\Ralph\Downloads\Tutorial_4NEC2_english.pdf
2021-11-14 19:39 - 2021-11-14 19:40 - 001651122 _____ C:\Users\Ralph\Downloads\NEC_tutorial2.pdf
2021-11-14 19:37 - 2021-11-14 19:40 - 004281177 _____ C:\Users\Ralph\Downloads\4nec2.zip
2021-11-14 19:37 - 2021-11-14 19:40 - 004281177 _____ C:\Users\Ralph\Downloads\4nec2 (1).zip
2021-11-13 18:21 - 2021-11-13 18:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-11-13 17:08 - 2021-11-13 17:08 - 014233600 _____ C:\Users\Ralph\Downloads\WindowsPCHealthCheckSetup (1).msi
2021-11-13 16:38 - 2021-11-13 16:39 - 014315224 _____ C:\Users\Ralph\Downloads\PH-ES614P_Western.pdf
2021-11-13 15:47 - 2021-11-13 15:48 - 009974973 _____ C:\Users\Ralph\Documents\mb_manual_z390-ud_v2_e.pdf
2021-11-13 15:37 - 2021-11-13 15:37 - 012180445 _____ C:\Users\Ralph\Downloads\mb_manual_z390-ud_v2_e.pdf
2021-11-13 15:37 - 2021-11-13 15:37 - 012180445 _____ C:\Users\Ralph\Downloads\mb_manual_z390-ud_v2_e (1).pdf
2021-11-13 15:19 - 2021-11-13 15:19 - 000032008 ____N (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\gdrv2.sys
2021-11-13 15:19 - 2021-11-13 15:19 - 000000010 _____ C:\WINDOWS\GSetup.ini
2021-11-13 15:19 - 2018-04-10 16:45 - 000081408 ____R (Microsoft Corporation) C:\WINDOWS\devcon.exe
2021-11-13 15:19 - 2009-08-27 01:04 - 000207400 ____R () C:\WINDOWS\GSetup.exe
2021-11-11 06:51 - 2021-11-11 06:51 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-11-11 06:51 - 2021-11-11 06:51 - 000210352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-11-11 01:38 - 2021-11-11 01:38 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-11 01:38 - 2021-11-11 01:38 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-11 01:37 - 2021-11-11 01:37 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-11 01:37 - 2021-11-11 01:37 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-11 01:17 - 2021-11-11 01:17 - 000000000 ___HD C:\$WinREAgent
2021-11-06 07:27 - 2021-11-23 21:03 - 000000000 ____D C:\WINDOWS\Minidump
2021-11-06 04:58 - 2021-11-23 23:49 - 000000000 ____D C:\WINDOWS\Panther
2021-10-31 18:15 - 2021-10-31 18:15 - 000000000 ____D C:\Users\Ralph\Downloads\CP210x_Windows_Drivers (2)
2021-10-31 18:00 - 2021-10-31 18:00 - 014251852 _____ C:\Users\Ralph\Downloads\FT-891_Advance_Manual_ENG_1806-F (1).pdf
2021-10-31 17:58 - 2021-10-31 17:58 - 003856720 _____ C:\Users\Ralph\Downloads\CP210x_Windows_Drivers (2).zip
2021-10-31 17:58 - 2021-10-31 17:58 - 001564297 _____ C:\Users\Ralph\Downloads\FT-891_Firmware_Ver_Up_Manual_ENG.pdf
2021-10-31 17:58 - 2021-10-31 17:58 - 000435644 _____ C:\Users\Ralph\Downloads\USB_Driver_Installation_Manual_ENG_1610-B0 (2).pdf
2021-10-31 17:58 - 2021-10-31 17:58 - 000078868 _____ C:\Users\Ralph\Downloads\FT-891 Update Firmware Information 02-01-21.pdf
2021-10-31 17:57 - 2021-10-31 17:58 - 002358496 _____ C:\Users\Ralph\Downloads\FT-891_Firmware_Update_2021_02.zip
2021-10-31 17:57 - 2021-10-31 17:57 - 020671641 _____ C:\Users\Ralph\Downloads\FT-891_OM_ENG_EH065H201_1611A-BO-2.pdf
2021-10-31 17:57 - 2021-10-31 17:57 - 014251852 _____ C:\Users\Ralph\Downloads\FT-891_Advance_Manual_ENG_1806-F.pdf
2021-10-31 17:57 - 2021-10-31 17:57 - 003210309 _____ C:\Users\Ralph\Downloads\SCU-17_EAK21X704_1801R-ES (1).pdf
2021-10-31 17:57 - 2021-10-31 17:57 - 003135774 _____ C:\Users\Ralph\Downloads\M-1_OM_ENG_EBA33X100_1610L-AO-1.pdf
2021-10-30 15:38 - 2021-10-30 15:38 - 008553680 _____ (Malwarebytes) C:\Users\Ralph\Downloads\AdwCleaner(2).exe
2021-10-30 08:04 - 2021-10-30 08:04 - 000000072 ____H C:\Users\Ralph\Documents\~$TEXAS STATE RACES Rev. 5 (2).pdf.ppwritelock
2021-10-27 04:41 - 2021-10-27 04:41 - 000000020 _____ C:\Users\Ralph\Documents\mary stark nov 6.txt
2021-10-27 04:40 - 2021-10-27 04:40 - 000000016 _____ C:\Users\Ralph\Documents\corw i9.txt
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-11-26 09:39 - 2019-12-07 03:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-26 09:39 - 2018-07-16 13:59 - 000000000 ____D C:\Users\Ralph\AppData\Local\CrashDumps
2021-11-26 09:28 - 2018-07-15 21:09 - 000000000 ____D C:\Users\Ralph\AppData\Local\Packages
2021-11-26 09:10 - 2020-07-20 23:51 - 000004164 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{E48C46AB-81D5-4084-935A-8E2B2B8779E5}
2021-11-26 09:04 - 2018-07-16 02:28 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-26 08:50 - 2020-07-20 23:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-26 05:56 - 2018-07-15 22:06 - 000000000 ____D C:\Users\Ralph\Documents\Outlook Files
2021-11-26 05:36 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\Registration
2021-11-26 02:59 - 2019-10-01 22:17 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-11-26 02:53 - 2018-07-21 19:25 - 000000000 ____D C:\Program Files\CCleaner
2021-11-26 02:51 - 2020-04-15 01:08 - 000000000 ____D C:\Users\Ralph\AppData\LocalLow\IGDump
2021-11-26 00:24 - 2018-07-21 18:40 - 000000000 ____D C:\ProgramData\RogueKiller
2021-11-25 23:54 - 2018-07-21 18:40 - 000000908 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2021-11-25 23:54 - 2018-07-21 18:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2021-11-25 23:54 - 2018-07-21 18:40 - 000000000 ____D C:\Program Files\RogueKiller
2021-11-25 20:51 - 2019-08-13 11:07 - 000646550 _____ C:\Users\Ralph\Desktop\Rkill.txt
2021-11-25 20:18 - 2020-12-15 19:27 - 000000000 __RSD C:\Users\Ralph\Documents\McAfee Vaults
2021-11-25 20:10 - 2020-07-20 23:51 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-11-25 20:10 - 2020-07-20 23:44 - 000005768 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-25 20:06 - 2021-06-23 11:48 - 000000000 ____D C:\Program Files\TeamViewer
2021-11-25 20:05 - 2020-07-20 23:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-25 20:05 - 2020-07-20 23:41 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-25 20:05 - 2019-07-22 09:02 - 000000000 ____D C:\ProgramData\HitmanPro.Alert
2021-11-25 19:44 - 2018-07-17 14:29 - 000000000 ____D C:\ProgramData\HitmanPro
2021-11-25 19:23 - 2019-12-07 03:13 - 000000000 ____D C:\WINDOWS\INF
2021-11-25 19:21 - 2020-05-08 08:43 - 000000000 ____D C:\Users\Ralph\sdr2
2021-11-25 19:08 - 2020-10-15 17:59 - 000000000 ____D C:\Users\Ralph\AppData\Local\SquirrelTemp
2021-11-25 17:45 - 2018-07-15 22:38 - 000000000 ____D C:\WeatherLink
2021-11-25 17:41 - 2020-07-20 22:09 - 000000000 ____D C:\Users\Administrator
2021-11-25 17:39 - 2020-07-20 22:09 - 000000000 ____D C:\Users\Ralph
2021-11-25 17:37 - 2020-07-20 23:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2021-11-25 17:37 - 2019-12-07 03:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-11-25 15:30 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-11-25 03:43 - 2020-07-11 16:34 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-25 03:43 - 2020-07-11 16:34 - 000002285 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-11-25 03:43 - 2019-12-07 03:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-25 03:43 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-24 14:49 - 2018-07-30 10:41 - 000000000 ____D C:\ESD
2021-11-23 23:49 - 2020-07-20 23:50 - 000018412 _____ C:\WINDOWS\diagwrn.xml
2021-11-23 23:49 - 2020-07-20 23:50 - 000015243 _____ C:\WINDOWS\diagerr.xml
2021-11-23 20:59 - 2018-07-15 21:49 - 002090205 ____N C:\WINDOWS\Minidump\112321-57593-01.dmp
2021-11-23 20:47 - 2019-08-06 15:49 - 000000000 ____D C:\ProgramData\AnyDesk
2021-11-23 19:25 - 2019-08-06 15:49 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2021-11-21 13:18 - 2021-09-28 17:45 - 000000000 ____D C:\Users\Ralph\Documents\Bexar County ARES Net Script210921
2021-11-20 21:17 - 2020-10-31 23:09 - 000000000 ____D C:\RMS Express
2021-11-20 10:05 - 2020-12-06 20:15 - 000000782 _____ C:\Users\Ralph\Desktop\VARAFM.ini
2021-11-20 09:56 - 2018-07-15 21:49 - 001236037 ____N C:\WINDOWS\Minidump\112021-65359-01.dmp
2021-11-20 06:05 - 2020-05-10 14:00 - 000002310 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-11-20 06:05 - 2020-05-10 14:00 - 000002269 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-11-20 05:10 - 2018-07-15 21:49 - 001638149 ____N C:\WINDOWS\Minidump\112021-42515-01.dmp
2021-11-19 21:11 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-11-19 12:10 - 2018-07-15 21:49 - 001479875 ____N C:\WINDOWS\Minidump\111921-35265-01.dmp
2021-11-18 20:53 - 2021-09-17 13:57 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2021-11-18 20:53 - 2018-07-15 21:49 - 000900769 ____N C:\WINDOWS\Minidump\111821-64875-01.dmp
2021-11-18 18:40 - 2021-06-05 20:37 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-11-18 18:40 - 2021-06-05 20:37 - 000002141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-18 18:37 - 2020-07-20 23:51 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-18 18:37 - 2020-07-20 23:51 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-11-17 14:12 - 2019-07-22 09:02 - 000000000 ____D C:\Program Files (x86)\HitmanPro.Alert
2021-11-17 14:11 - 2019-12-07 03:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-11-17 11:21 - 2019-07-22 09:02 - 000412656 _____ (SurfRight B.V.) C:\WINDOWS\system32\Drivers\hmpalert.sys
2021-11-17 07:07 - 2018-07-15 21:25 - 000000000 ____D C:\ProgramData\Packages
2021-11-16 19:22 - 2021-10-01 13:44 - 000000766 _____ C:\Users\Public\Desktop\Winlink Express.lnk
2021-11-16 19:22 - 2021-10-01 13:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RMS Express
2021-11-15 14:36 - 2020-04-14 16:42 - 000000000 ____D C:\ProgramData\Roxio
2021-11-14 20:15 - 2018-07-22 15:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-11-14 20:15 - 2018-07-22 15:35 - 000000000 ____D C:\Program Files (x86)\Java
2021-11-14 20:13 - 2018-07-22 15:35 - 000164696 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2021-11-14 20:09 - 2019-04-19 21:17 - 000000925 _____ C:\Users\Public\Desktop\VLC media player.lnk
2021-11-14 20:08 - 2018-07-15 21:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-11-14 19:58 - 2018-08-15 07:28 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-11-14 19:34 - 2018-07-15 22:25 - 000000000 ____D C:\Program Files\Microsoft Office
2021-11-14 14:27 - 2021-05-24 20:44 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-11-14 14:27 - 2018-07-15 22:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-13 18:22 - 2019-02-09 21:07 - 000000000 ____D C:\ProgramData\Mozilla
2021-11-13 18:22 - 2018-07-15 22:30 - 000000000 ____D C:\Users\Ralph\AppData\LocalLow\Mozilla
2021-11-13 18:20 - 2018-07-15 22:30 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-11-13 17:08 - 2021-09-22 15:27 - 000001354 _____ C:\Users\Ralph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-11-13 17:08 - 2021-09-22 15:27 - 000000000 ____D C:\Users\Ralph\AppData\Local\PCHealthCheck
2021-11-13 15:58 - 2018-07-16 15:18 - 000000000 ____D C:\Users\Ralph\AppData\Local\ElevatedDiagnostics
2021-11-12 17:50 - 2020-07-20 23:41 - 000706344 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-12 17:46 - 2019-12-07 03:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-12 17:46 - 2019-12-07 03:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-12 17:46 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-11-12 17:46 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-12 17:46 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-12 17:46 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-11-12 17:46 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-12 17:46 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-12 17:46 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-12 17:46 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-12 17:46 - 2019-12-07 03:03 - 000000000 ____D C:\WINDOWS\servicing
2021-11-11 01:42 - 2019-12-07 03:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-11 01:16 - 2018-07-16 13:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-11 01:12 - 2018-07-16 13:42 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-08 11:55 - 2018-07-16 14:13 - 000000000 ____D C:\Users\Ralph\AppData\Local\D3DSCache
2021-11-06 04:59 - 2019-11-10 15:58 - 000000000 ____D C:\Program Files\McAfee
2021-11-06 04:59 - 2019-11-10 15:58 - 000000000 ____D C:\Program Files (x86)\McAfee
2021-11-06 04:59 - 2019-11-10 15:56 - 000000000 ____D C:\ProgramData\McAfee
2021-11-05 00:42 - 2019-11-10 15:56 - 000000000 ____D C:\Program Files\Common Files\McAfee
2021-11-05 00:40 - 2020-07-20 23:51 - 000003316 _____ C:\WINDOWS\system32\Tasks\McAfeeLogon
2021-11-05 00:36 - 2019-12-07 03:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-11-04 23:57 - 2020-07-20 23:51 - 000003710 _____ C:\WINDOWS\system32\Tasks\McAfee Remediation (Prepare)
2021-10-31 18:16 - 2018-07-16 00:11 - 000000000 ____D C:\Program Files\DIFX
2021-10-30 15:42 - 2018-07-16 15:25 - 000000000 ____D C:\Users\Ralph\AppData\Roaming\Hewlett-Packard
2021-10-30 15:42 - 2018-07-16 15:07 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2021-10-30 15:42 - 2018-07-16 14:17 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2021-10-30 07:13 - 2019-03-06 13:11 - 000000000 ____D C:\Users\Ralph\Documents\DC 100A 100V Digital Amp Volt Meter Voltmeter Ammeter Blue Red LED Current Shunt _ eBay_files
2021-10-29 15:52 - 2020-03-17 19:57 - 000000000 ____D C:\acronis full
==================== Files in the root of some directories ========
2019-10-20 16:25 - 2021-06-26 20:27 - 000038305 _____ () C:\Users\Ralph\AppData\Roaming\Comma Separated Values.ADR
2018-07-16 12:13 - 2020-05-05 19:38 - 000009413 _____ () C:\Users\Ralph\AppData\Roaming\Comma Separated Values.EML
2018-08-10 23:59 - 2018-08-10 23:59 - 000004608 _____ () C:\Users\Ralph\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-10-25 16:11 - 2020-03-15 13:19 - 000016767 _____ () C:\Users\Ralph\AppData\Local\krita.log
2020-03-15 13:19 - 2020-03-15 13:19 - 000000039 _____ () C:\Users\Ralph\AppData\Local\kritadisplayrc
2019-10-25 16:12 - 2020-03-15 13:19 - 000017058 _____ () C:\Users\Ralph\AppData\Local\kritarc
2018-09-26 02:30 - 2018-09-26 02:30 - 000000000 _____ () C:\Users\Ralph\AppData\Local\oobelibMkey.log
2020-04-12 18:20 - 2020-04-12 18:20 - 000002651 _____ () C:\Users\Ralph\AppData\Local\recently-used.xbel
2018-07-21 17:33 - 2018-07-21 17:33 - 000007601 _____ () C:\Users\Ralph\AppData\Local\Resmon.ResmonCfg
==================== FLock ==============================
2019-07-18 18:34 C:\Users\Ralph\AppData\Roaming\Webex
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2021
Ran by Ralph (26-11-2021 09:43:09)
Running from D:\
Microsoft Windows 10 Home Version 21H1 19043.1348 (X64) (2020-07-21 05:51:23)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-194608825-1360088445-740081183-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-194608825-1360088445-740081183-503 - Limited - Disabled)
Guest (S-1-5-21-194608825-1360088445-740081183-501 - Limited - Enabled)
Ralph (S-1-5-21-194608825-1360088445-740081183-1001 - Administrator - Enabled) => C:\Users\Ralph
WDAGUtilityAccount (S-1-5-21-194608825-1360088445-740081183-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: 360 Total Security (Enabled - Up to date) {FFDC234A-CE9B-08F9-406B-F876951CE066}
AS: McAfee VirusScan (Enabled - Up to date) {4DE344F8-6897-65B4-CED0-82B3AF2591B4}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {A57E80C3-3899-292F-ECD6-209A91801C57}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
1Step DVD Copy 4.5.4 (HKLM-x32\...\{1CB4ADE4-4B75-481A-BF77-EE69279DF30E}_is1) (Version: 4.5.4 - cyan soft ltd)
64 Bit HP CIO Components Installer (HKLM\...\{13DA9C7C-EBFB-40D0-94A1-55B42883DF21}) (Version: 21.2.1 - HP Inc.) Hidden
Acronis Drivers (HKLM\...\{29FB6899-5B83-4A82-BAE9-8CF4ECEC5BCD}) (Version: 25.6.35860 - Acronis) Hidden
Acronis True Image (HKLM-x32\...\{D503788D-85E5-4050-AF48-0E271A5CF42B}) (Version: 25.6.35860 - Acronis) Hidden
Acronis True Image (HKLM-x32\...\{D503788D-85E5-4050-AF48-0E271A5CF42B}Visible) (Version: 25.6.35860 - Acronis)
Adapter (HKLM-x32\...\{86085790-0A1A-4098-8CA9-579DB8F2771D}_is1) (Version: - Macroplant, LLC)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.6.0.384 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Adobe Photoshop Elements 2018 (HKLM-x32\...\{0C53F2C0-BB20-474F-8117-212DCCCDC090}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 3.2 64-bit (HKLM\...\{A94AABAE-52F0-48C4-9F94-A4CA4B423576}) (Version: 3.2.1 - Adobe)
AllMusicConverter 4.5.4 (HKLM-x32\...\{A1CDB5F3-4B89-404F-B6D8-879049265CE5}_is1) (Version: 4.5.4 - cyan soft ltd)
AllMusicConverter Endless Music Player 4.5.4 (HKLM-x32\...\{A1A2E29A-683B-BB20-BB0D-B97ECE1E2045}_is1) (Version: 4.5.4 - cyan soft ltd)
AllMusicConverter Media Suite 4.5.4 (HKLM-x32\...\{191A3E43-34AD-417C-BCA8-8D089AE59D25}_is1) (Version: 4.5.4 - cyan soft ltd)
Amazon Photos (HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\Amazon Photos) (Version: 6.5.1 - Amazon.com, Inc.)
Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.1.1.250 - Amazon)
ANT Drivers Installer x64 (HKLM\...\{D559687A-60C5-4786-9429-C21EC195789D}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 6.2.6 - AnyDesk Software GmbH)
AnyMedia Player 4.5.4 (HKLM-x32\...\{1959CCD2-1227-4de4-97E7-04F29D526762}_is1) (Version: 4.5.4 - cyan soft ltd)
APP Shop v1.0.36 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.36 - ASRock Inc.)
ASRock Restart to UEFI v1.0.7 (HKLM-x32\...\ASRock Restart to UEFI_is1) (Version: 1.0.7 - ASRock Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.87 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 95.1.13052.72 - Piriform Software)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1187.1 - Piriform Software) Hidden
CPUID CPU-Z 1.86 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.86 - CPUID, Inc.)
Cyotek WebCopy version 1.7.0.600 (HKLM-x32\...\{D5FAF1F8-C903-41b2-AC66-2682A02A78CB}_is1) (Version: 1.7.0.600 - Cyotek Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
DirectX 9 Runtime (HKLM-x32\...\{3A9527CF-4E91-4683-A03F-F1AD022126E5}) (Version: 1.00.0000 - Sonic Solutions) Hidden
Disk Burner 4.5.4 (HKLM-x32\...\{3B10760F-86A3-4376-A668-AC304015D5ED}_is1) (Version: 4.5.4 - cyan soft ltd)
Dot4 (HKLM\...\{3EEDA265-C6F3-4EC1-A317-1C9315DEDDDE}) (Version: 1.0.0.0 - HP)
DrawPad Graphic Design Software (HKLM-x32\...\DrawPad) (Version: 5.28 - NCH Software)
EaseUS Partition Master 15.8 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
Easy CD & DVD Burning 2 Content (HKLM-x32\...\{246D31A0-7B8A-41EA-8E31-33C2F2F26B53}) (Version: 20.0.024 - Roxio) Hidden
Elevated Installer (HKLM-x32\...\{0BF90608-2F95-4C7C-9A85-E90E0CAF4FE9}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 10.30 - NCH Software)
Express Rip CD Ripper Software (HKLM-x32\...\ExpressRip) (Version: 3.07 - NCH Software)
FT-857/897 Programmer (HKLM-x32\...\{CEBE0430-335E-11DE-72AE-014425902CD6}) (Version: 4.00.00.000 - RT Systems. Inc)
Garmin Express (HKLM-x32\...\{95D0EADA-5123-41C0-931A-F37946BC0E8E}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{eab4691c-4022-41cd-8d39-c3097ba62d4b}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries)
GIMP 2.10.28 (HKLM\...\GIMP-2_is1) (Version: 2.10.28 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.45 - Google LLC)
Google Earth Pro (HKLM\...\{9BFB06CD-3925-49E2-BAB7-EA695821CE4C}) (Version: 7.3.4.8248 - Google)
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.23.318 - SurfRight B.V.)
HitmanPro.Alert 3 (HKLM\...\HitmanPro.Alert) (Version: 3.8.18.921 - SurfRight B.V.)
HP Color LaserJet Pro MFP M277 (HKLM-x32\...\{7ac49734-541c-48e7-99be-02f41e43e79d}) (Version: 14.0.15344.534 - Hewlett-Packard)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
HP LaserJet Professional M1210 MFP Series Fax Installer (HKLM\...\{E94AE378-725A-41FF-BA24-397469D27FC8}) (Version: 1.3.0 - HP)
HP LaserJet Professional M1210 MFP Series Toolbox (HKLM\...\{F958F851-8DBE-420C-9D37-5ECBB6C61148}) (Version: 1.0.17 - Hewlett-Packard)
HP LaserJet Toolbox (HKLM\...\{2E8A793D-E275-46A2-BAB3-35FB95ACED57}) (Version: 3.0.0 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPCLJProM277 (HKLM-x32\...\{9A337B35-06E3-4F9D-9B39-5AC9C2E7F82B}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPLJUTCore (HKLM-x32\...\{AA9C0477-A064-4D76-A0C4-A3A5A11F1D4C}) (Version: 020.000.0001 - HP) Hidden
HPLJUTM277 (HKLM-x32\...\{1FE53D6E-05EA-4D03-BB77-740C9AF03574}) (Version: 014.000.0001 - HP) Hidden
hppM277LaserJetService (HKLM-x32\...\{3F43C468-BC22-4F88-8382-FF349E724317}) (Version: 001.034.00686 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
hpStatusAlerts (HKLM-x32\...\{6bb3c4d6-a57b-4ab7-a96a-be45a4959fe1}) (Version: 170.040.00260 - HP Development Company, L.P.) Hidden
hpStatusAlertsM277 (HKLM-x32\...\{651F24A4-7240-4598-BDA3-3F6F86005670}) (Version: 140.046.00129 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CF10F6BC-C710-4F6F-B7E1-4057699A59AA}) (Version: 12.3.6.10 - HP)
IC-9100 Programmer (HKLM-x32\...\{89DAA450-98F0-11E0-72AE-062406752CD6}) (Version: 4.00.00.000 - RT Systems. Inc)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
Java 8 Update 311 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180311F0}) (Version: 8.0.3110.11 - Oracle Corporation)
Krita (x64) 4.2.7.1 (HKLM\...\Krita_x64) (Version: 4.2.7.1 - Krita Foundation)
LabelCreator (HKLM-x32\...\{B8C23400-237A-40F2-854C-9846DF568075}) (Version: 1.00.0000 - Corel Corporation) Hidden
LibreOffice 6.4.6.2 (HKLM\...\{C91FC8F1-C648-422B-BF7C-ED71E74EC29C}) (Version: 6.4.6.2 - The Document Foundation)
Malwarebytes version 4.4.10.144 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.10.144 - Malwarebytes)
McAfee® Total Protection (HKLM-x32\...\MSC) (Version: 16.0 R40 - McAfee, LLC)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.14527.20276 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.34 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 96.0.1054.34 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft Support and Recovery Assistant (HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\0527a644a4ddd31d) (Version: 17.0.7119.4 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
MiniTool Partition Wizard 11 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Software Limited)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 93.0 (x64 en-US)) (Version: 93.0 - Mozilla)
Mozilla Firefox 65.0 (x64 en-US) (HKLM\...\Mozilla Firefox 65.0 (x64 en-US)) (Version: 65.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.3.3 - Mozilla)
Mozilla Thunderbird 78.11.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 78.11.0 (x86 en-US)) (Version: 78.11.0 - Mozilla)
Nuance Cloud Connector (HKLM-x32\...\{3D3375A3-27C5-4545-9F4C-099373B89C18}) (Version: 3.2.1046 - Nuance Communications, Inc.)
Nuance PaperPort 14 (HKLM-x32\...\{14CB3B82-FBDC-4462-919E-86147983F09B}) (Version: 14.5.0000 - Nuance Communications, Inc.)
Nuance PDF Create 7 (HKLM\...\{AAA715B7-02F9-4F2D-92C9-80EC63835AA1}) (Version: 7.10.6408 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{FC984E39-43D0-4AB2-ACC7-A7B87977B009}) (Version: 7.20.3274 - Nuance Communications, Inc.)
NVIDIA 3D Vision Driver 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Graphics Driver 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0001 - Nuance Communications, Inc.)
PhotoSync (HKLM\...\PhotoSync) (Version: 4.0.4 - touchbyte GmbH)
PowerAlert Local Software (HKLM-x32\...\{88E7FC62-7948-4262-93E2-1D0B1E992C84}) (Version: 12.5.1.6709 - Tripp Lite)
Powerwerx KG-UV6X (HKLM-x32\...\{DF684A75-B53A-41ED-93C7-C34E921A0B4C}) (Version: 2.241 - Powerwerx)
Quicken (HKLM-x32\...\{62D93E3E-2F8E-42BD-9343-896F4F0031D3}) (Version: 27.1.31.12 - Quicken)
RadioGet 4.5.4 (HKLM-x32\...\{F6C84ED7-9CAC-423b-9E00-C9BFAFBD0593}_is1) (Version: 4.5.4 - cyan soft ltd)
RBVirtualFolder64Inst (HKLM\...\{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}) (Version: 1.00.0000 - Roxio, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
RingCentral Meetings (HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\RingCentralMeetings) (Version: 20.2 - Zoom Video Communications, Inc. and RingCentral Inc.)
RipTiger 4.5.4 (HKLM-x32\...\{AFD4597D-56CC-447F-AA68-C1BF1AEA448E}_is1) (Version: 4.5.4 - cyan soft ltd)
RMS Link Test version 2.0.22.0 (HKLM-x32\...\{FAD3156F-AF8A-4455-80BE-665807B8F3A5}_is1) (Version: 2.0.22.0 - ARSFi -- Winlink)
RogueKiller version 15.1.4.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 15.1.4.0 - Adlice Software)
Roxio Easy CD and DVD Burning 2 (HKLM-x32\...\{3E670EAA-F20E-4DF6-BFC1-00BABC555498}) (Version: 20.0.54.0 - Roxio)
Roxio MyDVD (HKLM\...\{CA9C6DF1-191C-4057-AAB1-34DF0996E58D}) (Version: 3.0.040 - Corel Corporation) Hidden
Roxio MyDVD (HKLM-x32\...\{2AB256B6-DD96-4982-AD46-5DC7B20BA7EF}) (Version: 3.0 - Roxio)
SanDisk SSD Dashboard (HKLM-x32\...\SanDisk SSD Dashboard) (Version: 2.7.0.0 - Western Digital Corporation)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version: - Silicon Laboratories)
Silicon Laboratories USBXpress Device (Driver Removal) (HKLM-x32\...\SIUSBXP&10C4&EA61) (Version: - )
Sonic CinePlayer Decoder Pack (HKLM-x32\...\{09065152-F67B-4044-9773-64AF5C30BDA1}) (Version: 4.3.0 - Sonic Solutions) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
TatukGIS Viewer 1.13.1.370 (HKLM-x32\...\ttkVWR_is1) (Version: 1.13.1.370 - TatukGIS sp. z o.o.)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.20.3 - TeamViewer)
TravelPlus for Repeaters, V19.0 (HKLM-x32\...\{FEA2D929-48DA-415E-B25D-A0CCFCA3DD86}) (Version: 19.00.0000 - ARRL)
Trusted QSL 2.5.7 (HKLM-x32\...\{23566C15-B5C6-4904-AB02-09BF6832797A}) (Version: 2.5.7 - The TrustedQSL Developers)
TuneGet 4.5.4 (HKLM-x32\...\{050A0D31-6B33-4137-ADE5-C0896E5FA98D}_is1) (Version: 4.5.4 - cyan soft ltd)
u-center_v8.26 (HKLM-x32\...\u-center_v8.26) (Version: 8.26 - u-blox)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation)
UV-5R Programmer (HKLM-x32\...\{7B67EE40-5362-11E2-390C-10AB7E3B7E87}) (Version: 4.50.0.0 - RT Systems. Inc)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.14 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WeatherLink 6.0.3 (HKLM-x32\...\{E344C807-7DE0-4CC2-81BB-1F895CF8CBDF}) (Version: 6.0.3 - Davis Instruments Corp.)
WeatherLink 6.0.5 (HKLM-x32\...\{EF9BCE53-A8E1-4A61-9C99-E230CCF57EEB}) (Version: 6.0.5 - Davis Instruments Corp.)
Web View Ctrl version 1.2.0.0 (HKLM-x32\...\{3F76DB94-6C4E-42AC-BD74-64E103174FE7}_is1) (Version: 1.2.0.0 - )
WebAdvisor by McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.590 - McAfee, LLC)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - RT Systems RT CDM Driver Package (01/18/2013 2.08.28) (HKLM\...\5246A5144620F07ED851FC0798C179A7B3475A7D) (Version: 01/18/2013 2.08.28 - RT Systems)
Windows Driver Package - RT Systems RT CDM Driver Package (01/18/2013 2.08.28) (HKLM\...\9ED29DBEB588170086E29D3B3BCB8739BEEE8F33) (Version: 01/18/2013 2.08.28 - RT Systems)
Windows Driver Package - RT Systems RT CDM Driver Package (01/30/2016 2.12.08) (HKLM\...\44F74E9BE605C75BBD33EC4CA829BECAFE4B8630) (Version: 01/30/2016 2.12.08 - RT Systems)
Windows Driver Package - RT Systems RT CDM Driver Package (01/30/2016 2.12.08) (HKLM\...\AD6D814F58FF742D1ABBBDFC9760CF33549296C8) (Version: 01/30/2016 2.12.08 - RT Systems)
Windows Driver Package - RT Systems RT CDM Driver Package (03/18/2011 2.08.14) (HKLM\...\155CF7A4C85432ED94BD4093618ABE9CF79EE316) (Version: 03/18/2011 2.08.14 - RT Systems)
Windows Driver Package - RT Systems RT CDM Driver Package (03/18/2011 2.08.14) (HKLM\...\86FC417867900416582DAFBEA15161D0A5CAF8D3) (Version: 03/18/2011 2.08.14 - RT Systems)
Windows Driver Package - Silicon Laboratories (silabenm) Ports (12/10/2012 6.6.1.0) (HKLM\...\D680DEE0F68D64EC53D0C5769879D15D387054CC) (Version: 12/10/2012 6.6.1.0 - Silicon Laboratories)
Windows Driver Package - Silicon Laboratories Inc. (silabser) Ports (03/28/2016 6.7.3.350) (HKLM\...\9437A0D535B29915072FCF153C7CA9B5FD547A24) (Version: 03/28/2016 6.7.3.350 - Silicon Laboratories Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Driver Package - u-blox (WUDFRd) Sensor (04/12/2017 2.33.0.0) (HKLM\...\7F84B3435615146FA8AAFBB960E8FEF59C232952) (Version: 04/12/2017 2.33.0.0 - u-blox)
Windows Driver Package - u-blox AG (ubloxusb) Ports (07/03/2013 1.2.0.8) (HKLM\...\FD26D50F08971338088D01BEDED393EC9F9C4FA7) (Version: 07/03/2013 1.2.0.8 - u-blox AG)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
Windows PC Health Check (HKLM\...\{014B7442-C784-45D3-A152-F7D2C651F28A}) (Version: 3.3.2110.22002 - Microsoft Corporation)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
Winlink Express version 1.5.42.0 (HKLM-x32\...\{61C2109E-F4CA-43B1-9F3D-90BBBADF510A}_is1) (Version: 1.5.42.0 - ARSFi - Winlink Development)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WSJT-X - Digital Modes for Weak Signal Communications in Amateur Radio. (HKLM-x32\...\wsjtx 2.2.2) (Version: 2.2.2 - Joe Taylor, K1JT)
WSJT-X: Digital Modes for Weak Signal Communications in Amateur Radio (HKLM-x32\...\wsjtx 2.3.0-rc2) (Version: 2.3.0-rc2 - Joe Taylor, K1JT)
WSJT-X: Digital Modes for Weak Signal Communications in Amateur Radio (HKLM-x32\...\wsjtx 2.4.0) (Version: 2.4.0 - Joe Taylor, K1JT)
Zoom (HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\ZoomUMX) (Version: 5.7.7 (1105) - Zoom Video Communications, Inc.)
ZOSICloud 2.0.2 (HKLM-x32\...\ZOSICloud) (Version: 2.0.2 - My company, Inc.)
Packages:
=========
8 Zip - unpack RAR, ZIP, 7z for free -> C:\Program Files\WindowsApps\BooStudioLLC.8ZipLite_1.4.34.0_x64__b6e429xa66pga [2021-08-31] (Finebits OÜ) [MS Ad]
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-08] (Autodesk Inc.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.10.188.0_x64__rz1tebttyb220 [2021-10-13] (Dolby Laboratories)
Duplicate Cleaner Free -> C:\Program Files\WindowsApps\DigitalVolcanoSoftware.DuplicateCleanerFree_5.13.4.0_neutral__55chcb595f864 [2021-10-09] (DigitalVolcano Software)
DVD Player+ -> C:\Program Files\WindowsApps\61878MobilityinLifeapplic.DVDPlayer_13.1.3.0_x64__zfxkqydss3nar [2021-07-14] (Mobility in Life applications) [Startup Task]
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_132.3.262.0_x64__v10z8vjag6ke6 [2021-11-17] (HP Inc.)
Kodi -> C:\Program Files\WindowsApps\XBMCFoundation.Kodi_19.3.500.0_x64__4n2hpmxwrvr6p [2021-10-28] (XBMC Foundation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-07-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-08-31] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-08-31] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-10-30] (Microsoft Studios) [MS Ad]
MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.0.32.0_x64__qmba6cd70vzyy [2021-11-24] (ASUSTeK COMPUTER INC.)
MyRadar -> C:\Program Files\WindowsApps\ACMEAtronOmaticLLC.MyRadar_5.15.2.0_x64__hgk1kwjkxrdv0 [2021-11-23] (ACME AtronOmatic LLC)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-08-28] (Microsoft Corporation)
Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.15.163.0_x64__43tkc6nmykmb6 [2021-10-01] (Ookla)
Unofficial 7zip -> C:\Program Files\WindowsApps\42109FactoriaDatacenter.Unofficial7zip_18.5.0.0_x64__zaf1c6h4vqsbt [2019-01-15] (Repackagerexpress.com)
Video Player - Play All Videos -> C:\Program Files\WindowsApps\8075Queenloft.VideoPlayer-PlayAllVideos_1.1.35.0_x64__g5dqhteqemct8 [2021-06-04] (Queenloft)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-194608825-1360088445-740081183-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-194608825-1360088445-740081183-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-CC8F68DE06FE} -> [Creative Cloud Files] => C:\Users\Ralph\Creative Cloud Files [2018-07-16 16:46]
CustomCLSID: HKU\S-1-5-21-194608825-1360088445-740081183-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Ralph\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-194608825-1360088445-740081183-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Ralph\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-194608825-1360088445-740081183-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_6_35860.dll [2020-12-19] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_6_35860.dll [2020-12-19] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_6_35860.dll [2020-12-19] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_6_35860.dll [2020-12-19] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon.dll [2013-05-05] (Gladinet, Inc. -> Gladinet, INC)
ShellIconOverlayIdentifiers: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU.dll [2013-05-05] (Gladinet, Inc. -> Gladinet, INC)
ShellIconOverlayIdentifiers: [HitmanPro.Alert Shell Extension] -> {6FAC02B7-77D6-418B-AC11-962C65CDE8DD} => C:\WINDOWS\system32\hmpshell.dll [2021-11-17] (SurfRight B.V. -> SurfRight B.V.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon.dll [2013-05-05] (Gladinet, Inc. -> Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU.dll [2013-05-05] (Gladinet, Inc. -> Gladinet, INC)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-10-22] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers1: [PhotoSyncShellExtension] -> {cd400ee5-8d91-38f2-b2e2-e82242b6d328} => C:\Program Files\PhotoSync\PhotoSyncShellExtension.DLL [2020-07-06] (touchbyte GmbH) [File not signed] [File is in use]
ContextMenuHandlers1: [Roxio Burn] -> {E8CB9D53-A47A-42B5-9F5B-96B037C9DD4C} => C:\Program Files\Roxio\Roxio Burn\RB_ContextMenu64.dll [2019-02-22] (Corel Corporation -> TODO: <Company name>)
ContextMenuHandlers1: [Zeon.MFCDirectShellExt] -> {353C642C-F13D-4699-9FF2-EFAF490B6C69} => C:\Nuance\PDFCreate\bin\DirectShellExt.dll [2010-07-16] (Zeon Corporation -> Zeon International Investment Corp.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [Open With Gladinet] -> {81695C6B-C2CA-492F-951D-5469840B2098} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetShellProxy.dll [2013-05-05] (Gladinet, Inc. -> Gladinet, INC)
ContextMenuHandlers3: [STKContextMenu] -> {90DD7445-E924-4c6e-92AC-01F8C3A7E0C7} => C:\Program Files (x86)\Amazon\SendToKindle\stkContextMenu_250.dll [2019-06-07] (Amazon Services LLC -> Amazon.com, Inc.)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [PhotoSyncShellExtension] -> {cd400ee5-8d91-38f2-b2e2-e82242b6d328} => C:\Program Files\PhotoSync\PhotoSyncShellExtension.DLL [2020-07-06] (touchbyte GmbH) [File not signed] [File is in use]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-10-22] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Ralph\Desktop\PowerAlert Console.lnk -> C:\Program Files (x86)\TrippLite\PowerAlert\console\paconsole.bat ()
ShortcutWithArgument: C:\Users\Ralph\Desktop\Tinder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hejiihbkifllpgdfndalmghiodgkefan
ShortcutWithArgument: C:\Users\Ralph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Tinder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hejiihbkifllpgdfndalmghiodgkefan
==================== Loaded Modules (Whitelisted) =============
2020-07-16 09:36 - 2020-07-16 09:36 - 000044032 _____ () [File not signed] C:\Program Files (x86)\TrippLite\PowerAlert\engine\padown.DLL
2020-07-16 09:58 - 2020-07-16 09:58 - 000001536 _____ () [File not signed] C:\Program Files (x86)\TrippLite\PowerAlert\engine\pamsg.dll
2009-09-16 17:44 - 2009-09-16 17:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 17:45 - 2009-09-16 17:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 10:44 - 2009-09-16 10:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
2020-02-11 16:19 - 2020-02-11 16:19 - 000041472 _____ (HP Inc.) [File not signed] [File is in use] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll
2020-02-11 16:19 - 2020-02-11 16:19 - 000034816 _____ (HP Inc.) [File not signed] [File is in use] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll
2020-02-11 16:19 - 2020-02-11 16:19 - 000077824 _____ (HP Inc.) [File not signed] [File is in use] C:\Program Files (x86)\HP\HPLaserJetService\HPTools.dll
2020-02-11 16:19 - 2020-02-11 16:19 - 001223168 _____ (HP Inc.) [File not signed] [File is in use] C:\Program Files (x86)\HP\HPLaserJetService\LEDMXMLObjects.dll
2010-01-28 16:10 - 2010-01-28 16:10 - 000541184 _____ (Marvell Semiconductor, Inc.) [File not signed] C:\WINDOWS\System32\mvtcpmon.dll
2009-09-16 17:45 - 2009-09-16 17:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll
2020-07-20 23:45 - 2018-03-23 17:05 - 000880024 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2009-10-16 12:27 - 2009-10-16 12:27 - 000144896 _____ (OpenSLP) [File not signed] C:\WINDOWS\System32\slp64.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:FD9CE1F3 [136]
AlternateDataStreams: C:\Users\Public\DRM:وهو يتØرك [48]
AlternateDataStreams: C:\Users\Ralph\Documents\aquachek truetest spa.jpeg:3or4kl4x13tuuug3Byamue2s4b [105]
AlternateDataStreams: C:\Users\Ralph\Documents\aquachek truetest spa.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Ralph\Documents\covid vaccination card 2 (booster).jpeg:3or4kl4x13tuuug3Byamue2s4b [87]
AlternateDataStreams: C:\Users\Ralph\Documents\covid vaccination card 2 (booster).jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Ralph\Documents\NEIMA part 1.tiff:3or4kl4x13tuuug3Byamue2s4b [105]
AlternateDataStreams: C:\Users\Ralph\Documents\NEIMA part 1.tiff:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Ralph\Documents\page 1 back.tiff:3or4kl4x13tuuug3Byamue2s4b [105]
AlternateDataStreams: C:\Users\Ralph\Documents\page 1 back.tiff:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Ralph\Documents\page 1 front.tiff:3or4kl4x13tuuug3Byamue2s4b [105]
AlternateDataStreams: C:\Users\Ralph\Documents\page 1 front.tiff:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Ralph\Documents\page 2 back.tiff:3or4kl4x13tuuug3Byamue2s4b [105]
AlternateDataStreams: C:\Users\Ralph\Documents\page 2 back.tiff:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Ralph\Documents\page 2 front.tiff:3or4kl4x13tuuug3Byamue2s4b [105]
AlternateDataStreams: C:\Users\Ralph\Documents\page 2 front.tiff:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-194608825-1360088445-740081183-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-194608825-1360088445-740081183-500\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-194608825-1360088445-740081183-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
SearchScopes: HKU\S-1-5-21-194608825-1360088445-740081183-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-05-13] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Nuance\PDFViewer\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation -> Zeon Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\ssv.dll [2021-11-14] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-05-13] (McAfee, LLC -> McAfee, LLC)
BHO-x32: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> C:\Nuance\PDFCreate\Bin\ZeonIEFavClient.dll [2011-03-25] (Zeon Corporation -> Zeon Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\jp2ssv.dll [2021-11-14] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM-x32 - DocuCom PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Nuance\PDFCreate\Bin\ZeonIEFavClient.dll [2011-03-25] (Zeon Corporation -> Zeon Corporation)
Toolbar: HKU\S-1-5-21-194608825-1360088445-740081183-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2021-10-22] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2021-10-22] (McAfee, LLC -> McAfee, LLC)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-11 17:38 - 2020-05-14 10:30 - 000000849 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2019-01-12 01:34 - 2019-01-12 01:35 - 000000443 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;%SYSTEMROOT%\System32\OpenSSH;C:\Program Files (x86)\Common Files\Acronis\VirtualFile;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64;C:\Program Files (x86)\Common Files\Acronis\FileProtector;C:\Program Files (x86)\Common Files\Acronis\FileProtector64;C:\Program Files (x86)\Common Files\Acronis\SnapAPI;C:\Program Files\RogueKiller;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\WSJT\wsjtx\bin;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Common Files\Acronis\FileProtector\;C:\Program Files (x86)\Common Files\Acronis\FileProtector64\
HKU\S-1-5-21-194608825-1360088445-740081183-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ralph\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-194608825-1360088445-740081183-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 => 2
MSCONFIG\Services: aakore => 2
MSCONFIG\Services: AcronisActiveProtectionService => 2
MSCONFIG\Services: AcrSch2Svc => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\Services: afcdpsrv => 2
MSCONFIG\Services: Agent => 2
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: AnyDesk => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BOT4Service => 2
MSCONFIG\Services: GladFileMonSvc => 2
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: GSService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: hmpalertsvc => 2
MSCONFIG\Services: HP LaserJet Service => 2
MSCONFIG\Services: HPM1210RcvFaxSrvc => 2
MSCONFIG\Services: HPSIService => 2
MSCONFIG\Services: ibtsiva => 2
MSCONFIG\Services: Intel® Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel® TPM Provisioning Service => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: McAfee WebAdvisor => 2
MSCONFIG\Services: mccspsvc => 2
MSCONFIG\Services: mmsminisrv => 2
MSCONFIG\Services: mobile_backup_server => 3
MSCONFIG\Services: mobile_backup_status_server => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2
MSCONFIG\Services: PDFProFiltSrvPP => 2
MSCONFIG\Services: PowerAlert Agent => 2
MSCONFIG\Services: RoxioBurnLauncher => 2
MSCONFIG\Services: RoxMediaDB15 => 3
MSCONFIG\Services: RoxWatch15 => 2
MSCONFIG\Services: syncagentsrv => 2
MSCONFIG\Services: Tib Mounter Service => 3
MSCONFIG\Services: WTabletServicePro => 2
HKLM\...\StartupApproved\StartupFolder: => "Nuance Cloud Connector.lnk"
HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "StatusAlerts"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "ISUSPM"
HKLM\...\StartupApproved\Run32: => "PPort14reminder"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "PaperPort PTD"
HKLM\...\StartupApproved\Run32: => "PDFCreHook"
HKLM\...\StartupApproved\Run32: => "PDFProHook"
HKLM\...\StartupApproved\Run32: => "PDF7 Registry Controller"
HKLM\...\StartupApproved\Run32: => "RoxWatchTray"
HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\StartupApproved\Run: => "QuickenScheduledUpdates"
HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\StartupApproved\Run: => "Zoom"
HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\StartupApproved\Run: => "PhotoSync"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F597D0F4-DEF6-49C7-9DFA-2B1EACB8A1C3}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{60101C3F-D18C-43DD-8C91-EC41E0051625}] => (Allow) C:\Program Files (x86)\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{4E99E0E1-9B6B-437B-8969-864D2A8649E0}] => (Allow) C:\Program Files (x86)\RipTiger\MMSDownloaderApp.exe () [File not signed]
FirewallRules: [{5222F556-8E67-491F-9DCE-F04F8590ADD9}] => (Allow) C:\Program Files (x86)\RipTiger\MMSDownloaderApp.exe () [File not signed]
FirewallRules: [{28C71926-5526-4EC3-8BCB-580E912E8010}] => (Allow) C:\Program Files (x86)\RipTiger\VideoDownloadApp_RTMP.exe () [File not signed]
FirewallRules: [{340D7438-EA56-4A28-BC4E-AA2936DE9927}] => (Allow) C:\Program Files (x86)\RipTiger\VideoDownloadApp_RTMP.exe () [File not signed]
FirewallRules: [{CD046D37-A23F-4D00-B221-846F05F6513B}] => (Allow) C:\Program Files (x86)\RipTiger\RTMPDownloaderApp.exe () [File not signed]
FirewallRules: [{C018EEDA-0E86-4019-923B-A5DABEA2BD33}] => (Allow) C:\Program Files (x86)\RipTiger\RTMPDownloaderApp.exe () [File not signed]
FirewallRules: [{D5A27877-9ED5-4F1C-B548-BFDAA07A5B32}] => (Allow) C:\Program Files (x86)\RipTiger\HTTPDownloaderApp.exe () [File not signed]
FirewallRules: [{694F893D-CF19-4BE0-A8C5-CB3568CCEB85}] => (Allow) C:\Program Files (x86)\RipTiger\HTTPDownloaderApp.exe () [File not signed]
FirewallRules: [{D1C13FE4-776D-471F-93F3-4E86ED7681D6}] => (Allow) C:\Program Files (x86)\RipTiger\RipTiger.exe () [File not signed]
FirewallRules: [{153A0A67-41F1-4286-9826-EEA469B500CD}] => (Allow) C:\Program Files (x86)\RipTiger\RipTiger.exe () [File not signed]
FirewallRules: [{BBAD6E6D-698D-4357-9C67-E0A5C103FE84}] => (Allow) LPort=427
FirewallRules: [{4E5A54F1-73C3-4B86-A02C-ED312643C62D}] => (Allow) LPort=161
FirewallRules: [{A28973CE-7111-44F8-8615-24D0A54E6D1B}] => (Allow) LPort=427
FirewallRules: [{11EC7FAB-3179-4FB6-820B-B48F027D47AC}] => (Allow) LPort=9100
FirewallRules: [{C8F8D801-53F8-417A-99CF-6053A71328DD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FD55E18E-A5BB-4079-8B97-226EB74F04C3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F07F6D48-E81F-4919-9398-83854EBADA98}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe (Gladinet, Inc. -> Gladinet, INC)
FirewallRules: [{94376BE3-C160-49A1-8BF9-E4AF3375130E}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe (Gladinet, Inc. -> Gladinet, INC)
FirewallRules: [{E597D394-6988-4238-B55E-44E114932A1F}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe (Gladinet, Inc. -> )
FirewallRules: [{205E1E30-72FE-4078-A579-F3661C4101EF}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe (Gladinet, Inc. -> )
FirewallRules: [{D0CF4927-D618-4FE9-8D15-BC310B69AF65}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr2003.exe (Gladinet, Inc. -> )
FirewallRules: [{EE242261-222B-4F2B-A87B-FD9A426862AA}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr2003.exe (Gladinet, Inc. -> )
FirewallRules: [{8538F391-8D62-47FF-B521-6E6EF67141BB}] => (Allow) C:\Users\Ralph\AppData\Roaming\Zoom\bin\Zoom.exe () [Access Denied]
FirewallRules: [{EC0B427F-4442-4C59-9B56-CCC6DA0E5725}] => (Allow) C:\Users\Ralph\AppData\Roaming\RingCentralMeetings\bin\RingCentralMeetings.exe (RingCentral, Inc. -> RingCentral Video Communications, Inc. and RingCentral Inc.)
FirewallRules: [{B3B9A768-4B2F-4D22-B7A8-DE4D01EE5710}] => (Allow) C:\Users\Ralph\AppData\Roaming\RingCentralMeetings\bin\airhost.exe (RingCentral, Inc. -> RingCentral Video Communications, Inc. and RingCentral Inc.)
FirewallRules: [{76874876-21AB-4B73-BA79-4573DD95052D}] => (Allow) LPort=35722
FirewallRules: [{7238B5F2-A9C9-45B1-BE05-1931382214C7}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> )
FirewallRules: [{6FE14FB0-32EC-4D40-A914-B2ACD016BD70}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{CBBE6071-A5AB-496D-BA05-ABAD080BD5C3}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe (Acronis International GmbH -> )
FirewallRules: [{FCC021DC-D85B-4ABD-90D3-6BA189A09128}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> )
FirewallRules: [{AA125820-1778-4800-98B7-77FF21B1DAC8}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe (Acronis International GmbH -> )
FirewallRules: [{B7432F25-6197-44F1-89BE-79BF87228EE2}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe (Acronis International GmbH -> )
FirewallRules: [{0C15F6E9-C7EF-41F0-B8DA-47FD26ADCBAC}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe (Acronis International GmbH -> )
FirewallRules: [{7D315C29-D9B1-4288-9675-6FC3A712D9EF}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe (Acronis International GmbH -> )
FirewallRules: [{FC693ED4-6A1B-473E-AD20-D1B5A6464E36}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\acronis_drive.exe (Acronis International GmbH -> )
FirewallRules: [{473A8207-D6D3-4720-AC90-2FAA34FF207E}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{1AF9040F-483F-43F3-BD51-C81AECA2DE44}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe (Acronis International GmbH -> )
FirewallRules: [{6D96161F-9948-45EC-A825-8422BA1EA9FF}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe (Acronis International GmbH -> )
FirewallRules: [{264C953B-8F04-4A8F-B8DF-37DFF2D3DBBA}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\LicenseActivator.exe (Acronis International GmbH -> )
FirewallRules: [{A3C06B9E-FE07-4F3F-A785-AE2FBD63D460}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Home\report_sender.exe (Acronis International GmbH -> )
FirewallRules: [{159DFF98-B59B-436C-85BB-5666FFA96AA7}] => (Allow) C:\Program Files (x86)\Acronis\Agent\bin\bckp_amgr.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{054E376B-C96F-4A25-86B2-F1AE740BFA5E}] => (Allow) C:\Program Files (x86)\Acronis\Agent\bin\task-manager.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{0AB275F0-44C8-4BE5-BEE7-34C1F7D3C309}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH -> )
FirewallRules: [{67899526-8E09-4740-B63E-B8EAD8DA96C7}] => (Allow) C:\Program Files (x86)\Acronis\Agent\aakore.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{85C0401B-1526-4BA6-B2C9-F5EC4D672B82}] => (Allow) C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{8563FD8A-937B-4292-B7CC-84E4227885EE}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0075B505-9540-40D0-B4A7-4A128115D60C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{550B8055-EBE7-4BEA-AF90-30E07E4D3F1B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{22146F11-B1AE-43D5-9147-C9FBAF7F3E3D}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{618F358E-E8BB-4BBE-9A17-FC390C72516D}] => (Allow) C:\Program Files\HP\HP Color LaserJet Pro MFP M277\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{837DF6C9-F2F7-4A0F-929B-6E2C0BE91156}] => (Allow) C:\Program Files\HP\HP Color LaserJet Pro MFP M277\bin\FaxPrinterUtility.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{E80F28B6-B6F2-4FF0-8F38-C143B9364C6B}] => (Allow) C:\Program Files\HP\HP Color LaserJet Pro MFP M277\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{65888814-4887-43C3-B3CE-018EC87279F5}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M277\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{B04F6003-BE7C-47CE-B065-045FDBE71776}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M277\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{7632EB33-6FE3-47B3-8EAF-D67C4139347B}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M277\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{31D1942D-6C7B-40AC-9DC4-8B2B552E84AC}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M277\bin\EWSProxy.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{4A0F1EE5-37C9-4F1E-BE08-B0FA3759906D}] => (Allow) C:\Users\Ralph\AppData\Roaming\Zoom\bin\Zoom.exe () [Access Denied]
FirewallRules: [{CA8B1614-FC09-442F-9AE8-1C8531A8935A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FB00E388-696E-4973-A63F-88626011E496}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D623C9A7-3AD8-45B3-B69A-A6C8B042C290}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4F1C853F-A0FE-4497-B82E-C704A4CCB973}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BC6230AA-DD95-40AF-A526-0B6BF1893345}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{94D39721-A444-482F-B868-C716A4FD23B6}C:\users\ralph\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\ralph\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{B2130BFA-E1EA-4166-883C-E5DEDBA062FD}C:\users\ralph\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\ralph\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{F24A15DD-40C9-4786-B95F-6F4FC6849B82}C:\soundmodem\soundmodem.exe] => (Allow) C:\soundmodem\soundmodem.exe (UZ7HO Software) [File not signed]
FirewallRules: [UDP Query User{2CCC7FF2-F318-46EF-A234-956265FAEEDB}C:\soundmodem\soundmodem.exe] => (Allow) C:\soundmodem\soundmodem.exe (UZ7HO Software) [File not signed]
FirewallRules: [TCP Query User{B7241DAE-745C-4F6D-A7F4-EEF42304502C}C:\vara\vara.exe] => (Allow) C:\vara\vara.exe (VARA) [File not signed]
FirewallRules: [UDP Query User{E96C58A8-6340-4DF3-9DCE-5504E6A69F62}C:\vara\vara.exe] => (Allow) C:\vara\vara.exe (VARA) [File not signed]
FirewallRules: [{B4FF5809-443A-4219-985F-81D1C0D71FC9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{E22F9D55-C41C-4D9C-9075-4E5D3E7DFC58}C:\vara fm 4.1.4\varafm.exe] => (Allow) C:\vara fm 4.1.4\varafm.exe (VARA) [File not signed]
FirewallRules: [UDP Query User{B227FD69-3AC4-4A07-BBB8-6FBF6CC68483}C:\vara fm 4.1.4\varafm.exe] => (Allow) C:\vara fm 4.1.4\varafm.exe (VARA) [File not signed]
FirewallRules: [{53C5B734-E75D-44E3-9277-51F638E3AC28}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.0.32.0_x64__qmba6cd70vzyy\MyASUS\MyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{18F9AD6E-EF61-48DF-BDFE-620AD723A172}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.0.32.0_x64__qmba6cd70vzyy\MyASUS\MyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{6DC8C2B0-139B-4DC9-855D-F208AFCF9ED7}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.0.32.0_x64__qmba6cd70vzyy\MyASUS\MyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{37603D33-77A5-4EC0-9B62-FAC9E3089EA0}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.0.32.0_x64__qmba6cd70vzyy\MyASUS\MyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]
FirewallRules: [{E540BE0A-F7E0-4EA8-942A-F78E85F6D508}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.34\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8E028393-6989-471E-8629-3F74A09F97F6}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)
FirewallRules: [{6734EFA0-0911-451D-882B-BB84772AF0FE}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{FC995CC6-374C-4FB8-B1F1-47C16146D579}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{7DDC5106-2661-4D64-8434-199B180F73DD}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{ADC021F9-ABA0-4F64-8E44-EFBB26CB44CE}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{47A866B9-1494-45F0-9DC6-B465F85CED14}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{296C966E-74F9-402E-8DBD-C6E4FE3F1F46}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
Name: Speakers (MusCAudio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Speakers (MusCAudio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Speakers (MusCAudio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Speakers (MusCAudio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Speakers (MusCAudio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Speakers (MusCAudio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Speakers (MusCAudio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Speakers (MusCAudio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Speakers (MusCAudio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Speakers (MusCAudio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Speakers (MusCAudio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Speakers (MusCAudio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (11/26/2021 09:39:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Microsoft.Photos.exe, version: 2021.21090.10008.0, time stamp: 0x616f6f86
Faulting module name: KERNELBASE.dll, version: 10.0.19041.1348, time stamp: 0x76fcd692
Exception code: 0xc000027b
Fault offset: 0x000000000010b302
Faulting process id: 0x6994
Faulting application start time: 0x01d7e2c3fab392d7
Faulting application path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2021.21090.10008.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: e13cc696-086c-47ef-8aac-9761d3054cb9
Faulting package full name: Microsoft.Windows.Photos_2021.21090.10008.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App
Error: (11/26/2021 06:41:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: 360TS_Setup.exe, version: 10.8.0.1400, time stamp: 0x60a1f1bb
Faulting module name: AVCheck.dll_unloaded, version: 1.0.0.1027, time stamp: 0x5f17ac20
Exception code: 0xc0000005
Fault offset: 0x00013eae
Faulting process id: 0x550c
Faulting application start time: 0x01d7e2c0a833d570
Faulting application path: C:\Program Files (x86)\1637929506_0\360TS_Setup.exe
Faulting module path: AVCheck.dll
Report Id: 917a704b-51f7-480c-90e2-646542f5005e
Faulting package full name:
Faulting package-relative application ID:
Error: (11/26/2021 06:40:57 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_ON.
Error: (11/26/2021 06:40:56 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (11/26/2021 06:29:35 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Taskmgr.exe version 10.0.19041.1202 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 6ea0
Start Time: 01d7e2c0b1b3b8f8
Termination Time: 15
Application Path: C:\Windows\System32\Taskmgr.exe
Report Id: 1292807a-2f88-4be9-b879-bf24566c5726
Faulting package full name:
Faulting package-relative application ID:
Hang type: Cross-thread
Error: (11/26/2021 06:14:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SnippingTool.exe, version: 10.0.19041.746, time stamp: 0xeb13aef9
Faulting module name: RBVirtualFolder64.dll, version: 1.31.33.0, time stamp: 0x5c6f3982
Exception code: 0xc0000005
Fault offset: 0x0000000000032747
Faulting process id: 0x662c
Faulting application start time: 0x01d7e2bf07c745ab
Faulting application path: C:\WINDOWS\system32\SnippingTool.exe
Faulting module path: C:\Program Files\Roxio\Roxio Burn\RBVirtualFolder64.dll
Report Id: a8fe5b2b-f37e-47ad-b46e-98a6d1eeaba6
Faulting package full name:
Faulting package-relative application ID:
Error: (11/26/2021 06:14:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SnippingTool.exe, version: 10.0.19041.746, time stamp: 0xeb13aef9
Faulting module name: RBVirtualFolder64.dll, version: 1.31.33.0, time stamp: 0x5c6f3982
Exception code: 0xc0000005
Fault offset: 0x0000000000032747
Faulting process id: 0x662c
Faulting application start time: 0x01d7e2bf07c745ab
Faulting application path: C:\WINDOWS\system32\SnippingTool.exe
Faulting module path: C:\Program Files\Roxio\Roxio Burn\RBVirtualFolder64.dll
Report Id: d36f085f-7771-41f8-b365-0489f2796347
Faulting package full name:
Faulting package-relative application ID:
Error: (11/25/2021 11:53:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RogueKiller64.exe, version: 13.4.2.0, time stamp: 0x5d4d9daf
Faulting module name: RogueKiller64.exe, version: 13.4.2.0, time stamp: 0x5d4d9daf
Exception code: 0xc0000005
Fault offset: 0x000000000106eccc
Faulting process id: 0x3668
Faulting application start time: 0x01d7e289486e7da2
Faulting application path: C:\Program Files\RogueKiller\RogueKiller64.exe
Faulting module path: C:\Program Files\RogueKiller\RogueKiller64.exe
Report Id: c0e47181-6b57-4e83-83a4-714925403855
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (11/26/2021 09:42:49 AM) (Source: disk) (EventID: 154) (User: )
Description: The IO operation at logical block address 0x0 for Disk 3 (PDO name: \Device\00000065) failed due to a hardware error.
Error: (11/26/2021 09:42:49 AM) (Source: disk) (EventID: 154) (User: )
Description: The IO operation at logical block address 0x0 for Disk 3 (PDO name: \Device\00000065) failed due to a hardware error.
Error: (11/26/2021 09:42:49 AM) (Source: disk) (EventID: 154) (User: )
Description: The IO operation at logical block address 0x800c000 for Disk 3 (PDO name: \Device\00000065) failed due to a hardware error.
Error: (11/26/2021 09:42:49 AM) (Source: disk) (EventID: 154) (User: )
Description: The IO operation at logical block address 0x800c000 for Disk 3 (PDO name: \Device\00000065) failed due to a hardware error.
Error: (11/26/2021 09:42:49 AM) (Source: disk) (EventID: 154) (User: )
Description: The IO operation at logical block address 0x0 for Disk 3 (PDO name: \Device\00000065) failed due to a hardware error.
Error: (11/26/2021 09:37:43 AM) (Source: disk) (EventID: 154) (User: )
Description: The IO operation at logical block address 0x0 for Disk 3 (PDO name: \Device\00000065) failed due to a hardware error.
Error: (11/26/2021 09:37:43 AM) (Source: disk) (EventID: 154) (User: )
Description: The IO operation at logical block address 0x800c000 for Disk 3 (PDO name: \Device\00000065) failed due to a hardware error.
Error: (11/26/2021 09:37:43 AM) (Source: disk) (EventID: 154) (User: )
Description: The IO operation at logical block address 0x800c000 for Disk 3 (PDO name: \Device\00000065) failed due to a hardware error.
Windows Defender:
================
Date: 2021-11-23 20:24:43
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-11-23 11:48:06
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-11-21 21:57:18
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-11-20 21:28:55
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-11-16 21:10:19
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===============
Date: 2021-11-26 09:32:45
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. P1.50 02/24/2017
Motherboard: ASRock Z270 Killer SLI/ac
Processor: Intel® Core™ i7-7700K CPU @ 4.20GHz
Percentage of memory in use: 86%
Total physical RAM: 16348.4 MB
Available physical RAM: 2161.35 MB
Total Virtual: 62124.21 MB
Available Virtual: 3603.98 MB
==================== Drives ================================
Drive c: (Windows A) (Fixed) (Total:9069.79 GB) (Free:6097.29 GB) NTFS
Drive d: (ESD-USB) (Removable) (Total:31.99 GB) (Free:27.68 GB) FAT32
Drive h: (Windows 
(Fixed) (Total:9223.98 GB) (Free:6360.6 GB) NTFS
\\?\Volume{48a77b6e-e9d2-4027-9054-f603ee1d2468}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS
\\?\Volume{bd88dc5f-845f-4501-8010-319c67c29cd3}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS
\\?\Volume{efd5296f-35b1-4bb4-b397-aef80c545da0}\ () (Fixed) (Total:127.5 GB) (Free:127.47 GB) FAT32
\\?\Volume{9ff0c22b-be5e-4b2f-89fb-53bdb65f7ac3}\ () (Fixed) (Total:89.48 GB) (Free:89.44 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 9314 GB) (Disk ID: 5FA2685E)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 125 GB) (Disk ID: C8288DA9)
Partition 1: (Active) - (Size=32 GB) - (Type=0C)
==========================================================
Disk: 2 (Size: 9314 GB) (Disk ID: 60AA6B55)
Partition: GPT.
==================== End of Addition.txt =======================
Source: https://www.bleepingcomputer.com/forums/t/763493/often-cannot-access-internet-and-cannot-download-files/
Posted by: albertalbertkubane0269593.blogspot.com
Post a Comment