Docucom Pdf Driver Download 64 Bit

Thank you for the quick response

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2021

Ran by Ralph (administrator) on RWDESKTOP1 (26-11-2021 09:23:33)

Running from D:\

Loaded Profiles: Ralph & Administrator

Platform: Microsoft Windows 10 Home Version 21H1 19043.1348 (X64) Language: English (United States)

Default browser: Chrome

Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe

(ADLICE (ASCOET JULIEN) -> ) C:\Program Files\RogueKiller\RogueKiller64.exe

(ADLICE (ASCOET JULIEN) -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <36>

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe

(HP Inc.) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe

(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_ec6acb81b9300f24\RstMwService.exe

(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe

(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe

(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\4.7.101.0\McCSPServiceHost.exe

(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe

(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <3>

(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe

(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe

(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe

(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_21_9\mcapexe.exe

(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MAT\McPvTray.exe

(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe

(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MQS\QcShm.exe

(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MSC\MfeBrowserHost.exe

(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe <2>

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE

(Microsoft Corporation -> Microsoft Corporation) C:\Users\Ralph\Downloads\MSERT (7).exe <2>

(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <3>

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe <2>

(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe

(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(philandro Software GmbH -> philandro Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe

(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe

(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe <3>

(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1187.1\CCleanerBrowserCrashHandler.exe

(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1187.1\CCleanerBrowserCrashHandler64.exe

(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe

(SurfRight B.V. -> SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe <2>

(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe

(Tripp Lite -> Tripp Lite) C:\Program Files (x86)\TrippLite\PowerAlert\engine\pal.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [827200 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)

HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409944 2018-06-22] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC -> Flexera Software LLC.)

HKLM-x32\...\Run: [PaperPort PTD] => C:\Nuance\PaperPort\pptd40nt.exe [36168 2013-05-14] (Nuance Communications, Inc. -> Nuance Communications, Inc.)

HKLM-x32\...\Run: [IndexSearch] => C:\Nuance\PaperPort\IndexSearch.exe [18248 2013-05-14] (Nuance Communications, Inc. -> Nuance Communications, Inc.)

HKLM-x32\...\Run: [PPort14reminder] => C:\Nuance\PaperPort\Ereg\Ereg.exe [330056 2013-03-14] (Nuance Communications, Inc. -> Nuance Communications, Inc.)

HKLM-x32\...\Run: [PDFProHook] => C:\Nuance\PDFViewer\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc. -> Nuance Communications, Inc.)

HKLM-x32\...\Run: [PDFCreHook] => C:\Nuance\PDFCreate\pdfcreate7hook.exe [605512 2013-03-26] (Nuance Communications, Inc. -> Nuance Communications, Inc.)

HKLM-x32\...\Run: [PDF7 Registry Controller] => C:\Nuance\PDFCreate\RegistryController.exe [140616 2013-03-26] (Nuance Communications, Inc. -> Nuance Communications, Inc.)

HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Roxio Easy CD & DVD Burning 2\Common\RoxWatchTray15.exe [303968 2019-01-29] (Corel Corporation -> Corel Corporation)

HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5678624 2020-12-19] (Acronis International GmbH -> )

HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [447520 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)

HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [329992 2015-06-17] (Hewlett-Packard Company -> HP Development Company, L.P.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation)

HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [413000 2021-11-19] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)

HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\Run: [QuickenScheduledUpdates] => C:\Program Files (x86)\Quicken\bagent.exe [77688 2021-02-02] (Quicken Inc. -> Quicken Inc.)

HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\Run: [Zoom] => [X]

HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\Run: [PhotoSync] => C:\Program Files\PhotoSync\PhotoSync.exe [1560248 2020-07-06] (touchbyte GmbH -> touchbyte GmbH)

HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Ralph\AppData\Local\Microsoft\Teams\Update.exe [2452664 2020-12-17] (Microsoft 3rd Party Application Component -> Microsoft Corporation)

HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2542440 2021-11-18] (Microsoft Corporation -> Microsoft Corporation)

HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35342976 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)

HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\Run: [Discord] => C:\Users\Ralph\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)

HKU\S-1-5-21-194608825-1360088445-740081183-500\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2542440 2021-11-18] (Microsoft Corporation -> Microsoft Corporation)

HKLM\...\Windows x64\Print Processors\hpcpp215: C:\Windows\System32\spool\prtprocs\x64\hpcpp215.dll [770232 2018-03-04] (HP Inc. -> HP Inc.)

HKLM\...\Windows x64\Print Processors\HPM1210PrintProc: C:\Windows\System32\spool\prtprocs\x64\HPM1210PP.dll [74240 2012-09-29] (Microsoft Windows Hardware Compatibility Publisher -> )

HKLM\...\Print\Monitors\Advanced TCP/IP Port Monitor: C:\WINDOWS\system32\mvtcpmon.dll [541184 2010-01-28] (Marvell Semiconductor, Inc.) [File not signed]

HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [File not signed]

HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\WINDOWS\system32\HPMPW082.DLL [128184 2018-03-04] (HP Inc. -> HP Inc.)

HKLM\...\Print\Monitors\HPMLM190: C:\WINDOWS\system32\hpmlm190.dll [310968 2018-03-04] (HP Inc. -> HP Inc.)

HKLM\...\Print\Monitors\stkMonitor: C:\WINDOWS\system32\stkMonitor.dll [519848 2019-06-07] (Amazon Services LLC -> Amazon.com, Inc.)

HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\95.1.13052.72\Installer\chrmstp.exe [2021-11-25] (Piriform Software Ltd -> Piriform Software)

HKLM\Software\Microsoft\Active Setup\Installed Components: [{22B65310-8D73-872E-0172-2B7FAD548AA7}] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f

HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-20] (Google LLC -> Google LLC)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2021-06-13]

ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Nuance Cloud Connector.lnk [2019-04-29]

ShortcutTarget: Nuance Cloud Connector.lnk -> C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladLauncher.exe (Gladinet, Inc. -> )

Startup: C:\Users\Ralph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WeatherLink 6.0.5.exe - Shortcut.lnk [2021-02-02]

ShortcutTarget: WeatherLink 6.0.5.exe - Shortcut.lnk -> C:\WeatherLink\WeatherLink 6.0.5.exe (Davis Instruments Corporation -> Davis Instuments Corp.)

GroupPolicy: Restriction ? <==== ATTENTION

Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05139207-6DA2-40C1-8C0D-F133EDD6D299} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-14] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {13F2C360-37DA-4271-B053-66AD0446FED1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-07-16] (Google Inc -> Google Inc.)

Task: {15B86106-F2C9-4E05-A251-F0EE95E2C309} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-08-02] (McAfee, LLC -> McAfee, LLC)

Task: {1E350DFD-1A67-45C4-9450-BD2669C4BB98} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-14] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {1EA16E10-366D-4878-BFD2-07059F641A19} - System32\Tasks\start weather => C:\WeatherLink\WeatherLink 6.0.5.exe [2278440 2018-08-14] (Davis Instruments Corporation -> Davis Instuments Corp.)

Task: {28608118-ABD4-4BCA-9CAD-D199BE4A3016} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-14] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {2C7062A6-D7FE-4688-BF76-8CFEBAFB3115} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412680 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)

Task: {344A2381-0DDE-49AD-9F2B-95FF11030E25} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [39920 2018-10-24] (Garmin International, Inc. -> )

Task: {366544C6-DCDF-4A6B-BBD2-0A089B05CC9A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)

Task: {47FCB8BD-84B4-4EA7-9FA5-BBEA5A2B1A1E} - System32\Tasks\CCleanerSkipUAC - Ralph => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)

Task: {5481FD9C-AEB0-4420-9AE2-37D126817897} - System32\Tasks\RogueKiller Anti-Malware => C:\Program Files\RogueKiller\RogueKiller64.exe [32610648 2021-11-18] (ADLICE (ASCOET JULIEN) -> )

Task: {61CCE711-C567-43FD-B339-B0F939B6F17C} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [91400 2015-12-05] (Hewlett-Packard -> HP Development Company, L.P.)

Task: {653F3403-0B05-4179-A557-E1E151FF66FD} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200600 2021-11-14] (Piriform Software Ltd -> Piriform Software)

Task: {66332BA6-F183-4724-880F-2C7E30475B45} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel® Trust Services -> Intel® Corporation)

Task: {6C0FB617-9ECC-4B44-9F7A-4803C99A1998} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK

Task: {6CA06D22-038F-4C3D-A2AB-2BB2AD1E7A6B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)

Task: {6D139206-5FE3-43D3-A71B-3EF548D15A4E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22654872 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)

Task: {733FDF3D-951D-4454-8E96-E188A6C0B081} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4072312 2021-11-18] (Microsoft Corporation -> Microsoft Corporation)

Task: {75175E83-A69E-4825-A586-05CDFFD61D3C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-07-16] (Google Inc -> Google Inc.)

Task: {792E6560-6305-44FC-B8AD-B06966517702} - System32\Tasks\restart at midnight => shutdown /r

Task: {7D17178E-54BD-4F96-9A8E-EC9796902D57} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-14] (Microsoft Windows Publisher -> Microsoft Corporation)

Task: {9300FF21-AC36-4597-BE98-4C3CA09546B3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)

Task: {AE8BED82-9150-4881-814D-0E6A608361E1} - System32\Tasks\reboot => shutdown /f /r

Task: {BD363BB6-80E8-474E-AB27-D8B7C93A7E85} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-200F0L3-Ralph => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

Task: {BDED68A0-D06C-4EB9-9216-41042BBCB6BD} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2515248 2021-11-12] (Piriform Software Ltd -> Piriform Software)

Task: {C5B9ED05-5DD2-4FB0-8413-70DF8FF8A8C2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2021-11-14] (Microsoft Corporation -> Microsoft Corporation)

Task: {CD82B053-42FA-4B6A-B1EE-21672ADF2698} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200600 2021-11-14] (Piriform Software Ltd -> Piriform Software)

Task: {D0FA0E8E-B82B-4EBF-B12F-D75215E49487} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [680888 2021-11-13] (Mozilla Corporation -> Mozilla Foundation)

Task: {D8D5D333-6ACB-488C-A57D-77B00DB5043A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform)

Task: {DF12BCC6-BC51-4014-926C-5241B05D6280} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4695104 2021-10-01] (McAfee, LLC -> McAfee, LLC)

Task: {E3AB6A26-074D-4CAD-AA3C-7F3675E586B7} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [4119992 2021-10-07] (McAfee, LLC -> McAfee, LLC)

Task: {E5DA95D4-00B9-4F30-9A3B-7112CE832BB3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Users\Ralph\Downloads\MSERT (5).exe [154218944 2021-11-19] (Microsoft Corporation -> Microsoft Corporation)

Task: {E7BC217D-BFD3-4E99-A556-F0032D29F5ED} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [757944 2021-05-06] (McAfee, LLC -> McAfee, LLC)

Task: {EEBD0C02-B2C2-4BD0-995B-61182AE4E2AC} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2515248 2021-11-12] (Piriform Software Ltd -> Piriform Software)

Task: {F0E44D76-A474-419B-840F-6B15C87D193C} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-08-02] (McAfee, LLC -> McAfee, LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

Tcpip\..\Interfaces\{217a01bd-7404-41ae-adb4-66528c62818c}: [DhcpNameServer] 192.168.0.1

Tcpip\..\Interfaces\{b8edf699-759c-4839-bac4-093bea91afa1}: [DhcpNameServer] 192.168.1.1

Edge:

=======

DownloadDir: C:\Users\Ralph\Downloads

Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]

Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]

Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]

Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]

Edge DefaultProfile: Default

Edge Profile: C:\Users\Ralph\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-25]

Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Ralph\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-11-13]

Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:

========

FF DefaultProfile: 1mni5tj0.default

FF ProfilePath: C:\Users\Ralph\AppData\Roaming\Mozilla\Firefox\Profiles\1mni5tj0.default [2021-11-26]

FF Notifications: Mozilla\Firefox\Profiles\1mni5tj0.default -> hxxps://www.cheatersbleepbook.com; hxxps://www.1800flowers.com

FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Ralph\AppData\Roaming\Mozilla\Firefox\Profiles\1mni5tj0.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2021-09-22]

FF Extension: (Malwarebytes Browser Guard) - C:\Users\Ralph\AppData\Roaming\Mozilla\Firefox\Profiles\1mni5tj0.default\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-09-22]

FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi

FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-05-14] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]

FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found

FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension

FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [Legacy] [not signed]

FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2021-11-05] [Legacy] [not signed]

FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2021-10-22] (McAfee, LLC -> )

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-06-22] (Adobe Systems Incorporated -> Adobe Systems)

FF Plugin-x32: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-11-14] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-11-14] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2021-10-22] (McAfee, LLC -> )

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-23] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-23] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]

FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1187.1\npCCleanerBrowserUpdate3.dll [2021-11-14] (Piriform Software Ltd -> Piriform Software)

FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1187.1\npCCleanerBrowserUpdate3.dll [2021-11-14] (Piriform Software Ltd -> Piriform Software)

FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=3.0.14 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-06-22] (Adobe Systems Incorporated -> Adobe Systems)

FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Nuance\PDFViewer\bin\nppdf.dll [2011-07-15] (Zeon Corporation -> Zeon Corporation)

FF Plugin HKU\S-1-5-21-194608825-1360088445-740081183-1001: @ringcentral.com/RingCentralMeetingsPlugin -> C:\Users\Ralph\AppData\Roaming\RingCentralMeetings\bin\nprcmsplugin.dll [2020-08-20] (RingCentral, Inc. -> RingCentral Video Communications, Inc. and RingCentral Inc.)

StartMenuInternet: Firefox- - kernel32::GetLongPathNameW(w R8, w .R7, i 1024)i .R6

Chrome:

=======

CHR Profile: C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default [2021-11-26]

CHR DownloadDir: C:\Users\Ralph\Downloads

CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://service.mcafee.com; hxxps://update.easeus.com; hxxps://www.cnet.com; hxxps://www.facebook.com

CHR HomePage: Default -> hxxp://google.com/

CHR StartupUrls: Default -> "hxxp://google.com/"

CHR NewTab: Default ->  Not-active:"chrome-extension://jmofnfjbcjebicmefnlbanlijkhanlmd/index.html"

CHR Extension: (Docs) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-16]

CHR Extension: (Google Drive) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]

CHR Extension: (YouTube) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-16]

CHR Extension: (Magnifying Glass) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\elhdjgjjmodgmhkokebhegekjooiaofm [2021-05-21]

CHR Extension: (Sheets) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-16]

CHR Extension: (McAfee® WebAdvisor) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-10-31]

CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-11-25]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]

CHR Extension: (Gmail) - C:\Users\Ralph\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]

CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [504160 2017-12-14] (Corel Corporation -> )

S4 aakore; C:\Program Files (x86)\Acronis\Agent\aakore.exe [15839648 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)

R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [12905888 2020-12-19] (Acronis International GmbH -> )

S4 AcronisCyberProtectionService; C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe [1421352 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)

S4 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1264400 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)

S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-06-22] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

S4 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6388072 2021-03-02] (Acronis International GmbH -> )

S4 Agent; C:\Program Files\Agent\Agent.exe [5569416 2019-05-17] (DEVELOPER IN A BOX (THE PLAYFUL GROUP PTY LTD) -> DeveloperInABox)

S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3780296 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)

S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3548360 2021-02-17] (Adobe Inc. -> Adobe Systems, Incorporated)

R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3743984 2021-10-05] (philandro Software GmbH -> philandro Software GmbH)

S4 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [46432 2019-03-30] (Corel Corporation -> )

S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200600 2021-11-14] (Piriform Software Ltd -> Piriform Software)

S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\95.1.13052.72\elevation_service.exe [1713640 2021-11-12] (Piriform Software Ltd -> Piriform Software)

S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200600 2021-11-14] (Piriform Software Ltd -> Piriform Software)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12034464 2021-11-04] (Microsoft Corporation -> Microsoft Corporation)

R3 EPMVssEaseusProvider; C:\WINDOWS\system32\dllhost.exe /Processid:{6D50743C-2A15-43BE-A86D-907D96A153D9} [21312 2020-10-13] (Microsoft Windows -> Microsoft Corporation)

S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncHelper.exe [3279232 2021-11-18] (Microsoft Corporation -> Microsoft Corporation)

S4 GladFileMonSvc; C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe [30032 2013-05-05] (Gladinet, Inc. -> Gladinet, INC)

S4 GSService; C:\WINDOWS\SysWOW64\GSService.exe [444640 2014-07-28] (cyan soft ltd -> )

S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [151496 2021-08-28] (SurfRight B.V. -> SurfRight B.V.)

R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [5155024 2021-11-17] (SurfRight B.V. -> SurfRight B.V.)

R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176640 2020-02-11] (HP Inc.) [File not signed]

S4 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [361888 2012-07-25] (Hewlett-Packard Company -> HP)

S4 HPSIService; C:\Windows\system32\HPSIsvc.exe [126856 2012-11-08] (Hewlett-Packard Company -> HP)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7848632 2021-11-11] (Malwarebytes Inc -> Malwarebytes)

S4 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [971976 2021-05-13] (McAfee, LLC -> McAfee, LLC)

R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_21_9\McApExe.exe [797576 2021-10-22] (McAfee, LLC -> McAfee, LLC)

R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\4.7.101.0\\McCSPServiceHost.exe [2845608 2021-10-11] (McAfee, LLC -> McAfee, LLC)

S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)

R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)

R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)

S4 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)

S4 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)

S4 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [2102096 2020-12-19] (Acronis International GmbH -> )

R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1677024 2021-10-23] (McAfee, LLC -> McAfee, LLC)

S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2016-06-15] (HP Inc.) [File not signed]

S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.220.1024.0005\OneDriveUpdaterService.exe [3736424 2021-11-18] (Microsoft Corporation -> Microsoft Corporation)

S4 PDFProFiltSrvPP; C:\Nuance\PaperPort\PDFProFiltSrvPP.exe [77640 2013-05-14] (Nuance Communications, Inc. -> Nuance Communications, Inc.)

R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4288832 2021-08-31] (McAfee, LLC -> McAfee, LLC)

S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2016-06-15] (HP Inc.) [File not signed]

R2 PowerAlert Agent; C:\Program Files (x86)\TrippLite\PowerAlert\engine\pal.exe [1836472 2020-07-16] (Tripp Lite -> Tripp Lite)

R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [14204760 2021-11-18] (ADLICE (ASCOET JULIEN) -> )

S4 RoxioBurnLauncher; C:\Program Files (x86)\Roxio Easy CD & DVD Burning 2\Roxio Burn\RoxioBurnLauncher.exe [1234272 2019-04-14] (Corel Corporation -> )

S4 RoxMediaDB15; C:\Program Files (x86)\Roxio Easy CD & DVD Burning 2\Common\RoxMediaDB15.exe [1163616 2019-01-29] (Corel Corporation -> Corel Corporation)

S4 RoxWatch15; C:\Program Files (x86)\Roxio Easy CD & DVD Burning 2\Common\RoxWatch15.exe [300896 2019-01-29] (Corel Corporation -> Corel Corporation)

S4 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7394008 2020-12-19] (Acronis International GmbH -> )

R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14657832 2021-07-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

S4 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [5911456 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)

S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-14] (Microsoft Windows Publisher -> Microsoft Corporation)

R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-14] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AsrDrv102; C:\Windows\SysWOW64\Drivers\AsrDrv102.sys [22248 2018-08-13] (ASROCK Incorporation -> ASRock Incorporation) [File not signed]

R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2020-12-19] (Bitdefender SRL -> Bitdefender)

R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [74752 2021-09-28] (McAfee, Inc. -> McAfee, LLC)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

S3 epmdkdrv; C:\WINDOWS\system32\epmdkdrv.sys [36280 2021-04-21] (CHENGDU YIWO Tech Development Co., Ltd. -> )

R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2021-04-21] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows ® Codename Longhorn DDK provider)

R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-09-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

R0 EUDCPEPM; C:\WINDOWS\system32\drivers\EUDCPEPM.sys [76344 2021-04-21] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)

S3 EUDCPEPM0; C:\WINDOWS\system32\drivers\EUDCPEPM0.sys [76344 2021-04-21] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)

R1 EUEDKEPM; C:\WINDOWS\system32\drivers\EUEDKEPM.sys [33712 2021-04-21] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)

R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [721536 2021-03-02] (Acronis International GmbH -> Acronis International GmbH)

R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [392840 2021-03-02] (Acronis International GmbH -> Acronis International GmbH)

S3 gdrv2; C:\WINDOWS\gdrv2.sys [32008 2021-11-13] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)

R1 hmpalert; C:\WINDOWS\system32\drivers\hmpalert.sys [412656 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> SurfRight B.V.)

S3 HP1210FAX; C:\WINDOWS\System32\Drivers\HPM1210FAX.sys [16384 2011-04-15] () [File not signed]

R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-10-20] (Martin Malik - REALiX -> REALiX™)

R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [62984 2019-08-21] (Intel Corporation -> Intel Corporation)

R0 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210352 2021-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)

R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [193448 2021-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2021-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-11] (Malwarebytes Inc -> Malwarebytes)

R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2021-11-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)

R2 McPvDrv; C:\WINDOWS\system32\drivers\McPvDrv.sys [97696 2021-07-27] (McAfee, LLC -> McAfee, LLC)

R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [574464 2021-09-28] (McAfee, Inc. -> McAfee, LLC)

R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [390656 2021-09-28] (McAfee, Inc. -> McAfee, LLC)

S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [90048 2021-09-28] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)

R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [526336 2021-09-28] (McAfee, Inc. -> McAfee, LLC)

R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [1088512 2021-09-28] (McAfee, Inc. -> McAfee, LLC)

R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [638464 2021-09-16] (McAfee, Inc. -> McAfee LLC.)

S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [110080 2021-09-16] (McAfee, Inc. -> McAfee LLC.)

R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [118784 2021-09-28] (McAfee, Inc. -> McAfee, LLC)

R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [256512 2021-09-28] (McAfee, Inc. -> McAfee, LLC)

R3 MusCAudio; C:\WINDOWS\system32\drivers\MusCAudio.sys [36064 2014-07-28] (cyan soft ltd -> Windows ® Win 7 DDK provider)

S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2011-04-15] (Marvell Semiconductor, Inc.) [File not signed]

R1 ngscan; C:\WINDOWS\System32\DRIVERS\ngscan.sys [171312 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)

R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2010-07-15] (CACE Technologies, Inc. -> CACE Technologies, Inc.)

R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-05-29] (MiniTool Solution Ltd -> )

S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-05-29] (MiniTool Solution Ltd -> )

R1 PxHelpFilter; C:\WINDOWS\system32\Drivers\PxHelpFilter.sys [24032 2018-06-08] (Corel Corporation -> Corel Corporation)

R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [73464 2019-03-28] (Corel Corporation -> Corel Corporation)

U3 RkFlt; C:\Windows\System32\drivers\rkflt.sys [42056 2021-11-25] (Adlice -> )

R3 RSBCdFilter; C:\WINDOWS\system32\Drivers\RSBCdFilter.sys [25568 2018-06-08] (Corel Corporation -> Corel Corporation)

U5 RSBFilter; C:\Windows\System32\Drivers\RSBFilter.sys [27616 2018-06-08] (Corel Corporation -> Corel Corporation)

R0 RSBFsFilter; C:\WINDOWS\System32\Drivers\RSBFsFilter.sys [28128 2018-06-08] (Corel Corporation -> Corel Corporation)

R0 Sahdad64; C:\WINDOWS\System32\Drivers\Sahdad64.sys [46392 2017-12-14] (Corel Corporation -> Corel Corporation)

R0 Saibad64; C:\WINDOWS\System32\Drivers\Saibad64.sys [38200 2017-12-14] (Corel Corporation -> Corel Corporation)

R1 SaibVdAd64; C:\WINDOWS\System32\Drivers\SaibVdAd64.sys [45880 2017-12-14] (Corel Corporation -> Corel Corporation)

S3 Ser2pl; C:\WINDOWS\system32\DRIVERS\ser2pl64.sys [303000 2021-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)

S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

S3 tapsurfshark; C:\WINDOWS\System32\drivers\tapsurfshark.sys [38728 2019-05-22] (WDKTestCert Lenovo,131775874531219913 -> The OpenVPN Project)

S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [887032 2021-03-02] (Acronis International GmbH -> Acronis International GmbH)

R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [176248 2021-03-02] (Acronis International GmbH -> Acronis International GmbH)

S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [694920 2021-03-02] (Acronis International GmbH -> Acronis International GmbH)

U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2021-11-25] (Adlice -> )

R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [334984 2021-03-02] (Acronis International GmbH -> Acronis International GmbH)

R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [251016 2021-03-02] (Acronis International GmbH -> Acronis International GmbH)

S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)

S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)

R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-14] (Microsoft Windows -> Microsoft Corporation)

S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-14] (Microsoft Windows -> Microsoft Corporation)

S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]

S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X]

S3 mfeavfk01; \Device\mfeavfk01.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-26 06:29 - 2021-11-26 06:29 - 000000000 ____D C:\Users\Ralph\AppData\Roaming\360TotalSecurity

2021-11-26 06:29 - 2021-11-26 06:29 - 000000000 ____D C:\ProgramData\360TotalSecurity

2021-11-26 06:26 - 2021-11-26 06:26 - 000000000 ____D C:\Program Files (x86)\360

2021-11-26 06:24 - 2021-11-26 06:24 - 092417104 _____ C:\Users\Ralph\Downloads\360TS_Setup.exe

2021-11-26 06:23 - 2021-11-26 06:23 - 001530952 _____ (QIHU 360 SOFTWARE CO. LIMITED) C:\Users\Ralph\Downloads\360TS_Setup_Mini.exe

2021-11-26 06:18 - 2021-11-26 06:18 - 000000047 _____ C:\Users\Ralph\Desktop\360 protect key.txt

2021-11-26 04:52 - 2021-11-26 04:52 - 000003431 _____ C:\Users\Ralph\Desktop\rogue killer 1 rogue.txt

2021-11-25 23:59 - 2021-11-25 23:59 - 000042056 _____ C:\WINDOWS\system32\Drivers\rkflt.sys

2021-11-25 23:54 - 2021-11-25 23:54 - 000038032 _____ C:\WINDOWS\system32\Drivers\truesight.sys

2021-11-25 23:51 - 2021-11-25 23:51 - 041660008 _____ (Adlice Software ) C:\Users\Ralph\Downloads\RogueKiller_setup.exe

2021-11-25 23:48 - 2021-11-25 23:48 - 000003146 _____ C:\WINDOWS\system32\Tasks\RogueKiller Anti-Malware

2021-11-25 20:07 - 2021-11-25 20:07 - 000193448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys

2021-11-25 20:07 - 2021-11-25 20:07 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys

2021-11-25 20:06 - 2021-11-25 20:06 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys

2021-11-25 19:08 - 2021-11-25 20:08 - 000000000 ____D C:\Users\Ralph\AppData\Local\Discord

2021-11-25 19:08 - 2021-11-25 19:38 - 000000000 ____D C:\Users\Ralph\AppData\Roaming\discord

2021-11-25 19:08 - 2021-11-25 19:08 - 082973864 _____ (Discord Inc.) C:\Users\Ralph\Downloads\DiscordSetup.exe

2021-11-25 19:08 - 2021-11-25 19:08 - 000002236 _____ C:\Users\Ralph\Desktop\Discord.lnk

2021-11-25 19:08 - 2021-11-25 19:08 - 000000000 ____D C:\Users\Ralph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc

2021-11-25 15:10 - 2021-11-26 09:37 - 000000000 ____D C:\FRST

2021-11-25 13:36 - 2021-11-25 13:36 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Ralph\Downloads\rkill (13).exe

2021-11-23 23:49 - 2021-11-23 23:49 - 000000000 ___HD C:\$Windows.~WS

2021-11-19 13:30 - 2021-11-19 13:50 - 000000163 _____ C:\Users\Ralph\Documents\k5eoc microsoft account.txt

2021-11-17 11:21 - 2021-11-17 11:21 - 001072640 _____ (SurfRight B.V.) C:\WINDOWS\system32\hmpalert.dll

2021-11-17 11:21 - 2021-11-17 11:21 - 001060848 _____ (SurfRight B.V.) C:\WINDOWS\SysWOW64\hmpalert.dll

2021-11-17 11:21 - 2021-11-17 11:21 - 000171728 _____ (SurfRight B.V.) C:\WINDOWS\system32\hmpshell.dll

2021-11-17 00:58 - 2021-11-17 00:58 - 006617697 _____ C:\Users\Ralph\Downloads\1910012704_Archer A20(US)_UG_REV1.1.0.pdf

2021-11-16 19:44 - 2021-11-16 19:44 - 000000000 ____D C:\USB Drive

2021-11-16 19:19 - 2021-11-16 19:19 - 000000000 ____D C:\Users\Ralph\Downloads\Winlink_Express_install_1-5-42-0

2021-11-16 19:18 - 2021-11-16 19:18 - 034131990 _____ C:\Users\Ralph\Downloads\Winlink_Express_install_1-5-42-0.zip

2021-11-15 14:09 - 2021-11-15 14:17 - 000000000 ____D C:\Users\Ralph\Documents\windows 10 pro 11.21

2021-11-15 14:07 - 2021-11-15 14:07 - 000000000 ____D C:\$WINDOWS.~BT

2021-11-14 20:38 - 2021-11-14 20:38 - 000040538 _____ C:\Users\Ralph\Documents\cc_20211114_203754.reg

2021-11-14 20:19 - 2021-11-14 20:19 - 000000955 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.28.lnk

2021-11-14 20:11 - 2021-11-25 04:17 - 000002396 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk

2021-11-14 20:11 - 2021-11-25 04:17 - 000002361 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk

2021-11-14 20:11 - 2021-11-25 04:17 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser

2021-11-14 20:11 - 2021-11-14 20:11 - 000003842 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)

2021-11-14 20:11 - 2021-11-14 20:11 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineUA

2021-11-14 20:11 - 2021-11-14 20:11 - 000003350 _____ C:\WINDOWS\system32\Tasks\CCleanerUpdateTaskMachineCore

2021-11-14 20:11 - 2021-11-14 20:11 - 000003258 _____ C:\WINDOWS\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)

2021-11-14 20:11 - 2021-11-14 20:11 - 000000000 ____D C:\Users\Ralph\AppData\Local\CCleaner Browser

2021-11-14 20:11 - 2021-11-14 20:11 - 000000000 ____D C:\ProgramData\CCleaner Browser

2021-11-14 20:09 - 2021-11-14 20:09 - 000002894 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Ralph

2021-11-14 19:51 - 2021-11-14 19:51 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Ralph\Downloads\rkill (12).exe

2021-11-14 19:51 - 2021-11-14 19:51 - 000988112 _____ (Bleeping Computer, LLC) C:\Users\Ralph\Downloads\rkill (12)64.exe

2021-11-14 19:46 - 2021-11-14 19:46 - 001036019 _____ C:\Users\Ralph\Downloads\EqualAreaRule.pdf

2021-11-14 19:46 - 2021-11-14 19:46 - 000789247 _____ C:\Users\Ralph\Downloads\Nec2dXS_VM.zip

2021-11-14 19:46 - 2021-11-14 19:46 - 000684768 _____ C:\Users\Ralph\Downloads\Nec2d.zip

2021-11-14 19:46 - 2021-11-14 19:46 - 000116754 _____ C:\Users\Ralph\Downloads\Nec2Manual.zip

2021-11-14 19:45 - 2021-11-14 19:45 - 000071485 _____ C:\Users\Ralph\Downloads\Tutorial.pdf

2021-11-14 19:39 - 2021-11-14 19:40 - 001792509 _____ C:\Users\Ralph\Downloads\Tutorial_4NEC2_english.pdf

2021-11-14 19:39 - 2021-11-14 19:40 - 001651122 _____ C:\Users\Ralph\Downloads\NEC_tutorial2.pdf

2021-11-14 19:37 - 2021-11-14 19:40 - 004281177 _____ C:\Users\Ralph\Downloads\4nec2.zip

2021-11-14 19:37 - 2021-11-14 19:40 - 004281177 _____ C:\Users\Ralph\Downloads\4nec2 (1).zip

2021-11-13 18:21 - 2021-11-13 18:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla

2021-11-13 17:08 - 2021-11-13 17:08 - 014233600 _____ C:\Users\Ralph\Downloads\WindowsPCHealthCheckSetup (1).msi

2021-11-13 16:38 - 2021-11-13 16:39 - 014315224 _____ C:\Users\Ralph\Downloads\PH-ES614P_Western.pdf

2021-11-13 15:47 - 2021-11-13 15:48 - 009974973 _____ C:\Users\Ralph\Documents\mb_manual_z390-ud_v2_e.pdf

2021-11-13 15:37 - 2021-11-13 15:37 - 012180445 _____ C:\Users\Ralph\Downloads\mb_manual_z390-ud_v2_e.pdf

2021-11-13 15:37 - 2021-11-13 15:37 - 012180445 _____ C:\Users\Ralph\Downloads\mb_manual_z390-ud_v2_e (1).pdf

2021-11-13 15:19 - 2021-11-13 15:19 - 000032008 ____N (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\WINDOWS\gdrv2.sys

2021-11-13 15:19 - 2021-11-13 15:19 - 000000010 _____ C:\WINDOWS\GSetup.ini

2021-11-13 15:19 - 2018-04-10 16:45 - 000081408 ____R (Microsoft Corporation) C:\WINDOWS\devcon.exe

2021-11-13 15:19 - 2009-08-27 01:04 - 000207400 ____R () C:\WINDOWS\GSetup.exe

2021-11-11 06:51 - 2021-11-11 06:51 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys

2021-11-11 06:51 - 2021-11-11 06:51 - 000210352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys

2021-11-11 01:38 - 2021-11-11 01:38 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe

2021-11-11 01:38 - 2021-11-11 01:38 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim

2021-11-11 01:37 - 2021-11-11 01:37 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe

2021-11-11 01:37 - 2021-11-11 01:37 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe

2021-11-11 01:17 - 2021-11-11 01:17 - 000000000 ___HD C:\$WinREAgent

2021-11-06 07:27 - 2021-11-23 21:03 - 000000000 ____D C:\WINDOWS\Minidump

2021-11-06 04:58 - 2021-11-23 23:49 - 000000000 ____D C:\WINDOWS\Panther

2021-10-31 18:15 - 2021-10-31 18:15 - 000000000 ____D C:\Users\Ralph\Downloads\CP210x_Windows_Drivers (2)

2021-10-31 18:00 - 2021-10-31 18:00 - 014251852 _____ C:\Users\Ralph\Downloads\FT-891_Advance_Manual_ENG_1806-F (1).pdf

2021-10-31 17:58 - 2021-10-31 17:58 - 003856720 _____ C:\Users\Ralph\Downloads\CP210x_Windows_Drivers (2).zip

2021-10-31 17:58 - 2021-10-31 17:58 - 001564297 _____ C:\Users\Ralph\Downloads\FT-891_Firmware_Ver_Up_Manual_ENG.pdf

2021-10-31 17:58 - 2021-10-31 17:58 - 000435644 _____ C:\Users\Ralph\Downloads\USB_Driver_Installation_Manual_ENG_1610-B0 (2).pdf

2021-10-31 17:58 - 2021-10-31 17:58 - 000078868 _____ C:\Users\Ralph\Downloads\FT-891 Update Firmware Information 02-01-21.pdf

2021-10-31 17:57 - 2021-10-31 17:58 - 002358496 _____ C:\Users\Ralph\Downloads\FT-891_Firmware_Update_2021_02.zip

2021-10-31 17:57 - 2021-10-31 17:57 - 020671641 _____ C:\Users\Ralph\Downloads\FT-891_OM_ENG_EH065H201_1611A-BO-2.pdf

2021-10-31 17:57 - 2021-10-31 17:57 - 014251852 _____ C:\Users\Ralph\Downloads\FT-891_Advance_Manual_ENG_1806-F.pdf

2021-10-31 17:57 - 2021-10-31 17:57 - 003210309 _____ C:\Users\Ralph\Downloads\SCU-17_EAK21X704_1801R-ES (1).pdf

2021-10-31 17:57 - 2021-10-31 17:57 - 003135774 _____ C:\Users\Ralph\Downloads\M-1_OM_ENG_EBA33X100_1610L-AO-1.pdf

2021-10-30 15:38 - 2021-10-30 15:38 - 008553680 _____ (Malwarebytes) C:\Users\Ralph\Downloads\AdwCleaner(2).exe

2021-10-30 08:04 - 2021-10-30 08:04 - 000000072 ____H C:\Users\Ralph\Documents\~$TEXAS STATE RACES Rev. 5 (2).pdf.ppwritelock

2021-10-27 04:41 - 2021-10-27 04:41 - 000000020 _____ C:\Users\Ralph\Documents\mary stark nov 6.txt

2021-10-27 04:40 - 2021-10-27 04:40 - 000000016 _____ C:\Users\Ralph\Documents\corw i9.txt

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-26 09:39 - 2019-12-07 03:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2021-11-26 09:39 - 2018-07-16 13:59 - 000000000 ____D C:\Users\Ralph\AppData\Local\CrashDumps

2021-11-26 09:28 - 2018-07-15 21:09 - 000000000 ____D C:\Users\Ralph\AppData\Local\Packages

2021-11-26 09:10 - 2020-07-20 23:51 - 000004164 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{E48C46AB-81D5-4084-935A-8E2B2B8779E5}

2021-11-26 09:04 - 2018-07-16 02:28 - 000000000 ____D C:\Program Files (x86)\Google

2021-11-26 08:50 - 2020-07-20 23:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2021-11-26 05:56 - 2018-07-15 22:06 - 000000000 ____D C:\Users\Ralph\Documents\Outlook Files

2021-11-26 05:36 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\Registration

2021-11-26 02:59 - 2019-10-01 22:17 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData

2021-11-26 02:53 - 2018-07-21 19:25 - 000000000 ____D C:\Program Files\CCleaner

2021-11-26 02:51 - 2020-04-15 01:08 - 000000000 ____D C:\Users\Ralph\AppData\LocalLow\IGDump

2021-11-26 00:24 - 2018-07-21 18:40 - 000000000 ____D C:\ProgramData\RogueKiller

2021-11-25 23:54 - 2018-07-21 18:40 - 000000908 _____ C:\Users\Public\Desktop\RogueKiller.lnk

2021-11-25 23:54 - 2018-07-21 18:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller

2021-11-25 23:54 - 2018-07-21 18:40 - 000000000 ____D C:\Program Files\RogueKiller

2021-11-25 20:51 - 2019-08-13 11:07 - 000646550 _____ C:\Users\Ralph\Desktop\Rkill.txt

2021-11-25 20:18 - 2020-12-15 19:27 - 000000000 __RSD C:\Users\Ralph\Documents\McAfee Vaults

2021-11-25 20:10 - 2020-07-20 23:51 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update

2021-11-25 20:10 - 2020-07-20 23:44 - 000005768 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2021-11-25 20:06 - 2021-06-23 11:48 - 000000000 ____D C:\Program Files\TeamViewer

2021-11-25 20:05 - 2020-07-20 23:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2021-11-25 20:05 - 2020-07-20 23:41 - 000008192 ___SH C:\DumpStack.log.tmp

2021-11-25 20:05 - 2019-07-22 09:02 - 000000000 ____D C:\ProgramData\HitmanPro.Alert

2021-11-25 19:44 - 2018-07-17 14:29 - 000000000 ____D C:\ProgramData\HitmanPro

2021-11-25 19:23 - 2019-12-07 03:13 - 000000000 ____D C:\WINDOWS\INF

2021-11-25 19:21 - 2020-05-08 08:43 - 000000000 ____D C:\Users\Ralph\sdr2

2021-11-25 19:08 - 2020-10-15 17:59 - 000000000 ____D C:\Users\Ralph\AppData\Local\SquirrelTemp

2021-11-25 17:45 - 2018-07-15 22:38 - 000000000 ____D C:\WeatherLink

2021-11-25 17:41 - 2020-07-20 22:09 - 000000000 ____D C:\Users\Administrator

2021-11-25 17:39 - 2020-07-20 22:09 - 000000000 ____D C:\Users\Ralph

2021-11-25 17:37 - 2020-07-20 23:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee

2021-11-25 17:37 - 2019-12-07 03:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM

2021-11-25 15:30 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports

2021-11-25 03:43 - 2020-07-11 16:34 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk

2021-11-25 03:43 - 2020-07-11 16:34 - 000002285 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk

2021-11-25 03:43 - 2019-12-07 03:14 - 000000000 ___HD C:\Program Files\WindowsApps

2021-11-25 03:43 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\AppReadiness

2021-11-24 14:49 - 2018-07-30 10:41 - 000000000 ____D C:\ESD

2021-11-23 23:49 - 2020-07-20 23:50 - 000018412 _____ C:\WINDOWS\diagwrn.xml

2021-11-23 23:49 - 2020-07-20 23:50 - 000015243 _____ C:\WINDOWS\diagerr.xml

2021-11-23 20:59 - 2018-07-15 21:49 - 002090205 ____N C:\WINDOWS\Minidump\112321-57593-01.dmp

2021-11-23 20:47 - 2019-08-06 15:49 - 000000000 ____D C:\ProgramData\AnyDesk

2021-11-23 19:25 - 2019-08-06 15:49 - 000000000 ____D C:\Program Files (x86)\AnyDesk

2021-11-21 13:18 - 2021-09-28 17:45 - 000000000 ____D C:\Users\Ralph\Documents\Bexar County ARES Net Script210921

2021-11-20 21:17 - 2020-10-31 23:09 - 000000000 ____D C:\RMS Express

2021-11-20 10:05 - 2020-12-06 20:15 - 000000782 _____ C:\Users\Ralph\Desktop\VARAFM.ini

2021-11-20 09:56 - 2018-07-15 21:49 - 001236037 ____N C:\WINDOWS\Minidump\112021-65359-01.dmp

2021-11-20 06:05 - 2020-05-10 14:00 - 000002310 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2021-11-20 06:05 - 2020-05-10 14:00 - 000002269 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2021-11-20 05:10 - 2018-07-15 21:49 - 001638149 ____N C:\WINDOWS\Minidump\112021-42515-01.dmp

2021-11-19 21:11 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\NDF

2021-11-19 12:10 - 2018-07-15 21:49 - 001479875 ____N C:\WINDOWS\Minidump\111921-35265-01.dmp

2021-11-18 20:53 - 2021-09-17 13:57 - 000000000 ____D C:\Program Files\Microsoft OneDrive

2021-11-18 20:53 - 2018-07-15 21:49 - 000900769 ____N C:\WINDOWS\Minidump\111821-64875-01.dmp

2021-11-18 18:40 - 2021-06-05 20:37 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task

2021-11-18 18:40 - 2021-06-05 20:37 - 000002141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2021-11-18 18:37 - 2020-07-20 23:51 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA

2021-11-18 18:37 - 2020-07-20 23:51 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

2021-11-17 14:12 - 2019-07-22 09:02 - 000000000 ____D C:\Program Files (x86)\HitmanPro.Alert

2021-11-17 14:11 - 2019-12-07 03:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI

2021-11-17 11:21 - 2019-07-22 09:02 - 000412656 _____ (SurfRight B.V.) C:\WINDOWS\system32\Drivers\hmpalert.sys

2021-11-17 07:07 - 2018-07-15 21:25 - 000000000 ____D C:\ProgramData\Packages

2021-11-16 19:22 - 2021-10-01 13:44 - 000000766 _____ C:\Users\Public\Desktop\Winlink Express.lnk

2021-11-16 19:22 - 2021-10-01 13:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RMS Express

2021-11-15 14:36 - 2020-04-14 16:42 - 000000000 ____D C:\ProgramData\Roxio

2021-11-14 20:15 - 2018-07-22 15:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2021-11-14 20:15 - 2018-07-22 15:35 - 000000000 ____D C:\Program Files (x86)\Java

2021-11-14 20:13 - 2018-07-22 15:35 - 000164696 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2021-11-14 20:09 - 2019-04-19 21:17 - 000000925 _____ C:\Users\Public\Desktop\VLC media player.lnk

2021-11-14 20:08 - 2018-07-15 21:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

2021-11-14 19:58 - 2018-08-15 07:28 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

2021-11-14 19:34 - 2018-07-15 22:25 - 000000000 ____D C:\Program Files\Microsoft Office

2021-11-14 14:27 - 2021-05-24 20:44 - 000000000 ____D C:\Program Files\Mozilla Firefox

2021-11-14 14:27 - 2018-07-15 22:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2021-11-13 18:22 - 2019-02-09 21:07 - 000000000 ____D C:\ProgramData\Mozilla

2021-11-13 18:22 - 2018-07-15 22:30 - 000000000 ____D C:\Users\Ralph\AppData\LocalLow\Mozilla

2021-11-13 18:20 - 2018-07-15 22:30 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk

2021-11-13 17:08 - 2021-09-22 15:27 - 000001354 _____ C:\Users\Ralph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk

2021-11-13 17:08 - 2021-09-22 15:27 - 000000000 ____D C:\Users\Ralph\AppData\Local\PCHealthCheck

2021-11-13 15:58 - 2018-07-16 15:18 - 000000000 ____D C:\Users\Ralph\AppData\Local\ElevatedDiagnostics

2021-11-12 17:50 - 2020-07-20 23:41 - 000706344 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2021-11-12 17:46 - 2019-12-07 03:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs

2021-11-12 17:46 - 2019-12-07 03:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel

2021-11-12 17:46 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup

2021-11-12 17:46 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism

2021-11-12 17:46 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SystemResources

2021-11-12 17:46 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\setup

2021-11-12 17:46 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\oobe

2021-11-12 17:46 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\Dism

2021-11-12 17:46 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\ShellExperiences

2021-11-12 17:46 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\bcastdvr

2021-11-12 17:46 - 2019-12-07 03:03 - 000000000 ____D C:\WINDOWS\servicing

2021-11-11 01:42 - 2019-12-07 03:03 - 000000000 ____D C:\WINDOWS\CbsTemp

2021-11-11 01:16 - 2018-07-16 13:42 - 000000000 ____D C:\WINDOWS\system32\MRT

2021-11-11 01:12 - 2018-07-16 13:42 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2021-11-08 11:55 - 2018-07-16 14:13 - 000000000 ____D C:\Users\Ralph\AppData\Local\D3DSCache

2021-11-06 04:59 - 2019-11-10 15:58 - 000000000 ____D C:\Program Files\McAfee

2021-11-06 04:59 - 2019-11-10 15:58 - 000000000 ____D C:\Program Files (x86)\McAfee

2021-11-06 04:59 - 2019-11-10 15:56 - 000000000 ____D C:\ProgramData\McAfee

2021-11-05 00:42 - 2019-11-10 15:56 - 000000000 ____D C:\Program Files\Common Files\McAfee

2021-11-05 00:40 - 2020-07-20 23:51 - 000003316 _____ C:\WINDOWS\system32\Tasks\McAfeeLogon

2021-11-05 00:36 - 2019-12-07 03:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP

2021-11-04 23:57 - 2020-07-20 23:51 - 000003710 _____ C:\WINDOWS\system32\Tasks\McAfee Remediation (Prepare)

2021-10-31 18:16 - 2018-07-16 00:11 - 000000000 ____D C:\Program Files\DIFX

2021-10-30 15:42 - 2018-07-16 15:25 - 000000000 ____D C:\Users\Ralph\AppData\Roaming\Hewlett-Packard

2021-10-30 15:42 - 2018-07-16 15:07 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard

2021-10-30 15:42 - 2018-07-16 14:17 - 000000000 ____D C:\ProgramData\Hewlett-Packard

2021-10-30 07:13 - 2019-03-06 13:11 - 000000000 ____D C:\Users\Ralph\Documents\DC 100A 100V Digital Amp Volt Meter Voltmeter Ammeter Blue Red LED Current Shunt _ eBay_files

2021-10-29 15:52 - 2020-03-17 19:57 - 000000000 ____D C:\acronis full

==================== Files in the root of some directories ========

2019-10-20 16:25 - 2021-06-26 20:27 - 000038305 _____ () C:\Users\Ralph\AppData\Roaming\Comma Separated Values.ADR

2018-07-16 12:13 - 2020-05-05 19:38 - 000009413 _____ () C:\Users\Ralph\AppData\Roaming\Comma Separated Values.EML

2018-08-10 23:59 - 2018-08-10 23:59 - 000004608 _____ () C:\Users\Ralph\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2019-10-25 16:11 - 2020-03-15 13:19 - 000016767 _____ () C:\Users\Ralph\AppData\Local\krita.log

2020-03-15 13:19 - 2020-03-15 13:19 - 000000039 _____ () C:\Users\Ralph\AppData\Local\kritadisplayrc

2019-10-25 16:12 - 2020-03-15 13:19 - 000017058 _____ () C:\Users\Ralph\AppData\Local\kritarc

2018-09-26 02:30 - 2018-09-26 02:30 - 000000000 _____ () C:\Users\Ralph\AppData\Local\oobelibMkey.log

2020-04-12 18:20 - 2020-04-12 18:20 - 000002651 _____ () C:\Users\Ralph\AppData\Local\recently-used.xbel

2018-07-21 17:33 - 2018-07-21 17:33 - 000007601 _____ () C:\Users\Ralph\AppData\Local\Resmon.ResmonCfg

==================== FLock ==============================

2019-07-18 18:34 C:\Users\Ralph\AppData\Roaming\Webex

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2021

Ran by Ralph (26-11-2021 09:43:09)

Running from D:\

Microsoft Windows 10 Home Version 21H1 19043.1348 (X64) (2020-07-21 05:51:23)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-194608825-1360088445-740081183-500 - Administrator - Enabled) => C:\Users\Administrator

DefaultAccount (S-1-5-21-194608825-1360088445-740081183-503 - Limited - Disabled)

Guest (S-1-5-21-194608825-1360088445-740081183-501 - Limited - Enabled)

Ralph (S-1-5-21-194608825-1360088445-740081183-1001 - Administrator - Enabled) => C:\Users\Ralph

WDAGUtilityAccount (S-1-5-21-194608825-1360088445-740081183-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: McAfee VirusScan (Enabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

AV: 360 Total Security (Enabled - Up to date) {FFDC234A-CE9B-08F9-406B-F876951CE066}

AS: McAfee VirusScan (Enabled - Up to date) {4DE344F8-6897-65B4-CED0-82B3AF2591B4}

AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: McAfee Firewall (Enabled) {A57E80C3-3899-292F-ECD6-209A91801C57}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1Step DVD Copy 4.5.4 (HKLM-x32\...\{1CB4ADE4-4B75-481A-BF77-EE69279DF30E}_is1) (Version: 4.5.4 - cyan soft ltd)

64 Bit HP CIO Components Installer (HKLM\...\{13DA9C7C-EBFB-40D0-94A1-55B42883DF21}) (Version: 21.2.1 - HP Inc.) Hidden

Acronis Drivers (HKLM\...\{29FB6899-5B83-4A82-BAE9-8CF4ECEC5BCD}) (Version: 25.6.35860 - Acronis) Hidden

Acronis True Image (HKLM-x32\...\{D503788D-85E5-4050-AF48-0E271A5CF42B}) (Version: 25.6.35860 - Acronis) Hidden

Acronis True Image (HKLM-x32\...\{D503788D-85E5-4050-AF48-0E271A5CF42B}Visible) (Version: 25.6.35860 - Acronis)

Adapter (HKLM-x32\...\{86085790-0A1A-4098-8CA9-579DB8F2771D}_is1) (Version:  - Macroplant, LLC)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.6.0.384 - Adobe Systems Incorporated)

Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version:  - Adobe)

Adobe Photoshop Elements 2018 (HKLM-x32\...\{0C53F2C0-BB20-474F-8117-212DCCCDC090}) (Version: 16.0 - Adobe Systems Incorporated)

Adobe Photoshop Lightroom 3.2 64-bit (HKLM\...\{A94AABAE-52F0-48C4-9F94-A4CA4B423576}) (Version: 3.2.1 - Adobe)

AllMusicConverter 4.5.4 (HKLM-x32\...\{A1CDB5F3-4B89-404F-B6D8-879049265CE5}_is1) (Version: 4.5.4 - cyan soft ltd)

AllMusicConverter Endless Music Player 4.5.4 (HKLM-x32\...\{A1A2E29A-683B-BB20-BB0D-B97ECE1E2045}_is1) (Version: 4.5.4 - cyan soft ltd)

AllMusicConverter Media Suite 4.5.4 (HKLM-x32\...\{191A3E43-34AD-417C-BCA8-8D089AE59D25}_is1) (Version: 4.5.4 - cyan soft ltd)

Amazon Photos (HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\Amazon Photos) (Version: 6.5.1 - Amazon.com, Inc.)

Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.1.1.250 - Amazon)

ANT Drivers Installer x64 (HKLM\...\{D559687A-60C5-4786-9429-C21EC195789D}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden

AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 6.2.6 - AnyDesk Software GmbH)

AnyMedia Player 4.5.4 (HKLM-x32\...\{1959CCD2-1227-4de4-97E7-04F29D526762}_is1) (Version: 4.5.4 - cyan soft ltd)

APP Shop v1.0.36 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.36 - ASRock Inc.)

ASRock Restart to UEFI v1.0.7 (HKLM-x32\...\ASRock Restart to UEFI_is1) (Version: 1.0.7 - ASRock Inc.)

CCleaner (HKLM\...\CCleaner) (Version: 5.87 - Piriform)

CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 95.1.13052.72 - Piriform Software)

CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1187.1 - Piriform Software) Hidden

CPUID CPU-Z 1.86 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.86 - CPUID, Inc.)

Cyotek WebCopy version 1.7.0.600 (HKLM-x32\...\{D5FAF1F8-C903-41b2-AC66-2682A02A78CB}_is1) (Version: 1.7.0.600 - Cyotek Ltd)

Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)

DirectX 9 Runtime (HKLM-x32\...\{3A9527CF-4E91-4683-A03F-F1AD022126E5}) (Version: 1.00.0000 - Sonic Solutions) Hidden

Disk Burner 4.5.4 (HKLM-x32\...\{3B10760F-86A3-4376-A668-AC304015D5ED}_is1) (Version: 4.5.4 - cyan soft ltd)

Dot4 (HKLM\...\{3EEDA265-C6F3-4EC1-A317-1C9315DEDDDE}) (Version: 1.0.0.0 - HP)

DrawPad Graphic Design Software (HKLM-x32\...\DrawPad) (Version: 5.28 - NCH Software)

EaseUS Partition Master 15.8 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)

Easy CD & DVD Burning 2 Content (HKLM-x32\...\{246D31A0-7B8A-41EA-8E31-33C2F2F26B53}) (Version: 20.0.024 - Roxio) Hidden

Elevated Installer (HKLM-x32\...\{0BF90608-2F95-4C7C-9A85-E90E0CAF4FE9}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden

Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 10.30 - NCH Software)

Express Rip CD Ripper Software (HKLM-x32\...\ExpressRip) (Version: 3.07 - NCH Software)

FT-857/897 Programmer (HKLM-x32\...\{CEBE0430-335E-11DE-72AE-014425902CD6}) (Version: 4.00.00.000 - RT Systems. Inc)

Garmin Express (HKLM-x32\...\{95D0EADA-5123-41C0-931A-F37946BC0E8E}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden

Garmin Express (HKLM-x32\...\{eab4691c-4022-41cd-8d39-c3097ba62d4b}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries)

GIMP 2.10.28 (HKLM\...\GIMP-2_is1) (Version: 2.10.28 - The GIMP Team)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.45 - Google LLC)

Google Earth Pro (HKLM\...\{9BFB06CD-3925-49E2-BAB7-EA695821CE4C}) (Version: 7.3.4.8248 - Google)

HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.23.318 - SurfRight B.V.)

HitmanPro.Alert 3 (HKLM\...\HitmanPro.Alert) (Version: 3.8.18.921 - SurfRight B.V.)

HP Color LaserJet Pro MFP M277 (HKLM-x32\...\{7ac49734-541c-48e7-99be-02f41e43e79d}) (Version: 14.0.15344.534 - Hewlett-Packard)

HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version:  - )

HP LaserJet Professional M1210 MFP Series Fax Installer (HKLM\...\{E94AE378-725A-41FF-BA24-397469D27FC8}) (Version: 1.3.0 - HP)

HP LaserJet Professional M1210 MFP Series Toolbox (HKLM\...\{F958F851-8DBE-420C-9D37-5ECBB6C61148}) (Version: 1.0.17 - Hewlett-Packard)

HP LaserJet Toolbox (HKLM\...\{2E8A793D-E275-46A2-BAB3-35FB95ACED57}) (Version: 3.0.0 - Hewlett-Packard)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

HPCLJProM277 (HKLM-x32\...\{9A337B35-06E3-4F9D-9B39-5AC9C2E7F82B}) (Version: 1.00.0000 - Hewlett-Packard) Hidden

HPLJUTCore (HKLM-x32\...\{AA9C0477-A064-4D76-A0C4-A3A5A11F1D4C}) (Version: 020.000.0001 - HP) Hidden

HPLJUTM277 (HKLM-x32\...\{1FE53D6E-05EA-4D03-BB77-740C9AF03574}) (Version: 014.000.0001 - HP) Hidden

hppM277LaserJetService (HKLM-x32\...\{3F43C468-BC22-4F88-8382-FF349E724317}) (Version: 001.034.00686 - Hewlett-Packard) Hidden

HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)

hpStatusAlerts (HKLM-x32\...\{6bb3c4d6-a57b-4ab7-a96a-be45a4959fe1}) (Version: 170.040.00260 - HP Development Company, L.P.) Hidden

hpStatusAlertsM277 (HKLM-x32\...\{651F24A4-7240-4598-BDA3-3F6F86005670}) (Version: 140.046.00129 - Hewlett-Packard) Hidden

I.R.I.S. OCR (HKLM-x32\...\{CF10F6BC-C710-4F6F-B7E1-4057699A59AA}) (Version: 12.3.6.10 - HP)

IC-9100 Programmer (HKLM-x32\...\{89DAA450-98F0-11E0-72AE-062406752CD6}) (Version: 4.00.00.000 - RT Systems. Inc)

iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)

Java 8 Update 311 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180311F0}) (Version: 8.0.3110.11 - Oracle Corporation)

Krita (x64) 4.2.7.1 (HKLM\...\Krita_x64) (Version: 4.2.7.1 - Krita Foundation)

LabelCreator (HKLM-x32\...\{B8C23400-237A-40F2-854C-9846DF568075}) (Version: 1.00.0000 - Corel Corporation) Hidden

LibreOffice 6.4.6.2 (HKLM\...\{C91FC8F1-C648-422B-BF7C-ED71E74EC29C}) (Version: 6.4.6.2 - The Document Foundation)

Malwarebytes version 4.4.10.144 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.10.144 - Malwarebytes)

McAfee® Total Protection (HKLM-x32\...\MSC) (Version: 16.0 R40 - McAfee, LLC)

Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.14527.20276 - Microsoft Corporation)

Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.34 - Microsoft Corporation)

Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 96.0.1054.34 - Microsoft Corporation)

Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)

Microsoft Support and Recovery Assistant (HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\0527a644a4ddd31d) (Version: 17.0.7119.4 - Microsoft Corporation)

Microsoft Teams (HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation)

Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)

MiniTool Partition Wizard 11 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Software Limited)

Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 93.0 (x64 en-US)) (Version: 93.0 - Mozilla)

Mozilla Firefox 65.0 (x64 en-US) (HKLM\...\Mozilla Firefox 65.0 (x64 en-US)) (Version: 65.0 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.3.3 - Mozilla)

Mozilla Thunderbird 78.11.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 78.11.0 (x86 en-US)) (Version: 78.11.0 - Mozilla)

Nuance Cloud Connector (HKLM-x32\...\{3D3375A3-27C5-4545-9F4C-099373B89C18}) (Version: 3.2.1046 - Nuance Communications, Inc.)

Nuance PaperPort 14 (HKLM-x32\...\{14CB3B82-FBDC-4462-919E-86147983F09B}) (Version: 14.5.0000 - Nuance Communications, Inc.)

Nuance PDF Create 7 (HKLM\...\{AAA715B7-02F9-4F2D-92C9-80EC63835AA1}) (Version: 7.10.6408 - Nuance Communications, Inc.)

Nuance PDF Viewer Plus (HKLM-x32\...\{FC984E39-43D0-4AB2-ACC7-A7B87977B009}) (Version: 7.20.3274 - Nuance Communications, Inc.)

NVIDIA 3D Vision Driver 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation)

NVIDIA Graphics Driver 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)

Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14527.20276 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden

PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0001 - Nuance Communications, Inc.)

PhotoSync (HKLM\...\PhotoSync) (Version: 4.0.4 - touchbyte GmbH)

PowerAlert Local Software (HKLM-x32\...\{88E7FC62-7948-4262-93E2-1D0B1E992C84}) (Version: 12.5.1.6709 - Tripp Lite)

Powerwerx KG-UV6X (HKLM-x32\...\{DF684A75-B53A-41ED-93C7-C34E921A0B4C}) (Version: 2.241 - Powerwerx)

Quicken (HKLM-x32\...\{62D93E3E-2F8E-42BD-9343-896F4F0031D3}) (Version: 27.1.31.12 - Quicken)

RadioGet 4.5.4 (HKLM-x32\...\{F6C84ED7-9CAC-423b-9E00-C9BFAFBD0593}_is1) (Version: 4.5.4 - cyan soft ltd)

RBVirtualFolder64Inst (HKLM\...\{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}) (Version: 1.00.0000 - Roxio, Inc.) Hidden

Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)

RingCentral Meetings (HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\RingCentralMeetings) (Version: 20.2 - Zoom Video Communications, Inc. and RingCentral Inc.)

RipTiger 4.5.4 (HKLM-x32\...\{AFD4597D-56CC-447F-AA68-C1BF1AEA448E}_is1) (Version: 4.5.4 - cyan soft ltd)

RMS Link Test version 2.0.22.0 (HKLM-x32\...\{FAD3156F-AF8A-4455-80BE-665807B8F3A5}_is1) (Version: 2.0.22.0 - ARSFi -- Winlink)

RogueKiller version 15.1.4.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 15.1.4.0 - Adlice Software)

Roxio Easy CD and DVD Burning 2 (HKLM-x32\...\{3E670EAA-F20E-4DF6-BFC1-00BABC555498}) (Version: 20.0.54.0 - Roxio)

Roxio MyDVD (HKLM\...\{CA9C6DF1-191C-4057-AAB1-34DF0996E58D}) (Version: 3.0.040 - Corel Corporation) Hidden

Roxio MyDVD (HKLM-x32\...\{2AB256B6-DD96-4982-AD46-5DC7B20BA7EF}) (Version: 3.0 - Roxio)

SanDisk SSD Dashboard (HKLM-x32\...\SanDisk SSD Dashboard) (Version: 2.7.0.0 - Western Digital Corporation)

Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)

Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version:  - Silicon Laboratories)

Silicon Laboratories USBXpress Device (Driver Removal) (HKLM-x32\...\SIUSBXP&10C4&EA61) (Version:  - )

Sonic CinePlayer Decoder Pack (HKLM-x32\...\{09065152-F67B-4044-9773-64AF5C30BDA1}) (Version: 4.3.0 - Sonic Solutions) Hidden

Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)

TatukGIS Viewer 1.13.1.370 (HKLM-x32\...\ttkVWR_is1) (Version: 1.13.1.370 - TatukGIS sp. z o.o.)

TeamViewer (HKLM\...\TeamViewer) (Version: 15.20.3 - TeamViewer)

TravelPlus for Repeaters, V19.0 (HKLM-x32\...\{FEA2D929-48DA-415E-B25D-A0CCFCA3DD86}) (Version: 19.00.0000 - ARRL)

Trusted QSL 2.5.7 (HKLM-x32\...\{23566C15-B5C6-4904-AB02-09BF6832797A}) (Version: 2.5.7 - The TrustedQSL Developers)

TuneGet 4.5.4 (HKLM-x32\...\{050A0D31-6B33-4137-ADE5-C0896E5FA98D}_is1) (Version: 4.5.4 - cyan soft ltd)

u-center_v8.26 (HKLM-x32\...\u-center_v8.26) (Version: 8.26 - u-blox)

Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation)

UV-5R Programmer (HKLM-x32\...\{7B67EE40-5362-11E2-390C-10AB7E3B7E87}) (Version: 4.50.0.0 - RT Systems. Inc)

VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)

VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.14 - VideoLAN)

Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden

WeatherLink 6.0.3 (HKLM-x32\...\{E344C807-7DE0-4CC2-81BB-1F895CF8CBDF}) (Version: 6.0.3 - Davis Instruments Corp.)

WeatherLink 6.0.5 (HKLM-x32\...\{EF9BCE53-A8E1-4A61-9C99-E230CCF57EEB}) (Version: 6.0.5 - Davis Instruments Corp.)

Web View Ctrl version 1.2.0.0 (HKLM-x32\...\{3F76DB94-6C4E-42AC-BD74-64E103174FE7}_is1) (Version: 1.2.0.0 - )

WebAdvisor by McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.590 - McAfee, LLC)

Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)

Windows Driver Package - RT Systems RT CDM Driver Package (01/18/2013 2.08.28) (HKLM\...\5246A5144620F07ED851FC0798C179A7B3475A7D) (Version: 01/18/2013 2.08.28 - RT Systems)

Windows Driver Package - RT Systems RT CDM Driver Package (01/18/2013 2.08.28) (HKLM\...\9ED29DBEB588170086E29D3B3BCB8739BEEE8F33) (Version: 01/18/2013 2.08.28 - RT Systems)

Windows Driver Package - RT Systems RT CDM Driver Package (01/30/2016 2.12.08) (HKLM\...\44F74E9BE605C75BBD33EC4CA829BECAFE4B8630) (Version: 01/30/2016 2.12.08 - RT Systems)

Windows Driver Package - RT Systems RT CDM Driver Package (01/30/2016 2.12.08) (HKLM\...\AD6D814F58FF742D1ABBBDFC9760CF33549296C8) (Version: 01/30/2016 2.12.08 - RT Systems)

Windows Driver Package - RT Systems RT CDM Driver Package (03/18/2011 2.08.14) (HKLM\...\155CF7A4C85432ED94BD4093618ABE9CF79EE316) (Version: 03/18/2011 2.08.14 - RT Systems)

Windows Driver Package - RT Systems RT CDM Driver Package (03/18/2011 2.08.14) (HKLM\...\86FC417867900416582DAFBEA15161D0A5CAF8D3) (Version: 03/18/2011 2.08.14 - RT Systems)

Windows Driver Package - Silicon Laboratories (silabenm) Ports  (12/10/2012 6.6.1.0) (HKLM\...\D680DEE0F68D64EC53D0C5769879D15D387054CC) (Version: 12/10/2012 6.6.1.0 - Silicon Laboratories)

Windows Driver Package - Silicon Laboratories Inc. (silabser) Ports  (03/28/2016 6.7.3.350) (HKLM\...\9437A0D535B29915072FCF153C7CA9B5FD547A24) (Version: 03/28/2016 6.7.3.350 - Silicon Laboratories Inc.)

Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)

Windows Driver Package - u-blox (WUDFRd) Sensor  (04/12/2017 2.33.0.0) (HKLM\...\7F84B3435615146FA8AAFBB960E8FEF59C232952) (Version: 04/12/2017 2.33.0.0 - u-blox)

Windows Driver Package - u-blox AG (ubloxusb) Ports  (07/03/2013 1.2.0.8) (HKLM\...\FD26D50F08971338088D01BEDED393EC9F9C4FA7) (Version: 07/03/2013 1.2.0.8 - u-blox AG)

Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )

Windows PC Health Check (HKLM\...\{014B7442-C784-45D3-A152-F7D2C651F28A}) (Version: 3.3.2110.22002 - Microsoft Corporation)

WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)

Winlink Express version 1.5.42.0 (HKLM-x32\...\{61C2109E-F4CA-43B1-9F3D-90BBBADF510A}_is1) (Version: 1.5.42.0 - ARSFi - Winlink Development)

WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

WSJT-X - Digital Modes for Weak Signal Communications in Amateur Radio. (HKLM-x32\...\wsjtx 2.2.2) (Version: 2.2.2 - Joe Taylor, K1JT)

WSJT-X: Digital Modes for Weak Signal Communications in Amateur Radio (HKLM-x32\...\wsjtx 2.3.0-rc2) (Version: 2.3.0-rc2 - Joe Taylor, K1JT)

WSJT-X: Digital Modes for Weak Signal Communications in Amateur Radio (HKLM-x32\...\wsjtx 2.4.0) (Version: 2.4.0 - Joe Taylor, K1JT)

Zoom (HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\ZoomUMX) (Version: 5.7.7 (1105) - Zoom Video Communications, Inc.)

ZOSICloud 2.0.2 (HKLM-x32\...\ZOSICloud) (Version: 2.0.2 - My company, Inc.)

Packages:

=========

8 Zip - unpack RAR, ZIP, 7z for free -> C:\Program Files\WindowsApps\BooStudioLLC.8ZipLite_1.4.34.0_x64__b6e429xa66pga [2021-08-31] (Finebits OÜ) [MS Ad]

Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-08] (Autodesk Inc.)

Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.10.188.0_x64__rz1tebttyb220 [2021-10-13] (Dolby Laboratories)

Duplicate Cleaner Free -> C:\Program Files\WindowsApps\DigitalVolcanoSoftware.DuplicateCleanerFree_5.13.4.0_neutral__55chcb595f864 [2021-10-09] (DigitalVolcano Software)

DVD Player+ -> C:\Program Files\WindowsApps\61878MobilityinLifeapplic.DVDPlayer_13.1.3.0_x64__zfxkqydss3nar [2021-07-14] (Mobility in Life applications) [Startup Task]

HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_132.3.262.0_x64__v10z8vjag6ke6 [2021-11-17] (HP Inc.)

Kodi -> C:\Program Files\WindowsApps\XBMCFoundation.Kodi_19.3.500.0_x64__4n2hpmxwrvr6p [2021-10-28] (XBMC Foundation)

Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-07-20] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-08-31] (Microsoft Corporation) [MS Ad]

Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-08-31] (Microsoft Corporation) [MS Ad]

Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-10-30] (Microsoft Studios) [MS Ad]

MyASUS -> C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.0.32.0_x64__qmba6cd70vzyy [2021-11-24] (ASUSTeK COMPUTER INC.)

MyRadar -> C:\Program Files\WindowsApps\ACMEAtronOmaticLLC.MyRadar_5.15.2.0_x64__hgk1kwjkxrdv0 [2021-11-23] (ACME AtronOmatic LLC)

Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-08-28] (Microsoft Corporation)

Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.15.163.0_x64__43tkc6nmykmb6 [2021-10-01] (Ookla)

Unofficial 7zip -> C:\Program Files\WindowsApps\42109FactoriaDatacenter.Unofficial7zip_18.5.0.0_x64__zaf1c6h4vqsbt [2019-01-15] (Repackagerexpress.com)

Video Player - Play All Videos -> C:\Program Files\WindowsApps\8075Queenloft.VideoPlayer-PlayAllVideos_1.1.35.0_x64__g5dqhteqemct8 [2021-06-04] (Queenloft)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-194608825-1360088445-740081183-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}

CustomCLSID: HKU\S-1-5-21-194608825-1360088445-740081183-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-CC8F68DE06FE} -> [Creative Cloud Files] => C:\Users\Ralph\Creative Cloud Files [2018-07-16 16:46]

CustomCLSID: HKU\S-1-5-21-194608825-1360088445-740081183-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Ralph\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-194608825-1360088445-740081183-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Ralph\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-194608825-1360088445-740081183-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)

ShellIconOverlayIdentifiers: [      OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [      OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [      OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [      OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [      OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [      OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [      OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [     AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_6_35860.dll [2020-12-19] (Acronis International GmbH -> )

ShellIconOverlayIdentifiers: [     AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_6_35860.dll [2020-12-19] (Acronis International GmbH -> )

ShellIconOverlayIdentifiers: [     AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_6_35860.dll [2020-12-19] (Acronis International GmbH -> )

ShellIconOverlayIdentifiers: [     AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_6_35860.dll [2020-12-19] (Acronis International GmbH -> )

ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )

ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )

ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )

ShellIconOverlayIdentifiers: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon.dll [2013-05-05] (Gladinet, Inc. -> Gladinet, INC)

ShellIconOverlayIdentifiers: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU.dll [2013-05-05] (Gladinet, Inc. -> Gladinet, INC)

ShellIconOverlayIdentifiers: [HitmanPro.Alert Shell Extension] -> {6FAC02B7-77D6-418B-AC11-962C65CDE8DD} => C:\WINDOWS\system32\hmpshell.dll [2021-11-17] (SurfRight B.V. -> SurfRight B.V.)

ShellIconOverlayIdentifiers-x32: [      OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [      OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [      OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [      OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [      OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [      OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [      OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon.dll [2013-05-05] (Gladinet, Inc. -> Gladinet, INC)

ShellIconOverlayIdentifiers-x32: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU.dll [2013-05-05] (Gladinet, Inc. -> Gladinet, INC)

ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )

ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)

ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-10-22] (McAfee, LLC -> McAfee, LLC)

ContextMenuHandlers1: [PhotoSyncShellExtension] -> {cd400ee5-8d91-38f2-b2e2-e82242b6d328} => C:\Program Files\PhotoSync\PhotoSyncShellExtension.DLL [2020-07-06] (touchbyte GmbH) [File not signed] [File is in use]

ContextMenuHandlers1: [Roxio Burn] -> {E8CB9D53-A47A-42B5-9F5B-96B037C9DD4C} => C:\Program Files\Roxio\Roxio Burn\RB_ContextMenu64.dll [2019-02-22] (Corel Corporation -> TODO: <Company name>)

ContextMenuHandlers1: [Zeon.MFCDirectShellExt] -> {353C642C-F13D-4699-9FF2-EFAF490B6C69} => C:\Nuance\PDFCreate\bin\DirectShellExt.dll [2010-07-16] (Zeon Corporation -> Zeon International Investment Corp.)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers3: [Open With Gladinet] -> {81695C6B-C2CA-492F-951D-5469840B2098} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetShellProxy.dll [2013-05-05] (Gladinet, Inc. -> Gladinet, INC)

ContextMenuHandlers3: [STKContextMenu] -> {90DD7445-E924-4c6e-92AC-01F8C3A7E0C7} => C:\Program Files (x86)\Amazon\SendToKindle\stkContextMenu_250.dll [2019-06-07] (Amazon Services LLC -> Amazon.com, Inc.)

ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File

ContextMenuHandlers4: [PhotoSyncShellExtension] -> {cd400ee5-8d91-38f2-b2e2-e82242b6d328} => C:\Program Files\PhotoSync\PhotoSyncShellExtension.DLL [2020-07-06] (touchbyte GmbH) [File not signed] [File is in use]

ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)

ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.220.1024.0005\FileSyncShell64.dll [2021-11-18] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-23] (NVIDIA Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> )

ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File

ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-10-22] (McAfee, LLC -> McAfee, LLC)

ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File

ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Ralph\Desktop\PowerAlert Console.lnk -> C:\Program Files (x86)\TrippLite\PowerAlert\console\paconsole.bat ()

ShortcutWithArgument: C:\Users\Ralph\Desktop\Tinder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=hejiihbkifllpgdfndalmghiodgkefan

ShortcutWithArgument: C:\Users\Ralph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Tinder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=hejiihbkifllpgdfndalmghiodgkefan

==================== Loaded Modules (Whitelisted) =============

2020-07-16 09:36 - 2020-07-16 09:36 - 000044032 _____ () [File not signed] C:\Program Files (x86)\TrippLite\PowerAlert\engine\padown.DLL

2020-07-16 09:58 - 2020-07-16 09:58 - 000001536 _____ () [File not signed] C:\Program Files (x86)\TrippLite\PowerAlert\engine\pamsg.dll

2009-09-16 17:44 - 2009-09-16 17:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll

2009-09-16 17:45 - 2009-09-16 17:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll

2009-09-16 10:44 - 2009-09-16 10:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll

2020-02-11 16:19 - 2020-02-11 16:19 - 000041472 _____ (HP Inc.) [File not signed] [File is in use] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll

2020-02-11 16:19 - 2020-02-11 16:19 - 000034816 _____ (HP Inc.) [File not signed] [File is in use] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll

2020-02-11 16:19 - 2020-02-11 16:19 - 000077824 _____ (HP Inc.) [File not signed] [File is in use] C:\Program Files (x86)\HP\HPLaserJetService\HPTools.dll

2020-02-11 16:19 - 2020-02-11 16:19 - 001223168 _____ (HP Inc.) [File not signed] [File is in use] C:\Program Files (x86)\HP\HPLaserJetService\LEDMXMLObjects.dll

2010-01-28 16:10 - 2010-01-28 16:10 - 000541184 _____ (Marvell Semiconductor, Inc.) [File not signed] C:\WINDOWS\System32\mvtcpmon.dll

2009-09-16 17:45 - 2009-09-16 17:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll

2020-07-20 23:45 - 2018-03-23 17:05 - 000880024 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll

2009-10-16 12:27 - 2009-10-16 12:27 - 000144896 _____ (OpenSLP) [File not signed] C:\WINDOWS\System32\slp64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:FD9CE1F3 [136]

AlternateDataStreams: C:\Users\Public\DRM:وهو يتحرك [48]

AlternateDataStreams: C:\Users\Ralph\Documents\aquachek truetest spa.jpeg:3or4kl4x13tuuug3Byamue2s4b [105]

AlternateDataStreams: C:\Users\Ralph\Documents\aquachek truetest spa.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

AlternateDataStreams: C:\Users\Ralph\Documents\covid vaccination card 2 (booster).jpeg:3or4kl4x13tuuug3Byamue2s4b [87]

AlternateDataStreams: C:\Users\Ralph\Documents\covid vaccination card 2 (booster).jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

AlternateDataStreams: C:\Users\Ralph\Documents\NEIMA part 1.tiff:3or4kl4x13tuuug3Byamue2s4b [105]

AlternateDataStreams: C:\Users\Ralph\Documents\NEIMA part 1.tiff:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

AlternateDataStreams: C:\Users\Ralph\Documents\page 1 back.tiff:3or4kl4x13tuuug3Byamue2s4b [105]

AlternateDataStreams: C:\Users\Ralph\Documents\page 1 back.tiff:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

AlternateDataStreams: C:\Users\Ralph\Documents\page 1 front.tiff:3or4kl4x13tuuug3Byamue2s4b [105]

AlternateDataStreams: C:\Users\Ralph\Documents\page 1 front.tiff:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

AlternateDataStreams: C:\Users\Ralph\Documents\page 2 back.tiff:3or4kl4x13tuuug3Byamue2s4b [105]

AlternateDataStreams: C:\Users\Ralph\Documents\page 2 back.tiff:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

AlternateDataStreams: C:\Users\Ralph\Documents\page 2 front.tiff:3or4kl4x13tuuug3Byamue2s4b [105]

AlternateDataStreams: C:\Users\Ralph\Documents\page 2 front.tiff:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\S-1-5-21-194608825-1360088445-740081183-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\S-1-5-21-194608825-1360088445-740081183-500\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

SearchScopes: HKU\S-1-5-21-194608825-1360088445-740081183-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

SearchScopes: HKU\S-1-5-21-194608825-1360088445-740081183-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-05-13] (McAfee, LLC -> McAfee, LLC)

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Nuance\PDFViewer\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation -> Zeon Corporation)

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\ssv.dll [2021-11-14] (Oracle America, Inc. -> Oracle Corporation)

BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-05-13] (McAfee, LLC -> McAfee, LLC)

BHO-x32: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> C:\Nuance\PDFCreate\Bin\ZeonIEFavClient.dll [2011-03-25] (Zeon Corporation -> Zeon Corporation)

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\jp2ssv.dll [2021-11-14] (Oracle America, Inc. -> Oracle Corporation)

Toolbar: HKLM-x32 - DocuCom PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Nuance\PDFCreate\Bin\ZeonIEFavClient.dll [2011-03-25] (Zeon Corporation -> Zeon Corporation)

Toolbar: HKU\S-1-5-21-194608825-1360088445-740081183-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-10-31] (Microsoft Corporation -> Microsoft Corporation)

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2021-10-22] (McAfee, LLC -> McAfee, LLC)

Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2021-10-22] (McAfee, LLC -> McAfee, LLC)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-11 17:38 - 2020-05-14 10:30 - 000000849 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1       localhost

2019-01-12 01:34 - 2019-01-12 01:35 - 000000443 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;%SYSTEMROOT%\System32\OpenSSH;C:\Program Files (x86)\Common Files\Acronis\VirtualFile;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64;C:\Program Files (x86)\Common Files\Acronis\FileProtector;C:\Program Files (x86)\Common Files\Acronis\FileProtector64;C:\Program Files (x86)\Common Files\Acronis\SnapAPI;C:\Program Files\RogueKiller;C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\WSJT\wsjtx\bin;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Common Files\Acronis\FileProtector\;C:\Program Files (x86)\Common Files\Acronis\FileProtector64\

HKU\S-1-5-21-194608825-1360088445-740081183-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ralph\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper

HKU\S-1-5-21-194608825-1360088445-740081183-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg

DNS Servers: 192.168.0.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 => 2

MSCONFIG\Services: aakore => 2

MSCONFIG\Services: AcronisActiveProtectionService => 2

MSCONFIG\Services: AcrSch2Svc => 2

MSCONFIG\Services: AdobeARMservice => 2

MSCONFIG\Services: AdobeUpdateService => 2

MSCONFIG\Services: afcdpsrv => 2

MSCONFIG\Services: Agent => 2

MSCONFIG\Services: AGMService => 2

MSCONFIG\Services: AGSService => 2

MSCONFIG\Services: AnyDesk => 2

MSCONFIG\Services: Bonjour Service => 2

MSCONFIG\Services: BOT4Service => 2

MSCONFIG\Services: GladFileMonSvc => 2

MSCONFIG\Services: GoogleChromeElevationService => 3

MSCONFIG\Services: GSService => 3

MSCONFIG\Services: gupdate => 2

MSCONFIG\Services: gupdatem => 3

MSCONFIG\Services: hmpalertsvc => 2

MSCONFIG\Services: HP LaserJet Service => 2

MSCONFIG\Services: HPM1210RcvFaxSrvc => 2

MSCONFIG\Services: HPSIService => 2

MSCONFIG\Services: ibtsiva => 2

MSCONFIG\Services: Intel® Capability Licensing Service TCP IP Interface => 3

MSCONFIG\Services: Intel® TPM Provisioning Service => 2

MSCONFIG\Services: jhi_service => 2

MSCONFIG\Services: McAfee WebAdvisor => 2

MSCONFIG\Services: mccspsvc => 2

MSCONFIG\Services: mmsminisrv => 2

MSCONFIG\Services: mobile_backup_server => 3

MSCONFIG\Services: mobile_backup_status_server => 3

MSCONFIG\Services: MozillaMaintenance => 3

MSCONFIG\Services: NVDisplay.ContainerLocalSystem => 2

MSCONFIG\Services: PDFProFiltSrvPP => 2

MSCONFIG\Services: PowerAlert Agent => 2

MSCONFIG\Services: RoxioBurnLauncher => 2

MSCONFIG\Services: RoxMediaDB15 => 3

MSCONFIG\Services: RoxWatch15 => 2

MSCONFIG\Services: syncagentsrv => 2

MSCONFIG\Services: Tib Mounter Service => 3

MSCONFIG\Services: WTabletServicePro => 2

HKLM\...\StartupApproved\StartupFolder: => "Nuance Cloud Connector.lnk"

HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"

HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"

HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"

HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"

HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"

HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"

HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"

HKLM\...\StartupApproved\Run32: => "StatusAlerts"

HKLM\...\StartupApproved\Run32: => "HP Software Update"

HKLM\...\StartupApproved\Run32: => "ISUSPM"

HKLM\...\StartupApproved\Run32: => "PPort14reminder"

HKLM\...\StartupApproved\Run32: => "IndexSearch"

HKLM\...\StartupApproved\Run32: => "PaperPort PTD"

HKLM\...\StartupApproved\Run32: => "PDFCreHook"

HKLM\...\StartupApproved\Run32: => "PDFProHook"

HKLM\...\StartupApproved\Run32: => "PDF7 Registry Controller"

HKLM\...\StartupApproved\Run32: => "RoxWatchTray"

HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\StartupApproved\Run: => "OneDrive"

HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"

HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\StartupApproved\Run: => "QuickenScheduledUpdates"

HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\StartupApproved\Run: => "Zoom"

HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

HKU\S-1-5-21-194608825-1360088445-740081183-1001\...\StartupApproved\Run: => "PhotoSync"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F597D0F4-DEF6-49C7-9DFA-2B1EACB8A1C3}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)

FirewallRules: [{60101C3F-D18C-43DD-8C91-EC41E0051625}] => (Allow) C:\Program Files (x86)\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)

FirewallRules: [{4E99E0E1-9B6B-437B-8969-864D2A8649E0}] => (Allow) C:\Program Files (x86)\RipTiger\MMSDownloaderApp.exe () [File not signed]

FirewallRules: [{5222F556-8E67-491F-9DCE-F04F8590ADD9}] => (Allow) C:\Program Files (x86)\RipTiger\MMSDownloaderApp.exe () [File not signed]

FirewallRules: [{28C71926-5526-4EC3-8BCB-580E912E8010}] => (Allow) C:\Program Files (x86)\RipTiger\VideoDownloadApp_RTMP.exe () [File not signed]

FirewallRules: [{340D7438-EA56-4A28-BC4E-AA2936DE9927}] => (Allow) C:\Program Files (x86)\RipTiger\VideoDownloadApp_RTMP.exe () [File not signed]

FirewallRules: [{CD046D37-A23F-4D00-B221-846F05F6513B}] => (Allow) C:\Program Files (x86)\RipTiger\RTMPDownloaderApp.exe () [File not signed]

FirewallRules: [{C018EEDA-0E86-4019-923B-A5DABEA2BD33}] => (Allow) C:\Program Files (x86)\RipTiger\RTMPDownloaderApp.exe () [File not signed]

FirewallRules: [{D5A27877-9ED5-4F1C-B548-BFDAA07A5B32}] => (Allow) C:\Program Files (x86)\RipTiger\HTTPDownloaderApp.exe () [File not signed]

FirewallRules: [{694F893D-CF19-4BE0-A8C5-CB3568CCEB85}] => (Allow) C:\Program Files (x86)\RipTiger\HTTPDownloaderApp.exe () [File not signed]

FirewallRules: [{D1C13FE4-776D-471F-93F3-4E86ED7681D6}] => (Allow) C:\Program Files (x86)\RipTiger\RipTiger.exe () [File not signed]

FirewallRules: [{153A0A67-41F1-4286-9826-EEA469B500CD}] => (Allow) C:\Program Files (x86)\RipTiger\RipTiger.exe () [File not signed]

FirewallRules: [{BBAD6E6D-698D-4357-9C67-E0A5C103FE84}] => (Allow) LPort=427

FirewallRules: [{4E5A54F1-73C3-4B86-A02C-ED312643C62D}] => (Allow) LPort=161

FirewallRules: [{A28973CE-7111-44F8-8615-24D0A54E6D1B}] => (Allow) LPort=427

FirewallRules: [{11EC7FAB-3179-4FB6-820B-B48F027D47AC}] => (Allow) LPort=9100

FirewallRules: [{C8F8D801-53F8-417A-99CF-6053A71328DD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{FD55E18E-A5BB-4079-8B97-226EB74F04C3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{F07F6D48-E81F-4919-9398-83854EBADA98}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe (Gladinet, Inc. -> Gladinet, INC)

FirewallRules: [{94376BE3-C160-49A1-8BF9-E4AF3375130E}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe (Gladinet, Inc. -> Gladinet, INC)

FirewallRules: [{E597D394-6988-4238-B55E-44E114932A1F}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe (Gladinet, Inc. -> )

FirewallRules: [{205E1E30-72FE-4078-A579-F3661C4101EF}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe (Gladinet, Inc. -> )

FirewallRules: [{D0CF4927-D618-4FE9-8D15-BC310B69AF65}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr2003.exe (Gladinet, Inc. -> )

FirewallRules: [{EE242261-222B-4F2B-A87B-FD9A426862AA}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr2003.exe (Gladinet, Inc. -> )

FirewallRules: [{8538F391-8D62-47FF-B521-6E6EF67141BB}] => (Allow) C:\Users\Ralph\AppData\Roaming\Zoom\bin\Zoom.exe () [Access Denied]

FirewallRules: [{EC0B427F-4442-4C59-9B56-CCC6DA0E5725}] => (Allow) C:\Users\Ralph\AppData\Roaming\RingCentralMeetings\bin\RingCentralMeetings.exe (RingCentral, Inc. -> RingCentral Video Communications, Inc. and RingCentral Inc.)

FirewallRules: [{B3B9A768-4B2F-4D22-B7A8-DE4D01EE5710}] => (Allow) C:\Users\Ralph\AppData\Roaming\RingCentralMeetings\bin\airhost.exe (RingCentral, Inc. -> RingCentral Video Communications, Inc. and RingCentral Inc.)

FirewallRules: [{76874876-21AB-4B73-BA79-4573DD95052D}] => (Allow) LPort=35722

FirewallRules: [{7238B5F2-A9C9-45B1-BE05-1931382214C7}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> )

FirewallRules: [{6FE14FB0-32EC-4D40-A914-B2ACD016BD70}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis International GmbH)

FirewallRules: [{CBBE6071-A5AB-496D-BA05-ABAD080BD5C3}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe (Acronis International GmbH -> )

FirewallRules: [{FCC021DC-D85B-4ABD-90D3-6BA189A09128}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> )

FirewallRules: [{AA125820-1778-4800-98B7-77FF21B1DAC8}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe (Acronis International GmbH -> )

FirewallRules: [{B7432F25-6197-44F1-89BE-79BF87228EE2}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe (Acronis International GmbH -> )

FirewallRules: [{0C15F6E9-C7EF-41F0-B8DA-47FD26ADCBAC}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe (Acronis International GmbH -> )

FirewallRules: [{7D315C29-D9B1-4288-9675-6FC3A712D9EF}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe (Acronis International GmbH -> )

FirewallRules: [{FC693ED4-6A1B-473E-AD20-D1B5A6464E36}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\acronis_drive.exe (Acronis International GmbH -> )

FirewallRules: [{473A8207-D6D3-4720-AC90-2FAA34FF207E}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH -> Acronis International GmbH)

FirewallRules: [{1AF9040F-483F-43F3-BD51-C81AECA2DE44}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe (Acronis International GmbH -> )

FirewallRules: [{6D96161F-9948-45EC-A825-8422BA1EA9FF}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe (Acronis International GmbH -> )

FirewallRules: [{264C953B-8F04-4A8F-B8DF-37DFF2D3DBBA}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\LicenseActivator.exe (Acronis International GmbH -> )

FirewallRules: [{A3C06B9E-FE07-4F3F-A785-AE2FBD63D460}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Home\report_sender.exe (Acronis International GmbH -> )

FirewallRules: [{159DFF98-B59B-436C-85BB-5666FFA96AA7}] => (Allow) C:\Program Files (x86)\Acronis\Agent\bin\bckp_amgr.exe (Acronis International GmbH -> Acronis International GmbH)

FirewallRules: [{054E376B-C96F-4A25-86B2-F1AE740BFA5E}] => (Allow) C:\Program Files (x86)\Acronis\Agent\bin\task-manager.exe (Acronis International GmbH -> Acronis International GmbH)

FirewallRules: [{0AB275F0-44C8-4BE5-BEE7-34C1F7D3C309}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH -> )

FirewallRules: [{67899526-8E09-4740-B63E-B8EAD8DA96C7}] => (Allow) C:\Program Files (x86)\Acronis\Agent\aakore.exe (Acronis International GmbH -> Acronis International GmbH)

FirewallRules: [{85C0401B-1526-4BA6-B2C9-F5EC4D672B82}] => (Allow) C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe (Acronis International GmbH -> Acronis International GmbH)

FirewallRules: [{8563FD8A-937B-4292-B7CC-84E4227885EE}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{0075B505-9540-40D0-B4A7-4A128115D60C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{550B8055-EBE7-4BEA-AF90-30E07E4D3F1B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{22146F11-B1AE-43D5-9147-C9FBAF7F3E3D}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)

FirewallRules: [{618F358E-E8BB-4BBE-9A17-FC390C72516D}] => (Allow) C:\Program Files\HP\HP Color LaserJet Pro MFP M277\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Co.)

FirewallRules: [{837DF6C9-F2F7-4A0F-929B-6E2C0BE91156}] => (Allow) C:\Program Files\HP\HP Color LaserJet Pro MFP M277\bin\FaxPrinterUtility.exe (Hewlett Packard -> Hewlett-Packard Co.)

FirewallRules: [{E80F28B6-B6F2-4FF0-8F38-C143B9364C6B}] => (Allow) C:\Program Files\HP\HP Color LaserJet Pro MFP M277\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)

FirewallRules: [{65888814-4887-43C3-B3CE-018EC87279F5}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M277\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)

FirewallRules: [{B04F6003-BE7C-47CE-B065-045FDBE71776}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M277\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Co.)

FirewallRules: [{7632EB33-6FE3-47B3-8EAF-D67C4139347B}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M277\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Co.)

FirewallRules: [{31D1942D-6C7B-40AC-9DC4-8B2B552E84AC}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M277\bin\EWSProxy.exe (Hewlett Packard -> Hewlett-Packard Co.)

FirewallRules: [{4A0F1EE5-37C9-4F1E-BE08-B0FA3759906D}] => (Allow) C:\Users\Ralph\AppData\Roaming\Zoom\bin\Zoom.exe () [Access Denied]

FirewallRules: [{CA8B1614-FC09-442F-9AE8-1C8531A8935A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{FB00E388-696E-4973-A63F-88626011E496}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{D623C9A7-3AD8-45B3-B69A-A6C8B042C290}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{4F1C853F-A0FE-4497-B82E-C704A4CCB973}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [{BC6230AA-DD95-40AF-A526-0B6BF1893345}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

FirewallRules: [TCP Query User{94D39721-A444-482F-B868-C716A4FD23B6}C:\users\ralph\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\ralph\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [UDP Query User{B2130BFA-E1EA-4166-883C-E5DEDBA062FD}C:\users\ralph\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\ralph\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [TCP Query User{F24A15DD-40C9-4786-B95F-6F4FC6849B82}C:\soundmodem\soundmodem.exe] => (Allow) C:\soundmodem\soundmodem.exe (UZ7HO Software) [File not signed]

FirewallRules: [UDP Query User{2CCC7FF2-F318-46EF-A234-956265FAEEDB}C:\soundmodem\soundmodem.exe] => (Allow) C:\soundmodem\soundmodem.exe (UZ7HO Software) [File not signed]

FirewallRules: [TCP Query User{B7241DAE-745C-4F6D-A7F4-EEF42304502C}C:\vara\vara.exe] => (Allow) C:\vara\vara.exe (VARA) [File not signed]

FirewallRules: [UDP Query User{E96C58A8-6340-4DF3-9DCE-5504E6A69F62}C:\vara\vara.exe] => (Allow) C:\vara\vara.exe (VARA) [File not signed]

FirewallRules: [{B4FF5809-443A-4219-985F-81D1C0D71FC9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

FirewallRules: [TCP Query User{E22F9D55-C41C-4D9C-9075-4E5D3E7DFC58}C:\vara fm 4.1.4\varafm.exe] => (Allow) C:\vara fm 4.1.4\varafm.exe (VARA) [File not signed]

FirewallRules: [UDP Query User{B227FD69-3AC4-4A07-BBB8-6FBF6CC68483}C:\vara fm 4.1.4\varafm.exe] => (Allow) C:\vara fm 4.1.4\varafm.exe (VARA) [File not signed]

FirewallRules: [{53C5B734-E75D-44E3-9277-51F638E3AC28}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.0.32.0_x64__qmba6cd70vzyy\MyASUS\MyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]

FirewallRules: [{18F9AD6E-EF61-48DF-BDFE-620AD723A172}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.0.32.0_x64__qmba6cd70vzyy\MyASUS\MyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]

FirewallRules: [{6DC8C2B0-139B-4DC9-855D-F208AFCF9ED7}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.0.32.0_x64__qmba6cd70vzyy\MyASUS\MyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]

FirewallRules: [{37603D33-77A5-4EC0-9B62-FAC9E3089EA0}] => (Allow) C:\Program Files\WindowsApps\B9ECED6F.ASUSPCAssistant_3.0.32.0_x64__qmba6cd70vzyy\MyASUS\MyASUS.exe (ASUSTeK COMPUTER INC.) [File not signed]

FirewallRules: [{E540BE0A-F7E0-4EA8-942A-F78E85F6D508}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\96.0.1054.34\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{8E028393-6989-471E-8629-3F74A09F97F6}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)

FirewallRules: [{6734EFA0-0911-451D-882B-BB84772AF0FE}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)

FirewallRules: [{FC995CC6-374C-4FB8-B1F1-47C16146D579}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)

FirewallRules: [{7DDC5106-2661-4D64-8434-199B180F73DD}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)

FirewallRules: [{ADC021F9-ABA0-4F64-8E44-EFBB26CB44CE}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)

FirewallRules: [{47A866B9-1494-45F0-9DC6-B465F85CED14}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)

FirewallRules: [{296C966E-74F9-402E-8DBD-C6E4FE3F1F46}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)

==================== Restore Points =========================

==================== Faulty Device Manager Devices ============

Name: Speakers (MusCAudio)

Description: Audio Endpoint

Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}

Manufacturer: Microsoft

Service:

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Speakers (MusCAudio)

Description: Audio Endpoint

Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}

Manufacturer: Microsoft

Service:

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Speakers (MusCAudio)

Description: Audio Endpoint

Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}

Manufacturer: Microsoft

Service:

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Speakers (MusCAudio)

Description: Audio Endpoint

Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}

Manufacturer: Microsoft

Service:

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Speakers (MusCAudio)

Description: Audio Endpoint

Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}

Manufacturer: Microsoft

Service:

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Speakers (MusCAudio)

Description: Audio Endpoint

Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}

Manufacturer: Microsoft

Service:

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Speakers (MusCAudio)

Description: Audio Endpoint

Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}

Manufacturer: Microsoft

Service:

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Speakers (MusCAudio)

Description: Audio Endpoint

Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}

Manufacturer: Microsoft

Service:

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Speakers (MusCAudio)

Description: Audio Endpoint

Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}

Manufacturer: Microsoft

Service:

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Speakers (MusCAudio)

Description: Audio Endpoint

Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}

Manufacturer: Microsoft

Service:

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Speakers (MusCAudio)

Description: Audio Endpoint

Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}

Manufacturer: Microsoft

Service:

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Speakers (MusCAudio)

Description: Audio Endpoint

Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}

Manufacturer: Microsoft

Service:

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: ========================

Application errors:

==================

Error: (11/26/2021 09:39:35 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: Microsoft.Photos.exe, version: 2021.21090.10008.0, time stamp: 0x616f6f86

Faulting module name: KERNELBASE.dll, version: 10.0.19041.1348, time stamp: 0x76fcd692

Exception code: 0xc000027b

Fault offset: 0x000000000010b302

Faulting process id: 0x6994

Faulting application start time: 0x01d7e2c3fab392d7

Faulting application path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2021.21090.10008.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll

Report Id: e13cc696-086c-47ef-8aac-9761d3054cb9

Faulting package full name: Microsoft.Windows.Photos_2021.21090.10008.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: App

Error: (11/26/2021 06:41:04 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: 360TS_Setup.exe, version: 10.8.0.1400, time stamp: 0x60a1f1bb

Faulting module name: AVCheck.dll_unloaded, version: 1.0.0.1027, time stamp: 0x5f17ac20

Exception code: 0xc0000005

Fault offset: 0x00013eae

Faulting process id: 0x550c

Faulting application start time: 0x01d7e2c0a833d570

Faulting application path: C:\Program Files (x86)\1637929506_0\360TS_Setup.exe

Faulting module path: AVCheck.dll

Report Id: 917a704b-51f7-480c-90e2-646542f5005e

Faulting package full name:

Faulting package-relative application ID:

Error: (11/26/2021 06:40:57 AM) (Source: SecurityCenter) (EventID: 16) (User: )

Description: Error while updating  status to SECURITY_PRODUCT_STATE_ON.

Error: (11/26/2021 06:40:56 AM) (Source: SecurityCenter) (EventID: 17) (User: )

Description: Security Center failed to validate caller with error %1.

Error: (11/26/2021 06:29:35 AM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program Taskmgr.exe version 10.0.19041.1202 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 6ea0

Start Time: 01d7e2c0b1b3b8f8

Termination Time: 15

Application Path: C:\Windows\System32\Taskmgr.exe

Report Id: 1292807a-2f88-4be9-b879-bf24566c5726

Faulting package full name:

Faulting package-relative application ID:

Hang type: Cross-thread

Error: (11/26/2021 06:14:58 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: SnippingTool.exe, version: 10.0.19041.746, time stamp: 0xeb13aef9

Faulting module name: RBVirtualFolder64.dll, version: 1.31.33.0, time stamp: 0x5c6f3982

Exception code: 0xc0000005

Fault offset: 0x0000000000032747

Faulting process id: 0x662c

Faulting application start time: 0x01d7e2bf07c745ab

Faulting application path: C:\WINDOWS\system32\SnippingTool.exe

Faulting module path: C:\Program Files\Roxio\Roxio Burn\RBVirtualFolder64.dll

Report Id: a8fe5b2b-f37e-47ad-b46e-98a6d1eeaba6

Faulting package full name:

Faulting package-relative application ID:

Error: (11/26/2021 06:14:46 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: SnippingTool.exe, version: 10.0.19041.746, time stamp: 0xeb13aef9

Faulting module name: RBVirtualFolder64.dll, version: 1.31.33.0, time stamp: 0x5c6f3982

Exception code: 0xc0000005

Fault offset: 0x0000000000032747

Faulting process id: 0x662c

Faulting application start time: 0x01d7e2bf07c745ab

Faulting application path: C:\WINDOWS\system32\SnippingTool.exe

Faulting module path: C:\Program Files\Roxio\Roxio Burn\RBVirtualFolder64.dll

Report Id: d36f085f-7771-41f8-b365-0489f2796347

Faulting package full name:

Faulting package-relative application ID:

Error: (11/25/2021 11:53:54 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: RogueKiller64.exe, version: 13.4.2.0, time stamp: 0x5d4d9daf

Faulting module name: RogueKiller64.exe, version: 13.4.2.0, time stamp: 0x5d4d9daf

Exception code: 0xc0000005

Fault offset: 0x000000000106eccc

Faulting process id: 0x3668

Faulting application start time: 0x01d7e289486e7da2

Faulting application path: C:\Program Files\RogueKiller\RogueKiller64.exe

Faulting module path: C:\Program Files\RogueKiller\RogueKiller64.exe

Report Id: c0e47181-6b57-4e83-83a4-714925403855

Faulting package full name:

Faulting package-relative application ID:

System errors:

=============

Error: (11/26/2021 09:42:49 AM) (Source: disk) (EventID: 154) (User: )

Description: The IO operation at logical block address 0x0 for Disk 3 (PDO name: \Device\00000065) failed due to a hardware error.

Error: (11/26/2021 09:42:49 AM) (Source: disk) (EventID: 154) (User: )

Description: The IO operation at logical block address 0x0 for Disk 3 (PDO name: \Device\00000065) failed due to a hardware error.

Error: (11/26/2021 09:42:49 AM) (Source: disk) (EventID: 154) (User: )

Description: The IO operation at logical block address 0x800c000 for Disk 3 (PDO name: \Device\00000065) failed due to a hardware error.

Error: (11/26/2021 09:42:49 AM) (Source: disk) (EventID: 154) (User: )

Description: The IO operation at logical block address 0x800c000 for Disk 3 (PDO name: \Device\00000065) failed due to a hardware error.

Error: (11/26/2021 09:42:49 AM) (Source: disk) (EventID: 154) (User: )

Description: The IO operation at logical block address 0x0 for Disk 3 (PDO name: \Device\00000065) failed due to a hardware error.

Error: (11/26/2021 09:37:43 AM) (Source: disk) (EventID: 154) (User: )

Description: The IO operation at logical block address 0x0 for Disk 3 (PDO name: \Device\00000065) failed due to a hardware error.

Error: (11/26/2021 09:37:43 AM) (Source: disk) (EventID: 154) (User: )

Description: The IO operation at logical block address 0x800c000 for Disk 3 (PDO name: \Device\00000065) failed due to a hardware error.

Error: (11/26/2021 09:37:43 AM) (Source: disk) (EventID: 154) (User: )

Description: The IO operation at logical block address 0x800c000 for Disk 3 (PDO name: \Device\00000065) failed due to a hardware error.

Windows Defender:

================

Date: 2021-11-23 20:24:43

Description:

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2021-11-23 11:48:06

Description:

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2021-11-21 21:57:18

Description:

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2021-11-20 21:28:55

Description:

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2021-11-16 21:10:19

Description:

Microsoft Defender Antivirus scan has been stopped before completion.

Scan Type: Antimalware

Scan Parameters: Quick Scan

CodeIntegrity:

===============

Date: 2021-11-26 09:32:45

Description:

Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. P1.50 02/24/2017

Motherboard: ASRock Z270 Killer SLI/ac

Processor: Intel® Core™ i7-7700K CPU @ 4.20GHz

Percentage of memory in use: 86%

Total physical RAM: 16348.4 MB

Available physical RAM: 2161.35 MB

Total Virtual: 62124.21 MB

Available Virtual: 3603.98 MB

==================== Drives ================================

Drive c: (Windows A) (Fixed) (Total:9069.79 GB) (Free:6097.29 GB) NTFS

Drive d: (ESD-USB) (Removable) (Total:31.99 GB) (Free:27.68 GB) FAT32

Drive h: (Windows B) (Fixed) (Total:9223.98 GB) (Free:6360.6 GB) NTFS

\\?\Volume{48a77b6e-e9d2-4027-9054-f603ee1d2468}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS

\\?\Volume{bd88dc5f-845f-4501-8010-319c67c29cd3}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS

\\?\Volume{efd5296f-35b1-4bb4-b397-aef80c545da0}\ () (Fixed) (Total:127.5 GB) (Free:127.47 GB) FAT32

\\?\Volume{9ff0c22b-be5e-4b2f-89fb-53bdb65f7ac3}\ () (Fixed) (Total:89.48 GB) (Free:89.44 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================

Disk: 0 (Size: 9314 GB) (Disk ID: 5FA2685E)

Partition: GPT.

==========================================================

Disk: 1 (MBR Code: Windows 7/8/10) (Size: 125 GB) (Disk ID: C8288DA9)

Partition 1: (Active) - (Size=32 GB) - (Type=0C)

==========================================================

Disk: 2 (Size: 9314 GB) (Disk ID: 60AA6B55)

Partition: GPT.

==================== End of Addition.txt =======================


Source: https://www.bleepingcomputer.com/forums/t/763493/often-cannot-access-internet-and-cannot-download-files/

Posted by: albertalbertkubane0269593.blogspot.com

Post a Comment

Previous Post Next Post