Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News:    Adobe Acrobat may block antivirus tools from monitoring PDF files

Featured Deal: Learn how renewable energy works with this training bundle deal

Generic User Avatar

"Name not available" in Sound Mixer 'bings' randomly

Started by draco963 , Apr 09 2022 04:37 PM

  • This topic is locked This topic is locked
1 reply to this topic

#1 draco963

draco963

  • Avatar image
  • Members
  • 13 posts
  • OFFLINE
    •  
  • Local time:03:13 PM

Posted 09 April 2022 - 04:37 PM

It bings at me. Please help me get rid of it. It's doing it more often now.

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-04-2022
Ran by Richard (administrator) on DRACO-DSKTP (09-04-2022 16:12:48)
Running from E:\Richard\Downloads
Loaded Profiles: Richard
Platform: Microsoft Windows 10 Home Version 20H2 19042.1526 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe ->) (Binary Fortress Software Ltd -> Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookApp32.exe
(C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe ->) (Binary Fortress Software Ltd -> Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookApp64.exe
(C:\Program Files (x86)\Dropbox\Client\Dropbox.exe ->) (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\145.4.4921\QtWebEngineProcess.exe <2>
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\WINWORD.EXE
(C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe ->) (Plex, Inc -> ) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
(C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe ->) (Plex, Inc -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe
(C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe ->) (Plex, Inc -> Python Software Foundation) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngineProcess.exe
(C:\Program Files\BOINC\boincmgr.exe ->) (University of California, Berkeley -> Space Sciences Laboratory) C:\Program Files\BOINC\boinc.exe
(C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe <6>
(C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\56.0.11.0\crashpad_handler.exe <2>
(C:\Program Files\Microsoft Office\Office15\WINWORD.EXE ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FoxitProxyServer_Socket_PH.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe
(C:\Windows\splwow64.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\56.0.7.0\crashpad_handler.exe
(Discord Inc. -> Discord Inc.) C:\Users\Richard\AppData\Local\Discord\app-1.0.9004\Discord.exe <6>
(DriverStore\FileRepository\u0376032.inf_amd64_1a2e19f1369fd940\B375758\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376032.inf_amd64_1a2e19f1369fd940\B375758\atieclxx.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(E:\Games\Epic Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) E:\Games\Epic Games\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(E:\Games\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) E:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(Epic Games Inc. -> Epic Games, Inc.) E:\Games\Epic Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(explorer.exe ->) (Binary Fortress Software Ltd -> Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
(explorer.exe ->) (Don HO don.h@free.fr) [File not signed] C:\Program Files (x86)\Notepad++\notepad++.exe
(explorer.exe ->) (Evoluent) [File not signed] C:\Program Files (x86)\Evoluent\Evoluent Mouse Manager\EvoMouseExec.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\55.0.3.0\crashpad_handler.exe <4>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <72>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe
(explorer.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(explorer.exe ->) (Lone Wolf Development, Inc -> ) C:\Program Files (x86)\Hero Lab\HeroLab.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SndVol.exe
(explorer.exe ->) (Nullsoft Inc. -> Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winamp.exe
(explorer.exe ->) (Plex, Inc -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Sanford, L.P.) [File not signed] C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe
(explorer.exe ->) (University of California, Berkeley -> Space Sciences Laboratory) C:\Program Files\BOINC\boincmgr.exe
(explorer.exe ->) (University of California, Berkeley -> Space Sciences Laboratory) C:\Program Files\BOINC\boinctray.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Evoluent\Evoluent Mouse Manager\EvoMouseListener.exe
(Power Software Limited -> Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Sanford, L.P.) [File not signed] C:\Program Files (x86)\DYMO\DYMO Label Software\DYMO.DLS.Printing.Host.exe
(services.exe ->) (ABBYY Production LLC -> ABBYY Production LLC) C:\Program Files (x86)\Common Files\ABBYY\FineReader\15\Licensing\NetworkLicenseServer.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPDU.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0376032.inf_amd64_1a2e19f1369fd940\B375758\atiesrxx.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(services.exe ->) (Binary Fortress Software Ltd -> Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(services.exe ->) (Dimitrios Coutsoumbas (Dimio)) [File not signed] C:\Program Files\DSynchronize\DSynchronize.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Evoluent) [File not signed] C:\Program Files (x86)\Evoluent\Evoluent Mouse Manager\EvoDriverUpdateService.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitPhantomPDFUpdateService.exe
(services.exe ->) (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
(services.exe ->) (Plex, Inc -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(services.exe ->) (Sanford, L.P.) [File not signed] C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Valve Corp. -> Valve Corporation) E:\Games\Steam\steam.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-07-14] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [DSynchronize] => C:\Program Files\DSynchronize\DSynchronize.exe [975360 2018-03-18] (Dimitrios Coutsoumbas (Dimio)) [File not signed]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-07-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [boinctray] => C:\Program Files\BOINC\boinctray.exe [69920 2018-07-12] (University of California, Berkeley -> Space Sciences Laboratory)
HKLM-x32\...\Run: [Evoluent Mouse Listener] => C:\Program Files (x86)\Evoluent\Evoluent Mouse Manager\EvoMouseListener.exe [33280 2016-01-05] (Microsoft) [File not signed]
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2014-06-27] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [10585376 2022-03-27] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] () [File not signed]
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [DLSWebSvc] => C:\Program Files (x86)\DYMO\DYMO Label Software\DYMO.DLS.Printing.Host.exe [5130240 2018-08-02] (Sanford, L.P.) [File not signed]
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-735030342-139934267-388796653-1003\...\Run: [boincmgr] => C:\Program Files\BOINC\boincmgr.exe [9035040 2018-07-12] (University of California, Berkeley -> Space Sciences Laboratory)
HKU\S-1-5-21-735030342-139934267-388796653-1003\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [23290344 2019-05-03] (Plex, Inc -> Plex, Inc.)
HKU\S-1-5-21-735030342-139934267-388796653-1003\...\Run: [DymoQuickPrint] => C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe [2033664 2018-08-02] (Sanford, L.P.) [File not signed]
HKU\S-1-5-21-735030342-139934267-388796653-1003\...\Run: [Discord] => C:\Users\Richard\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-735030342-139934267-388796653-1003\...\Run: [EpicGamesLauncher] => E:\Games\Epic Games\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33687008 2022-04-08] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-735030342-139934267-388796653-1003\...\Run: [Bonus.SSR.FR15] => C:\Program Files (x86)\ABBYY FineReader 15\ScreenshotReader.exe [1192608 2020-06-15] (ABBYY Production LLC -> ABBYY Production LLC.)
HKU\S-1-5-21-735030342-139934267-388796653-1003\...\Run: [AMDDVR] => C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe [2399736 2022-01-18] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-735030342-139934267-388796653-1003\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-735030342-139934267-388796653-1003\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [13443008 2021-05-03] (Binary Fortress Software Ltd -> Binary Fortress Software)
HKU\S-1-5-21-735030342-139934267-388796653-1003\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-735030342-139934267-388796653-1003\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-735030342-139934267-388796653-1003\...\RunOnce: [Uninstall 22.022.0130.0001\i386] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\22.022.0130.0001\i386"
HKU\S-1-5-21-735030342-139934267-388796653-1003\...\RunOnce: [Uninstall 22.022.0130.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\22.022.0130.0001"
HKU\S-1-5-21-735030342-139934267-388796653-1003\...\RunOnce: [Uninstall 22.033.0213.0002\i386] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\22.033.0213.0002\i386"
HKU\S-1-5-21-735030342-139934267-388796653-1003\...\RunOnce: [Uninstall 22.033.0213.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\22.033.0213.0002"
HKU\S-1-5-21-735030342-139934267-388796653-1003\...\RunOnce: [Uninstall 22.045.0227.0004\i386] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\22.045.0227.0004\i386"
HKU\S-1-5-21-735030342-139934267-388796653-1003\...\RunOnce: [Uninstall 22.045.0227.0004] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richard\AppData\Local\Microsoft\OneDrive\22.045.0227.0004"
HKU\S-1-5-21-735030342-139934267-388796653-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [39936 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\hpfpp02t: C:\Windows\System32\spool\prtprocs\x64\hpfpp02t.dll [253440 2010-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [55872 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\DYMO LabelWriter Monitor: C:\WINDOWS\system32\LW400MON.DLL [16384 2018-07-27] (Microsoft Windows Hardware Compatibility Publisher -> DYMO Corp.)
HKLM\...\Print\Monitors\EPSON Stylus CX4800 Series 64MonitorBA: C:\WINDOWS\system32\E_ILMADA.DLL [108032 2007-12-07] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\...\Print\Monitors\PCL hpf3l02t: C:\WINDOWS\system32\hpf3l02t.dll [138752 2010-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\...\Print\Monitors\PDF-XChange5-ABBYY-FR15: C:\WINDOWS\system32\pxc50pmaf15.dll [57328 2018-12-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\...\AppCompatFlags\Custom\DKII.EXE: [{b6462b67-caf5-4a74-99df-cc2811bd1957}.sdb] -> GOG.com Dungeon Keeper 2
HKLM\Software\...\AppCompatFlags\InstalledSDB\{b6462b67-caf5-4a74-99df-cc2811bd1957}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{b6462b67-caf5-4a74-99df-cc2811bd1957}.sdb [2012-11-06]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\100.0.4896.75\Installer\chrmstp.exe [2022-04-06] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{61E94D8A-C800-45D8-A152-E836816C117D}] -> C:\Program Files (x86)\ABBYY FineReader 15\ScreenshotReader.exe [2020-06-15] (ABBYY Production LLC -> ABBYY Production LLC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Evoluent Mouse Manager.lnk [2016-06-13]
ShortcutTarget: Evoluent Mouse Manager.lnk -> C:\Program Files (x86)\Evoluent\Evoluent Mouse Manager\EvoMouseExec.exe (Evoluent) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2017-05-16]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Octopus.vbs [2016-07-28] () [File not signed]
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0BC93632-60E7-42A8-B65A-65423F0915A4} - System32\Tasks\{092CDCEF-F9FC-48FE-8A23-B7F8BE21C482} => C:\Windows\system32\pcalua.exe -a G:\autoplay\Autoplay.exe -d G:\autoplay
Task: {1E445AB0-BF83-4488-A76F-9B7EBEF6D223} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {2004E46C-6C63-4808-9270-C77423E33801} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2121C4D6-BB21-489A-B076-3D4625A786C2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {31FFB090-FBA8-478F-B21F-16220996F0CE} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2022-01-18] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {3C718102-3994-46C8-832F-F4F26F0F22E1} - System32\Tasks\StartAUEP => C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe [652792 2022-01-18] (Advanced Micro Devices Inc. -> AMD)
Task: {4508E463-D66F-4890-8F48-F32A46796A59} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {47E47B72-52BC-4B9D-928F-CF97134FDE6C} - System32\Tasks\ExclusiveTool => C:\Program Files (x86)\DSDCS\InputMapper\ExclusiveModeTool.exe [19968 2016-10-04] (InputMapper) [File not signed]
Task: {4BB70F09-B748-45B6-9C00-C74901BE93C8} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2022-01-18] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {575C469A-708F-41B8-ADCF-07A234DD9791} - System32\Tasks\Arkenforgelauncher => E:\Games\Arkenforge\ArkenforgeLauncher\ArkenforgeLauncher.exe [650752 2021-06-26] () [File not signed]
Task: {5D003B63-11DF-4D93-AF69-0B7CFA76B6F5} - System32\Tasks\AdobeAAMUpdater-1.0-DRACO-DSKTP-Richard => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {6D869D87-0B64-4983-918F-27AFB572B89D} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [260600 2022-01-18] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {A6887DEB-0A23-4B0B-B9F1-6E23AC0FB8FB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {A752C412-0B03-4FBA-AAA8-6DF04A2DA37F} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {B2FE4778-F86C-4CEA-B70D-D8B269C5DBC2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [570240 2017-02-14] (Apple Inc. -> Apple Inc.)
Task: {BF34F92C-D5CB-47CC-9C04-943B27B4573C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {D1C27662-51BD-4449-930C-026C44F3C560} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {D85C0AA2-8B23-4371-9FAE-29C5D408DBD9} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [55288 2022-01-18] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {D86F0FA6-EB27-4DD7-800C-CEDFE24B09D7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-06-11] (Google Inc -> Google Inc.)
Task: {DC68FD48-38AD-4811-9A4D-BDDE0D64BF15} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E53CB576-41D3-454A-90D3-01967ED22F5E} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
Task: {EC668BAE-6EB3-42D1-AB7E-6F6E9AFB3248} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {EF670C1C-9F56-4D8E-8409-CCA1CD19CD5B} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1709048 2022-01-18] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {F1D5A1A9-A8A6-4F7D-911C-97116E42C600} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [55288 2022-01-18] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {F1E8B380-579F-4B59-B18E-80D4546C462D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-06-11] (Google Inc -> Google Inc.)
Task: {FD4D415A-8EF5-4684-A4C8-ACD7C302B4C4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FF21579E-4B88-4077-9F14-10058EA9FA10} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DRACO-DSKTP-Richard DRACO-DSKTP => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [470712 2014-07-27] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 206.248.154.22 206.248.154.170
Tcpip\..\Interfaces\{050957c9-2205-4703-a819-5d8a93ba69a6}: [DhcpNameServer] 206.248.154.22 206.248.154.170
Tcpip\..\Interfaces\{1f729001-833c-429c-9995-c50359e81e3d}: [DhcpNameServer] 192.168.1.1
 
Edge: 
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\Richard\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-10]
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi [2020-11-23] [Legacy]
FF HKLM\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi [2020-11-23]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2020-05-23] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF HKLM-x32\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default [2022-04-09]
CHR DownloadDir: E:\Richard\Downloads
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://kakstitotako.com; hxxps://newssysstem.net; hxxps://photos.google.com; hxxps://premiumbros.com; hxxps://www.bhphotovideo.com; hxxps://www.cambly.com; hxxps://www.google.ca
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://start.mysearchdial.com/?f=1&a=md0202ff&cd=2XzuyEtN2Y1L1QzutDtDtByCyD0EtC0CyByEzy0Dzy0D0CyCtN0D0Tzu0SyBzzzytN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1386700279&ir=","hxxp://www.homedepot.ca/","hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggSeV8AUAgURRgWdQtaTA1AFVAOeFhdBRRBFQUbeAkNVV0QFgUFIk0FA1oDB0VXfV5bFElXTwhuIVdBM1wCVFlXM3FNAw=="
CHR Session Restore: Default -> is enabled.
CHR Extension: (Slides) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Recipe Filter) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahlcdjbkdaegmljnnncfnhiioiadakae [2020-06-21]
CHR Extension: (Docs) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Google Drive) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2016-06-11]
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-11]
CHR Extension: (Honey) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2022-04-08]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-01-15]
CHR Extension: (Foxit PDF Creator) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\cifnddnffldieaamihfkhkdgnbhfmaci [2021-04-06]
CHR Extension: (Sheets) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Google Docs Offline) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-08]
CHR Extension: (Hola Free VPN Proxy Unblocker - Best VPN) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2021-08-03]
CHR Extension: (Helium Backup) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpglbgbpeobllokpmeagpoagjbfknanl [2016-10-16]
CHR Extension: (Content Server Browser Web Extension) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlphpjodcfdblfmbbdjodbfmlonmidfh [2021-06-09]
CHR Extension: (Read&Write for Google Chrome™) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\inoeonmfapjbbkmdafoankkfajkcphgd [2022-02-04]
CHR Extension: (Gmail Print All Pro) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\jobhgbnpobdpmpdhcnailgemedfhjbho [2016-06-11]
CHR Extension: (AMR Player With Google Drive) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfgiimkdkmimgkgaaicpcdhcedmbbbb [2017-01-29]
CHR Extension: (Application launcher for Drive (by Google)) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-02-12]
CHR Extension: (Line Numbers for Google Docs) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mblodabbcapnkgcfnddfpfaamjckjlik [2022-02-26]
CHR Extension: (Boomerang for Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2018-09-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-12]
CHR Extension: (Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-03]
CHR Profile: C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-04-09]
CHR Profile: C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-04-06]
CHR Notifications: Profile 1 -> hxxps://www.facebook.com
CHR Session Restore: Profile 1 -> is enabled.
CHR Extension: (Slides) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-14]
CHR Extension: (Docs) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-14]
CHR Extension: (Google Drive) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-20]
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-13]
CHR Extension: (Sheets) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-14]
CHR Extension: (Google Docs Offline) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-18]
CHR Extension: (Application launcher for Drive (by Google)) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-02-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-16]
CHR Extension: (Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-28]
CHR Profile: C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-02-28]
CHR Session Restore: Profile 2 -> is enabled.
CHR Extension: (Slides) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-19]
CHR Extension: (Docs) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-19]
CHR Extension: (Google Drive) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-06-28]
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-14]
CHR Extension: (Foxit PDF Creator) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cifnddnffldieaamihfkhkdgnbhfmaci [2021-06-28]
CHR Extension: (Sheets) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-19]
CHR Extension: (Google Docs Offline) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-28]
CHR Extension: (Application launcher for Drive (by Google)) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-06-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-28]
CHR Extension: (Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-06-28]
CHR Profile: C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 5 [2022-04-09]
CHR Notifications: Profile 5 -> hxxps://calendar.google.com; hxxps://meet.google.com; hxxps://voice.google.com; hxxps://www.pinterest.com; hxxps://www.youtube.com
CHR HomePage: Profile 5 -> hxxp://google.ca/
CHR StartupUrls: Profile 5 -> "hxxp://google.ca/"
CHR Session Restore: Profile 5 -> is enabled.
CHR Extension: (Slides) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-14]
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-25]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-01-16]
CHR Extension: (Foxit PDF Creator) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\cifnddnffldieaamihfkhkdgnbhfmaci [2021-04-06]
CHR Extension: (BlockSite: Block Websites & Stay Focused) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2022-03-02]
CHR Extension: (Sheets) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-12]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-03-09]
CHR Extension: (Application launcher for Drive (by Google)) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-02-15]
CHR Extension: (Incognito This Tab) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nhockicmnnjibbhgcpphjicilgcfehdi [2017-05-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-15]
CHR Extension: (Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Profile: C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 6 [2022-04-09]
CHR Notifications: Profile 6 -> hxxps://calendar.google.com; hxxps://meet.google.com
CHR Session Restore: Profile 6 -> is enabled.
CHR Extension: (Slides) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-18]
CHR Extension: (Docs) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-18]
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-18]
CHR Extension: (Foxit PDF Creator) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\cifnddnffldieaamihfkhkdgnbhfmaci [2021-05-07]
CHR Extension: (Adblock for Youtube™) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2022-02-06]
CHR Extension: (Sheets) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-18]
CHR Extension: (Google Docs Offline) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-03]
CHR Extension: (Read&Write for Google Chrome™) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\inoeonmfapjbbkmdafoankkfajkcphgd [2022-02-06]
CHR Extension: (Application launcher for Drive (by Google)) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-02-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-12]
CHR Extension: (Adblock for Chrome™) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\onomjaelhagjjojbkcafidnepbfkpnee [2021-09-27]
CHR Extension: (Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-31]
CHR Profile: C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 7 [2021-12-12]
CHR Session Restore: Profile 7 -> is enabled.
CHR Extension: (Slides) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-12-07]
CHR Extension: (Docs) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aohghmighlieiainnegkcijnfilokake [2021-12-07]
CHR Extension: (Google Drive) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-12-07]
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-12-07]
CHR Extension: (Sheets) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-12-07]
CHR Extension: (Google Docs Offline) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-07]
CHR Extension: (Application launcher for Drive (by Google)) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-12-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-07]
CHR Extension: (Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-12-07]
CHR Profile: C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 8 [2021-12-12]
CHR Extension: (Slides) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-12-11]
CHR Extension: (Docs) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\aohghmighlieiainnegkcijnfilokake [2021-12-11]
CHR Extension: (Google Drive) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-12-11]
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-12-11]
CHR Extension: (Foxit PDF Creator) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\cifnddnffldieaamihfkhkdgnbhfmaci [2021-12-11]
CHR Extension: (Sheets) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-12-11]
CHR Extension: (Google Docs Offline) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-11]
CHR Extension: (Application launcher for Drive (by Google)) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-12-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-11]
CHR Extension: (Gmail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-12-11]
CHR Profile: C:\Users\Richard\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-09]
CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2020-11-23]
CHR HKU\S-1-5-21-735030342-139934267-388796653-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Richard\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx <not found>
CHR HKU\S-1-5-21-735030342-139934267-388796653-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2020-11-23]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ABBYY.Licensing.FineReader.15.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\15\Licensing\NetworkLicenseServer.exe [1063152 2020-05-07] (ABBYY Production LLC -> ABBYY Production LLC)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc. -> Apple Inc.)
R2 AUEPLauncher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPDU.exe [504824 2022-01-18] (Advanced Micro Devices Inc. -> AMD)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-11] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2022-03-27] (Dropbox, Inc -> Dropbox, Inc.)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [11309520 2021-05-03] (Binary Fortress Software Ltd -> Binary Fortress Software)
R2 DSynchronizeSrv; C:\Program Files\DSynchronize\DSynchronize.exe [975360 2018-03-18] (Dimitrios Coutsoumbas (Dimio)) [File not signed]
R2 DymoPnpService; C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [27136 2018-08-02] (Sanford, L.P.) [File not signed]
R2 EvoDriverUpdateService; C:\Program Files (x86)\Evoluent\Evoluent Mouse Manager\EvoDriverUpdateService.exe [30208 2015-12-21] (Evoluent) [File not signed]
R2 FoxitPhantomPDFUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitPhantomPDFUpdateService.exe [2357936 2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2021-03-03] (Mixbyte Inc -> Freemake)
S3 GalaxyClientService; E:\Games\GOG Galaxy\GalaxyClientService.exe [1955680 2021-08-20] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2021-08-20] (GOG Sp. z o.o. -> GOG.com)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [1143272 2019-05-03] (Plex, Inc -> Plex, Inc.)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13353768 2021-09-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-07] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [33216 2021-12-02] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_edd3335a4253bf6d\amdsafd.sys [109520 2021-11-04] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0376032.inf_amd64_1a2e19f1369fd940\B375758\amdkmdag.sys [82950024 2022-01-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 EuMusDesignVirtualAudioCableWdm; C:\WINDOWS\System32\drivers\vrtaucbl.sys [124704 2015-12-31] (Muzychenko Evgenii Viktorovich -> Eugene V. Muzychenko)
R3 EvoMouseDriverFilterHidUsb; C:\WINDOWS\System32\drivers\EvoMouseDriverFilterHidUsb.sys [29936 2016-01-29] (WDKTestCert v.kurilovich,130838452094803308 -> Evoluent)
R3 EvoMouseDriverMini; C:\WINDOWS\system32\drivers\EvoMouseDriverMini.sys [18640 2016-01-13] (WDKTestCert v.kurilovich,130838452094803308 -> Evoluent)
S3 gdrv; C:\Windows\gdrv.sys [26192 2016-03-08] (Giga-Byte Technology -> Windows ® Server 2003 DDK provider)
R1 googledrivefs3688; C:\WINDOWS\System32\DRIVERS\googledrivefs3688.sys [381456 2021-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-14] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 MpKsl9f59e5b5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5D5BFE3D-17C4-46AB-8A8D-C7D613076810}\MpKslDrv.sys [139536 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [315392 2022-01-14] (Microsoft Windows -> Microsoft Corporation)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-07] (Microsoft Windows -> Microsoft Corporation)
S3 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [270608 2017-02-17] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-04-09 16:12 - 2022-04-09 16:13 - 000000000 ____D C:\FRST
2022-03-31 00:53 - 2022-03-31 00:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2022-03-27 13:52 - 2022-03-27 13:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2022-03-27 13:52 - 2022-03-27 13:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2022-03-27 13:52 - 2022-03-27 13:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2022-03-27 13:52 - 2022-03-27 13:52 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-03-22 12:52 - 2022-03-14 12:02 - 000384584 _____ (Google, Inc.) C:\WINDOWS\system32\Drivers\googledrivefs3758.sys
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2022-04-09 16:13 - 2019-12-07 05:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-09 16:01 - 2021-04-11 04:15 - 000004158 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{5A5BC585-BF05-424C-BF61-C5A598555BEB}
2022-04-09 15:51 - 2016-06-11 19:14 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-09 15:32 - 2020-01-11 14:59 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Discord
2022-04-09 15:26 - 2021-04-11 04:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-09 12:45 - 2017-07-03 16:14 - 000000000 ____D C:\ProgramData\BOINC
2022-04-09 07:25 - 2019-12-07 05:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-09 07:25 - 2019-12-07 05:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-09 07:24 - 2020-09-08 09:02 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-09 05:46 - 2021-04-11 04:15 - 000005226 _____ C:\WINDOWS\system32\Tasks\Microsoft Office 15 Sync Maintenance for DRACO-DSKTP-Richard DRACO-DSKTP
2022-04-09 02:00 - 2016-06-19 21:18 - 000000000 ____D C:\Users\Richard\AppData\Local\Adobe
2022-04-08 21:48 - 2021-04-11 04:12 - 000842414 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-08 21:48 - 2019-12-07 05:13 - 000000000 ____D C:\WINDOWS\INF
2022-04-08 01:13 - 2017-05-21 22:51 - 000000000 ____D C:\ProgramData\Hero Lab
2022-04-07 23:03 - 2018-02-17 01:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-04-07 14:53 - 2021-12-13 05:07 - 000003580 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-735030342-139934267-388796653-1003
2022-04-07 14:53 - 2021-04-11 04:15 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-735030342-139934267-388796653-1003
2022-04-07 14:53 - 2021-04-11 04:08 - 000002422 _____ C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-04-06 14:55 - 2018-12-05 20:06 - 000000000 ____D C:\Users\Richard\AppData\Local\D3DSCache
2022-04-06 14:53 - 2021-09-22 12:10 - 000001899 _____ C:\Users\Default\Desktop\Google Slides.lnk
2022-04-06 14:53 - 2021-09-22 12:10 - 000001899 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2022-04-06 14:53 - 2021-09-22 12:10 - 000001887 _____ C:\Users\Default\Desktop\Google Docs.lnk
2022-04-06 14:53 - 2016-06-11 19:15 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-06 14:52 - 2021-09-22 12:10 - 000002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-04-05 23:19 - 2021-04-12 20:22 - 000003386 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d72eaa5cad7b6a
2022-04-05 23:19 - 2021-04-11 04:15 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-05 09:04 - 2020-10-01 05:39 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-04 02:35 - 2020-05-30 07:39 - 000000000 ____D C:\WINDOWS\system32\AMD
2022-04-04 00:30 - 2021-04-16 14:08 - 000000000 ____D C:\Users\Richard\AppData\Local\Deployment
2022-04-04 00:30 - 2017-12-07 01:45 - 000000000 ____D C:\Users\Richard\AppData\Local\Packages
2022-03-31 00:53 - 2017-05-20 21:16 - 000000000 ____D C:\Users\Richard\AppData\Local\Dropbox
2022-03-31 00:53 - 2017-05-20 21:16 - 000000000 ____D C:\Program Files (x86)\Dropbox
2022-03-30 17:46 - 2021-04-24 23:21 - 000000000 ____D C:\Users\Richard\AppData\Local\T2GP Launcher
2022-03-27 11:58 - 2022-01-27 21:53 - 000003114 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2022-03-27 11:58 - 2022-01-27 21:53 - 000003082 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2022-03-23 21:13 - 2020-02-19 07:44 - 000601432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-03-23 21:12 - 2020-10-01 05:39 - 000483664 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2022-03-17 00:31 - 2022-03-02 19:31 - 000000000 ____D C:\Users\Richard\AppData\Roaming\DropboxElectron
2022-03-12 22:15 - 2021-05-25 18:10 - 000000000 ____D C:\Users\Richard\AppData\Roaming\paradox-launcher-v2
2022-03-11 16:17 - 2021-11-30 05:03 - 000000000 ____D C:\Users\Richard\AppData\Local\CrashDumps
2022-03-11 08:26 - 2021-04-11 04:15 - 000003892 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2022-03-11 08:26 - 2021-04-11 04:15 - 000003660 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2022-03-11 08:26 - 2017-05-20 21:17 - 000000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2022-03-11 08:26 - 2017-05-20 21:17 - 000000930 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2022-03-10 21:58 - 2022-01-26 21:00 - 000000000 ____D C:\Users\Richard\AppData\Local\AMD_Common
2022-03-10 19:34 - 2016-06-12 19:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-10 19:30 - 2016-06-12 19:29 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
 
==================== Files in the root of some directories ========
 
2019-08-21 12:34 - 2019-08-21 12:34 - 000000132 _____ () C:\Users\Richard\AppData\Roaming\Adobe BMP Format CS6 Prefs
2019-06-15 22:13 - 2021-12-11 01:22 - 000000132 _____ () C:\Users\Richard\AppData\Roaming\Adobe PNG Format CS6 Prefs
2019-09-09 11:29 - 2019-09-09 20:42 - 000001456 _____ () C:\Users\Richard\AppData\Local\Adobe Save for Web 13.0 Prefs
2021-07-12 20:03 - 2021-07-12 20:03 - 000006371 _____ () C:\Users\Richard\AppData\Local\recently-used.xbel
2021-03-20 23:00 - 2021-07-15 10:29 - 000007649 _____ () C:\Users\Richard\AppData\Local\Resmon.ResmonCfg
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-04-2022
Ran by Richard (09-04-2022 16:13:52)
Running from E:\Richard\Downloads
Microsoft Windows 10 Home Version 20H2 19042.1526 (X64) (2021-04-11 08:15:36)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-735030342-139934267-388796653-500 - Administrator - Disabled)
awpla (S-1-5-21-735030342-139934267-388796653-1006 - Limited - Disabled)
DefaultAccount (S-1-5-21-735030342-139934267-388796653-503 - Limited - Disabled)
Guest (S-1-5-21-735030342-139934267-388796653-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-735030342-139934267-388796653-1008 - Limited - Enabled)
langl (S-1-5-21-735030342-139934267-388796653-1005 - Administrator - Enabled)
Richard (S-1-5-21-735030342-139934267-388796653-1003 - Administrator - Enabled) => C:\Users\Richard
WDAGUtilityAccount (S-1-5-21-735030342-139934267-388796653-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
ABBYY FineReader PDF 15 (HKLM\...\{F15000FE-0001-6400-0000-074957833700}) (Version: 15.0.3887 - ABBYY Production LLC)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.16 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 22.1.2 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Arkenforge Launcher (HKLM\...\{73C4DB27-816D-4FCE-9992-792D5F948581}) (Version: 4.0.0.0 - Arkenforge)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.26.1 - Asmedia Technology)
Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.)
BiglyBT (HKLM\...\0112-2557-8304-7048) (Version: 2.6.0.0 - Bigly Software)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
BOINC (HKLM\...\{AD6DD68E-F93B-4D15-BA53-FB2DD07C68A8}) (Version: 7.12.1 - Space Sciences Laboratory, U.C. Berkeley)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Branding64 (HKLM\...\{FDD2A246-039F-4941-A3F0-B3E8B8144E54}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden
Brother MFL-Pro Suite MFC-9120CN (HKLM-x32\...\{A1BBEE16-49B1-42F2-95B8-54C8C6A1C0C3}) (Version: 3.0.3.0 - Brother Industries, Ltd.)
Build Tools - amd64 (HKLM\...\{F74753A3-C93C-34F5-A199-993CAF602B7D}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (HKLM-x32\...\{FB3A15FD-FC67-3A2F-892B-6890B0C56EA9}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (HKLM\...\{05198C22-FFCE-374A-B190-9F18CC99DAEA}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (HKLM-x32\...\{9347889B-C22A-3905-901F-C05D8F73C929}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Bulk Rename Utility 2.7.1.2 (HKLM-x32\...\Bulk Rename Utility_is1) (Version:  - TGRMN Software)
CPUID CPU-Z 1.96 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.96 - CPUID, Inc.)
Cuphead (HKLM-x32\...\1963513391_is1) (Version: 1.2.4 - GOG.com)
Direct Show Ogg Vorbis Filter (remove only) (HKLM-x32\...\OggDS) (Version:  - )
Discord (HKU\S-1-5-21-735030342-139934267-388796653-1003\...\Discord) (Version: 0.0.309 - Discord Inc.)
DisplayFusion 9.8 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 9.8.0.0 - Binary Fortress Software)
Dropbox (HKLM-x32\...\Dropbox) (Version: 145.4.4921 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.583.1 - Dropbox, Inc.) Hidden
Dune 2000: Gruntmods Edition (HKLM-x32\...\Dune 2000: Gruntmods Edition) (Version: 1.6.2.2 - Gruntmods Studios)
Dungeon Keeper 2 (HKLM-x32\...\GOGPACKDUNGEONKEEPER2_is1) (Version: 2.0.0.32 - GOG.com)
DYMO Label (HKLM-x32\...\{54D84731-D2F9-4E8C-B18E-E91838BE52BB}) (Version: 8.7.3.46663 - Newell Rubbermaid)
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
Evoluent Mouse Manager (HKLM-x32\...\{933B0FA1-2ECF-4B3F-8153-BEBD8750FF72}) (Version: 5.7.0.0 - Evoluent)
Eye of the Beholder (HKLM-x32\...\1432575012_is1) (Version: 1.7 - GOG.com)
Foxit PhantomPDF (HKLM-x32\...\{2942bbcf-8e6b-4aa4-bd38-2d3fb7ca2fa1}) (Version: 10.1.1.37576 - Foxit Software Inc.)
Foxit PhantomPDF (HKLM-x32\...\{6591E0EE-2DC6-11EB-9DE8-54BF64A63C26}) (Version: 10.1.1.37576 - Foxit Software Inc.) Hidden
gImageReader (HKLM-x32\...\gImageReader) (Version: 3.3.1 - Sandro Mani)
GIMP 2.10.24 (HKLM\...\GIMP-2_is1) (Version: 2.10.24 - The GIMP Team)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
GOG.com Dungeon Keeper 2 (HKLM\...\{b6462b67-caf5-4a74-99df-cc2811bd1957}.sdb) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 100.0.4896.75 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 56.0.11.0 - Google LLC)
HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - )
Harmony Remote Update (HKLM-x32\...\HarmonyRemoteUpdate) (Version: 7.7.1 - Logitech - HarmonyRemoteClient)
HD Video Converter Factory 15.2 (HKLM-x32\...\HD Video Converter Factory) (Version: 15.2 - WonderFox Soft, Inc.)
Hero Lab 8.9h (HKLM-x32\...\{760AA190-82DF-4A80-BE05-B9FEEC88946D}_is1) (Version: 8.9h - LWD Technology, Inc.)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet Pro 8500 A909 Series (HKLM\...\{49C2B7C1-A4E7-4770-8E30-255795AD4712}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HWiNFO64 Version 7.06 (HKLM\...\HWiNFO64_is1) (Version: 7.06 - Martin Malik - REALiX)
InputMapper (HKLM-x32\...\{026D2025-A7FA-4F5C-AF8C-A6F7A9B917FC}) (Version: 1.6.10.19991 - DSDCS)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
iTunes (HKLM\...\{02F95875-9527-49CC-B32F-970ADAEBD1EF}) (Version: 12.6.2.20 - Apple Inc.)
Lands Of Lore - The Throne of Chaos (HKLM-x32\...\1207662513_is1) (Version: 2.1.0.19 - GOG.com)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
MAGIX Content and Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Soundpool Music Maker - Feel good (HKLM\...\{4E204F85-B3E5-47F3-92B8-953646266A81}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 100.0.1185.36 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1031 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-735030342-139934267-388796653-1003\...\OneDriveSetup.exe) (Version: 22.055.0313.0001 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29913 (HKLM-x32\...\{855e31d2-9031-46e1-b06d-c9d7777deefb}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2013 Shell (Isolated) (HKLM-x32\...\{dd77c2ff-db69-44f7-9e5c-63aa540dfe07}) (Version: 12.0.21005.13 - Microsoft Corporation)
Mp3tag v2.96 (HKLM-x32\...\Mp3tag) (Version: 2.96 - Florian Heidenreich)
MPM (HKLM-x32\...\{8AEA6737-8AF3-47BB-95CE-AAB62BE68985}) (Version: 1.00.0000 - Hewlett-Packard)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MuseScore 3 (HKLM\...\{24D638A8-2F41-4190-B716-F008843791DF}) (Version: 3.3.3.8992 - Werner Schweer and Others)
Music Maker (HKLM\...\{D5FF45D3-3AE3-4490-85DE-04D059606382}) (Version: 25.1.2.78 - MAGIX Software GmbH) Hidden
Music Maker (HKLM-x32\...\MX.{D5FF45D3-3AE3-4490-85DE-04D059606382}) (Version: 25.1.2.78 - MAGIX Software GmbH)
Noise Reduction Plug-In 2.0 (HKLM-x32\...\{150A6C61-7363-11E6-A3B5-BB95F5A309BD}) (Version: 2.0.665 - VEGAS)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.2 - )
Nox APP Player (HKLM-x32\...\Nox) (Version: 3.8.0.3 - Duodian Technology Co. Ltd.)
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
NVIDIA PhysX (HKLM-x32\...\{5DB65884-C963-4454-AABA-4CA3089281FA}) (Version: 9.09.0720 - NVIDIA Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paradox Launcher v2 (HKLM\...\{66DA3501-823A-4F07-A20D-C64495A59DC8}) (Version: 2.1.0 - Paradox Interactive)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Plex Media Server (HKLM-x32\...\{2da13fc5-0573-4a2a-91ae-139628c683a1}) (Version: 1.15.4.994 - Plex, Inc.)
Plex Media Server (HKLM-x32\...\{3511C8E2-FF71-4992-B93D-51E4EF25FCC1}) (Version: 1.15.994 - Plex, Inc.) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.0 - Power Software Ltd)
Python 3.9.5 (64-bit) (HKU\S-1-5-21-735030342-139934267-388796653-1003\...\{f3d4ed4c-f434-41ef-8469-ffadd80c4ccf}) (Version: 3.9.5150.0 - Python Software Foundation)
Python 3.9.5 Add to Path (64-bit) (HKLM\...\{6504EEE5-2172-4D34-A76D-0372356396B4}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
Python 3.9.5 Core Interpreter (64-bit) (HKLM\...\{FBB6299D-CB58-4177-B6A0-63BFB1C8C3AE}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
Python 3.9.5 Development Libraries (64-bit) (HKLM\...\{AEE58901-97A1-422A-B964-4FD9BF3327B8}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
Python 3.9.5 Documentation (64-bit) (HKLM\...\{4EFE695B-F377-4CB0-90E3-6AEEE22DEFEB}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
Python 3.9.5 Executables (64-bit) (HKLM\...\{843C07B6-040E-4E83-B244-5383247D70AB}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
Python 3.9.5 pip Bootstrap (64-bit) (HKLM\...\{7559EB6B-36F9-4AE8-8970-532E4DC0ECA3}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
Python 3.9.5 Standard Library (64-bit) (HKLM\...\{F4DC18F4-6323-4BE8-A322-38268831BC24}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
Python 3.9.5 Tcl/Tk Support (64-bit) (HKLM\...\{351016A7-AED4-4824-8D2E-2F9ED497CF77}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
Python 3.9.5 Test Suite (64-bit) (HKLM\...\{605117B9-EE12-4498-A089-A63219191799}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
Python 3.9.5 Utility Scripts (64-bit) (HKLM\...\{420E50F6-A8E8-4098-A321-7DF6B3C3BA82}) (Version: 3.9.5150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{B6EF11B6-0882-43B1-AA75-4D3BD32A144A}) (Version: 3.9.7427.0 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Sound Forge Pro 11.0 (HKLM-x32\...\{4240D670-7367-11E6-92BB-BB95F5A309BD}) (Version: 11.0.345 - MAGIX)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stopping Plex (HKLM-x32\...\{1EEC6671-B6AD-4725-AEBB-946E9B9083CB}) (Version: 1.15.994 - Plex, Inc.) Hidden
Stronghold Crusader 2 (HKLM-x32\...\1433852499_is1) (Version: 1.0.22714 - GOG.com)
Stronghold Crusader Extreme HD (HKLM-x32\...\1207658713_is1) (Version: 1.41(a) - GOG.com)
Stronghold HD (HKLM-x32\...\1207658712_is1) (Version: 1.41 - GOG.com)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.22.3 - TeamViewer)
Tesseract-OCR - open source OCR engine (HKLM-x32\...\Tesseract-OCR) (Version: 4.0.0dev-20170510 - Tesseract-OCR community)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
Virtual Audio Cable 4.15 (HKLM\...\Virtual Audio Cable 4.15) (Version:  - )
Vita Concert Grand LE (HKLM\...\{6DE610F6-EE59-44D0-B847-82863CCC3055}) (Version: 2.4.0.95 - MAGIX Software GmbH) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-2) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.6.0 - Azureus Software, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
WinDirStat 1.1.2 (HKU\S-1-5-21-735030342-139934267-388796653-1003\...\WinDirStat) (Version:  - )
Windows Driver Package - RemoteControl (RemoteControlUSBLAN) Net  (06/02/2016 02.04.10.001) (HKLM\...\A14D4158722037A4DD816446D7339B41F11276D9) (Version: 06/02/2016 02.04.10.001 - RemoteControl)
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
WinMerge 2.12.0 (HKLM-x32\...\WinMerge_is1) (Version: 2.12.0 - Thingamahoochie Software)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
XML Notepad 2007 (HKLM-x32\...\{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}) (Version: 2.3.0.0 - Microsoft Corporation)
Zeus and Poseidon (HKLM-x32\...\1207659039_is1) (Version: 2.1.0.10 - GOG.com)
 
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-03-28] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.18.1201.0_x64__8wekyb3d8bbwe [2022-02-17] (Microsoft Studios)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-19] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-08-23] (Microsoft Corporation)
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.0.30391.0_x64__8wekyb3d8bbwe [2022-03-05] (Microsoft Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-12] (Twitter Inc.)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-735030342-139934267-388796653-1003_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\Richard\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-735030342-139934267-388796653-1003_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\Richard\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-735030342-139934267-388796653-1003_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6}\InprocServer32 -> C:\Users\Richard\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-735030342-139934267-388796653-1003_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\Richard\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-735030342-139934267-388796653-1003_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Richard\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-735030342-139934267-388796653-1003_Classes\CLSID\{B2DFC1BE-A111-4788-AD8D-FD4B9087EECD}\InprocServer32 -> C:\Program Files (x86)\Common Files\System\ole32.dll => No File
CustomCLSID: HKU\S-1-5-21-735030342-139934267-388796653-1003_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => E:\Dropbox [2020-04-09 22:41]
CustomCLSID: HKU\S-1-5-21-735030342-139934267-388796653-1003_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\Richard\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-735030342-139934267-388796653-1003_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\Richard\AppData\Local\Google\Update\1.3.35.302\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [    GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [    GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu64.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [FineReader15ContextMenu] -> {53339754-4DD1-438B-8D24-0D0730F1A591} => C:\Program Files (x86)\ABBYY FineReader 15\x64\FRIntegration.x64.dll [2020-06-15] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-06-28] (Florian Heidenreich) [File not signed]
ContextMenuHandlers1: [Notepad++] -> {AE6B1055-0490-4142-AE3F-5C3F0B32E223} => C:\Program Files (x86)\Notepad++\nppcm.dll [2007-12-19] (Burgaud.com) [File not signed]
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2014-06-27] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2009-03-05] (hxxp://winmerge.org) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2008-06-20] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2008-09-16] () [File not signed]
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-06-28] (Florian Heidenreich) [File not signed]
ContextMenuHandlers2: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2009-03-05] (hxxp://winmerge.org) [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-06-28] (Florian Heidenreich) [File not signed]
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2014-06-27] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers4: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2009-03-05] (hxxp://winmerge.org) [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2008-06-20] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2008-09-16] () [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2022-01-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-01-18] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [WinMerge] -> {4E716236-AA30-4C65-B225-D68BBA81E9C2} => C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll [2009-03-05] (hxxp://winmerge.org) [File not signed]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-05-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu64.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [FineReader15ContextMenu] -> {53339754-4DD1-438B-8D24-0D0730F1A591} => C:\Program Files (x86)\ABBYY FineReader 15\x64\FRIntegration.x64.dll [2020-06-15] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers6: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2014-06-27] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2008-06-20] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2008-09-16] () [File not signed]
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\SysWOW64\vct3216.acm [82944 2001-03-02] (Voxware, Inc.) [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\Richard\AppData\Local\2167bb\2152ef.lnk -> C:\Users\Richard\AppData\Local\2167bb\3e601d.bat (No File)
ShortcutWithArgument: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Helium Backup.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=gpglbgbpeobllokpmeagpoagjbfknanl
ShortcutWithArgument: C:\Users\Richard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lubaba - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 5"
ShortcutWithArgument: C:\Users\Richard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Richard - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Richard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\ff13ca23fee04978\Lubaba - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 5"
ShortcutWithArgument: C:\Users\Richard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Lonely - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Richard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Draco - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
 
==================== Loaded Modules (Whitelisted) =============
 
2018-05-09 00:36 - 2009-02-27 16:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2021-10-01 19:38 - 2019-08-15 18:13 - 001265664 _____ () [File not signed] C:\Program Files (x86)\DisplayFusion\runtimes\win-x64\native\e_sqlite3.dll
2017-05-21 22:51 - 2019-01-31 12:41 - 000643948 _____ () [File not signed] C:\Program Files (x86)\Hero Lab\sqlite3.dll
2008-12-21 10:27 - 2008-12-21 10:27 - 000756224 _____ () [File not signed] C:\Program Files (x86)\Notepad++\plugins\ComparePlugin.dll
2007-08-04 21:10 - 2007-08-04 21:10 - 000250368 _____ () [File not signed] C:\Program Files (x86)\Notepad++\plugins\Config\tidy\libTidy.dll
2008-09-06 10:15 - 2008-09-06 10:15 - 000178688 _____ () [File not signed] C:\Program Files (x86)\Notepad++\plugins\FTP_synchronize.dll
2008-09-06 08:51 - 2008-09-06 08:51 - 000014336 _____ () [File not signed] C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
2008-11-11 13:48 - 2008-11-11 13:48 - 000074240 _____ () [File not signed] C:\Program Files (x86)\Notepad++\plugins\NppNetNote.dll
2016-06-18 00:48 - 2008-06-20 00:41 - 000062464 _____ () [File not signed] C:\Program Files (x86)\WinRAR\rarext64.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2021-11-12 22:17 - 2021-11-12 22:17 - 000912896 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll
2021-11-12 22:17 - 2021-11-12 22:17 - 003109888 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll
2013-10-17 16:48 - 2013-10-17 16:48 - 000106496 _____ () [File not signed] C:\Program Files\BOINC\zlib1.dll
2018-05-09 00:36 - 2005-04-22 13:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2022-03-06 01:10 - 2022-01-27 18:05 - 126964224 _____ () [File not signed] E:\Games\Steam\bin\cef\cef.win7x64\libcef.dll
2022-03-06 01:10 - 2021-11-17 07:38 - 000384000 _____ () [File not signed] E:\Games\Steam\bin\cef\cef.win7x64\libegl.dll
2022-03-06 01:10 - 2021-11-17 07:38 - 008006656 _____ () [File not signed] E:\Games\Steam\bin\cef\cef.win7x64\libglesv2.dll
2022-01-18 01:45 - 2022-01-18 01:45 - 001717248 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2018-05-09 00:36 - 2010-03-10 18:16 - 000770048 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\ControlCenter3\brccDCtl.dll
2018-05-09 00:36 - 2010-03-29 01:01 - 000151552 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\ControlCenter3\brcceng.dll
2018-05-09 00:36 - 2012-10-09 15:30 - 000372736 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\ControlCenter3\brccFCtl.dll
2018-05-09 00:36 - 2009-09-28 13:38 - 005390336 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\ControlCenter3\brccimg.dll
2018-05-09 00:36 - 2012-07-05 20:32 - 000084480 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2007-12-19 12:40 - 2007-12-19 12:40 - 000018432 _____ (Burgaud.com) [File not signed] C:\Program Files (x86)\Notepad++\nppcm.dll
2009-02-07 15:05 - 2009-02-07 15:05 - 000229376 _____ (Chris Severance) [File not signed] C:\Program Files (x86)\Notepad++\plugins\NppTextFX.dll
2013-12-16 17:47 - 2013-12-16 17:47 - 000193024 _____ (Darren Owen aka DrO) [File not signed] C:\Program Files (x86)\Winamp\Plugins\gen_jumpex.dll
2013-12-08 23:16 - 2013-12-08 23:16 - 000010752 _____ (Darren Owen aka DrO) [File not signed] C:\Program Files (x86)\Winamp\System\UnicodeTaskbarFix.w5s
2008-09-06 08:33 - 2008-09-06 08:33 - 000053248 _____ (Don HO don.h@free.fr) [File not signed] C:\Program Files (x86)\Notepad++\plugins\docMonitor.dll
2008-09-07 16:55 - 2008-09-07 16:55 - 000069632 _____ (Don HO don.h@free.fr) [File not signed] C:\Program Files (x86)\Notepad++\plugins\mimeTools.dll
2018-08-02 06:24 - 2018-08-02 06:24 - 000505344 _____ (DYMO Corporation) [File not signed] [File is in use] C:\Program Files (x86)\DYMO\DYMO Label Software\PrintingSupportLibrary.dll
2021-04-16 14:08 - 2021-04-16 14:08 - 000663040 _____ (DYMO Corporation) [File not signed] [File is in use] C:\Users\Richard\AppData\Local\assembly\dl3\7P9782E1.O32\6HCOH69X.BEB\2294cc5c\00a8ff01_4c2ad401\PrintingSupportLibrary.dll
2019-06-28 05:06 - 2019-06-28 05:06 - 000424448 _____ (Florian Heidenreich) [File not signed] C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll
2020-11-23 05:22 - 2020-11-23 05:22 - 000693760 _____ (Foxit) [File not signed] C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\Plugins\phc.dll
2009-01-25 15:23 - 2009-01-25 15:23 - 000323584 _____ (Full of Madness Co.) [File not signed] C:\Program Files (x86)\Notepad++\plugins\NppExec.dll
2009-11-17 22:58 - 2009-11-17 22:58 - 000342656 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll
2009-11-17 22:58 - 2009-11-17 22:58 - 000559232 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll
2012-09-11 10:32 - 2012-09-11 10:32 - 000015360 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
2011-04-29 19:08 - 2011-04-29 19:08 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
2011-08-18 01:29 - 2011-08-18 01:29 - 001039360 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll
2016-06-18 00:51 - 2009-03-05 19:52 - 000062464 _____ (hxxp://winmerge.org) [File not signed] C:\Program Files (x86)\WinMerge\ShellExtensionX64.dll
2016-08-22 12:51 - 2016-05-21 04:19 - 000077312 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2015-06-23 20:00 - 2015-06-23 20:00 - 000285696 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel® Rapid Storage Technology\PsiData.dll
2015-06-23 20:00 - 2015-06-23 20:00 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel® Rapid Storage Technology\ISDI2.dll
2008-11-17 17:13 - 2008-11-17 17:13 - 000081920 _____ (jens.plugin.npp@gmx.de) [File not signed] C:\Program Files (x86)\Notepad++\plugins\SpellChecker.dll
2018-05-09 00:36 - 2003-06-30 00:00 - 000259584 ____N (LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\Brother\ControlCenter3\LTDIS12n.dll
2018-05-09 00:36 - 2005-07-05 00:00 - 000131584 ____N (LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\Brother\ControlCenter3\LTFIL12n.DLL
2018-05-09 00:36 - 2003-06-30 00:00 - 000406016 ____N (LEAD Technologies, Inc.) [File not signed] C:\Program Files (x86)\Brother\ControlCenter3\LTKRN12n.dll
2017-09-05 00:15 - 2017-09-05 00:15 - 004396032 _____ (Microsoft Corporation) [File not signed] C:\Program Files\AMD\CNext\CNext\D3DCompiler_47.dll
2009-02-03 18:07 - 2009-02-03 18:07 - 000385024 _____ (Neil Hodgson neilh@scintilla.org) [File not signed] C:\Program Files (x86)\Notepad++\SciLexer.DLL
2013-12-12 22:47 - 2013-12-12 22:47 - 000017920 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Components\ssdp.w6c
2013-12-12 22:47 - 2013-12-12 22:47 - 000621568 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\jnetlib.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000210432 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\libmp4v2.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000260096 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\libsndfile.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000086528 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\nde.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000418816 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\nsutil.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000029184 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\nxlite.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000051712 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\gen_crasher.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 001710080 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\gen_ff.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000031232 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\gen_hotkeys.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000330240 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\gen_ml.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000026624 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\gen_tray.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000070144 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\in_avi.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000086528 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\in_cdda.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000073216 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\in_dshow.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000049664 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\in_flac.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000044032 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\in_flv.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000008192 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\in_linein.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000112128 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\in_midi.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000041472 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\in_mkv.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000164864 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\in_mod.dll
2013-11-26 11:40 - 2013-11-26 11:40 - 000269824 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\in_mp3.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000054784 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\in_mp4.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000077824 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\in_nsv.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000024064 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\in_swf.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000247808 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\in_vorbis.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000024064 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\in_wave.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000313856 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\in_wm.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000031744 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\ml_bookmarks.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000226816 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\ml_devices.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000200192 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\ml_disc.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000057856 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\ml_downloads.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000061440 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\ml_history.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000053760 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\ml_impex.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000328704 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\ml_local.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000023040 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\ml_nowplaying.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000139776 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\ml_online.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000112128 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\ml_playlists.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000287232 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\ml_pmp.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000038912 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\ml_rg.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000033792 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\ml_transcode.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000126976 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\ml_wire.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000024576 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\out_disk.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000053760 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\out_ds.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000019968 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\out_wave.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000058368 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\pmp_android.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000160768 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\pmp_ipod.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000020992 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\pmp_njb.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000113664 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\pmp_p4s.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000053248 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\pmp_usb.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000078336 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\Plugins\pmp_wifi.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000923648 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\System\aacdec.w5s
2013-12-12 22:47 - 2013-12-12 22:47 - 000026112 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\System\albumart.w5s
2013-12-12 22:47 - 2013-12-12 22:47 - 000170496 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\System\auth.w5s
2013-12-12 22:47 - 2013-12-12 22:47 - 000018944 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\System\bmp.w5s
2013-12-12 22:47 - 2013-12-12 22:47 - 000034304 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\System\devices.w5s
2013-12-12 22:47 - 2013-12-12 22:47 - 000018432 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\System\dlmgr.w5s
2013-12-12 22:47 - 2013-12-12 22:47 - 000015360 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\System\filereader.w5s
2013-12-12 22:47 - 2013-12-12 22:47 - 000019968 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\System\gif.w5s
2013-12-12 22:47 - 2013-12-12 22:47 - 000624640 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\System\jnetlib.w5s
2013-12-12 22:47 - 2013-12-12 22:47 - 000156672 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\System\jpeg.w5s
2013-12-12 22:47 - 2013-12-12 22:47 - 000309248 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\System\ombrowser.w5s
2013-12-12 22:47 - 2013-12-12 22:47 - 000088576 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\System\playlist.w5s
2013-12-12 22:47 - 2013-12-12 22:47 - 000086016 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\System\png.w5s
2013-12-12 22:47 - 2013-12-12 22:47 - 000014848 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\System\primo.w5s
2013-12-12 22:47 - 2013-12-12 22:47 - 000024064 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\System\tagz.w5s
2013-12-12 22:47 - 2013-12-12 22:47 - 000033792 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\System\timer.w5s
2013-12-12 22:47 - 2013-12-12 22:47 - 000046592 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\System\wasabi2.w5s
2013-12-12 22:47 - 2013-12-12 22:47 - 000089088 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\System\xml.w5s
2013-12-12 22:47 - 2013-12-12 22:47 - 000017408 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\System\xspf.w5s
2013-12-12 22:47 - 2013-12-12 22:47 - 000088576 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\tataki.dll
2013-12-12 22:47 - 2013-12-12 22:47 - 000044544 _____ (Nullsoft, Inc.) [File not signed] C:\Program Files (x86)\Winamp\zlib.dll
2016-10-28 03:29 - 2007-12-07 02:08 - 000108032 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\E_ILMADA.DLL
2016-12-18 16:46 - 2016-12-18 16:46 - 001353216 _____ (SQLite Development Team) [File not signed] C:\Program Files\BOINC\sqlite3.dll
2022-03-06 01:10 - 2022-01-27 18:05 - 000983552 _____ (The Chromium Authors) [File not signed] E:\Games\Steam\bin\cef\cef.win7x64\chrome_elf.dll
2016-12-18 16:46 - 2016-12-18 16:46 - 000362496 _____ (The cURL library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files\BOINC\libcurl.dll
2016-12-18 16:46 - 2016-12-18 16:46 - 002017792 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\BOINC\LIBEAY32.dll
2016-12-18 16:46 - 2016-12-18 16:46 - 000351744 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\BOINC\SSLEAY32.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000057856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\audio\qtaudio_windows.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000031232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 001455104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 001227776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 006947328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000740352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000123392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 001110528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000326656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 003798528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000440832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000054784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 004255744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000171520 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 001128448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000206336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000334336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000133120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000396800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 102854656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 005611008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 002877440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000056832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000290816 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000336896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2021-04-21 04:21 - 2021-04-21 04:21 - 000134144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000106496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000045568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2021-04-21 03:30 - 2021-04-21 03:30 - 000093184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ujonqegd.sys:changelist [390]
AlternateDataStreams: C:\ProgramData\TEMP:C39E55C5 [180]
AlternateDataStreams: C:\Users\Richard\Cookies:KedGXZrdidtBxfNC5cu1oPZRGk [2482]
 
==================== Safe Mode (Whitelisted) ==================
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-09-25] (Microsoft Corporation -> Microsoft Corporation)
BHO: Foxit PhantomPDF Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin_x64.dll [2020-11-23] (FOXIT SOFTWARE INC. -> )
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-09-25] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Foxit PhantomPDF Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> )
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-09-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Foxit PhantomPDF Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin_x64.dll [2020-11-23] (FOXIT SOFTWARE INC. -> )
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Foxit PhantomPDF Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> )
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation -> Microsoft Corporation)
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-10-30 03:24 - 2016-06-26 23:18 - 000000889 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKCU\Environment\\Path -> C:\Users\Richard\AppData\Local\Programs\Python\Python39\Scripts\;C:\Users\Richard\AppData\Local\Programs\Python\Python39\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Tesseract-OCR;;%USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-735030342-139934267-388796653-1003\Control Panel\Desktop\\Wallpaper -> e:\richard\pictures\wallpapers\tumblr_static_4qd8hjgcif0gs40o88cws4g44.jpg
DNS Servers: 206.248.154.22 - 206.248.154.170
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKU\S-1-5-21-735030342-139934267-388796653-1003\...\StartupApproved\Run: => "OneDrive"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{CD254E94-589A-4954-8CD9-F604C4CD9BFA}] => (Allow) E:\Games\Steam\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{4CD07C58-DF43-43E7-A246-FBF91FA5895D}] => (Allow) E:\Games\Steam\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{EE00AC61-67A7-46D7-A990-B3F181ABC9AB}] => (Allow) E:\Games\Steam\steamapps\common\Game Master Engine\WindowsNoEditor\GameMasterEngine.exe => No File
FirewallRules: [{33665D4D-0ED1-4C16-9FFB-35CDBADF3AE3}] => (Allow) E:\Games\Steam\steamapps\common\Game Master Engine\WindowsNoEditor\GameMasterEngine.exe => No File
FirewallRules: [{6ECCC245-174F-41A8-A424-7EE7013D6836}] => (Allow) E:\Games\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{88E58994-DD81-41BF-99AF-C9E4C299CF23}] => (Allow) E:\Games\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [UDP Query User{36D81445-6BC9-4D1F-9768-1CD793DD782A}E:\games\epic games\survivingmars\marsepic.exe] => (Allow) E:\games\epic games\survivingmars\marsepic.exe (Haemimont Games) [File not signed]
FirewallRules: [TCP Query User{E5A4EE7C-9301-4C69-AE6F-53539DCCA6DD}E:\games\epic games\survivingmars\marsepic.exe] => (Allow) E:\games\epic games\survivingmars\marsepic.exe (Haemimont Games) [File not signed]
FirewallRules: [{53C2B91B-6329-49DC-B79C-E1A4014FA565}] => (Allow) E:\Games\Steam\steamapps\common\Offworld Trading Company\StardockLauncher.exe (STARDOCK SYSTEMS, INC. -> Stardock Corporation)
FirewallRules: [{E8BEAAF3-5E49-4EB6-9597-5868BF2C625B}] => (Allow) E:\Games\Steam\steamapps\common\Offworld Trading Company\StardockLauncher.exe (STARDOCK SYSTEMS, INC. -> Stardock Corporation)
FirewallRules: [{EFC9E7DB-0825-4819-82CC-41858317CEEE}] => (Allow) BiglyBT.exe => No File
FirewallRules: [UDP Query User{5B2134B1-956D-45CA-84E5-A582358EFE25}C:\program files\biglybt\biglybt.exe] => (Allow) C:\program files\biglybt\biglybt.exe (Bigly Software -> Bigly Software)
FirewallRules: [TCP Query User{D8F8EA3E-10B3-45F1-BF2B-F8AD76E7F15C}C:\program files\biglybt\biglybt.exe] => (Allow) C:\program files\biglybt\biglybt.exe (Bigly Software -> Bigly Software)
FirewallRules: [UDP Query User{A4A84BD7-FD2F-4BB7-A3A6-35B68C01B012}E:\games\gog galaxy\games\stronghold crusader 2\bin\win32_galaxy_release\crusader2.exe] => (Allow) E:\games\gog galaxy\games\stronghold crusader 2\bin\win32_galaxy_release\crusader2.exe () [File not signed]
FirewallRules: [TCP Query User{6857170B-E56F-40DF-B6FB-DAFF0A74CC5A}E:\games\gog galaxy\games\stronghold crusader 2\bin\win32_galaxy_release\crusader2.exe] => (Allow) E:\games\gog galaxy\games\stronghold crusader 2\bin\win32_galaxy_release\crusader2.exe () [File not signed]
FirewallRules: [{34C15A99-4767-4CC9-8807-066A909D8973}] => (Allow) C:\Program Files (x86)\Hero Lab\HeroLab64.exe (Lone Wolf Development, Inc -> )
FirewallRules: [{362BA948-5D49-476F-8819-F1D2FE0F1151}] => (Allow) C:\Program Files (x86)\Hero Lab\HeroLab64.exe (Lone Wolf Development, Inc -> )
FirewallRules: [{7BC03154-561C-4577-87F7-3E842CFC22FD}] => (Allow) C:\Program Files (x86)\Hero Lab\HeroLab.exe (Lone Wolf Development, Inc -> )
FirewallRules: [{7BA6EA94-A7C9-4627-8E08-993BA06A02B8}] => (Allow) C:\Program Files (x86)\Hero Lab\HeroLab.exe (Lone Wolf Development, Inc -> )
FirewallRules: [{5A8A8F6E-0D5C-4C57-A64F-1F1EF1CB96DE}] => (Allow) E:\Games\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{C9EE5A27-414E-44FE-878F-F96EB02A60FF}] => (Allow) E:\Games\Steam\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe (Xsolla (USA), Inc -> 2K)
FirewallRules: [{D9CA7E3B-870F-44D0-90B1-1C163C393BD9}] => (Allow) E:\Games\Steam\steamapps\common\Sid Meier's Civilization VI SDK\Launcher.exe (Firaxis) [File not signed]
FirewallRules: [{1AE84730-AD20-456E-A532-6E2A9EBE6361}] => (Allow) E:\Games\Steam\steamapps\common\Sid Meier's Civilization VI SDK\Launcher.exe (Firaxis) [File not signed]
FirewallRules: [{F9D2A856-3DDA-4F68-ADF9-F5874B6CDA2D}] => (Allow) E:\Games\Steam\steamapps\common\Knights of Pen and Paper 2\kopp2.exe () [File not signed]
FirewallRules: [{26D500FA-1210-4367-9AE4-89870AED5F5B}] => (Allow) E:\Games\Steam\steamapps\common\Knights of Pen and Paper 2\kopp2.exe () [File not signed]
FirewallRules: [UDP Query User{D0DA4D2C-2E5C-4157-AA68-6A55E16007E5}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{D3CC18C2-BF71-495C-BA1C-C23966032E83}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{D9624070-9B23-42E4-94F5-9B8314DC58FC}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{754D7C08-7BAC-446B-AEDF-C91716E945AE}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1CAEE580-2852-48A4-9565-E8C8D9534EFE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{764A1D9C-8E11-476D-B462-A063EC9E7C5D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{35D1A1F8-E217-4A84-BB94-89509856D8A0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{212B3902-C2F7-400E-924A-0A1D0CBB5957}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{040E9DFE-9C3A-49C3-8762-0FB8B747A2B0}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{10A9896C-E6A8-4950-B093-C2D1F684701B}C:\program files (x86)\ratiomaster\ratiomaster.net.exe] => (Allow) C:\program files (x86)\ratiomaster\ratiomaster.net.exe (Nikolay.IT) [File not signed]
FirewallRules: [TCP Query User{199CFA84-11CA-4022-9D06-D3AAF5D50A34}C:\program files (x86)\ratiomaster\ratiomaster.net.exe] => (Allow) C:\program files (x86)\ratiomaster\ratiomaster.net.exe (Nikolay.IT) [File not signed]
FirewallRules: [UDP Query User{86AB1132-1C0B-455B-8E80-7B3EC8266DFD}E:\games\gruntmods studios\dune 2000\dune2000.exe] => (Allow) E:\games\gruntmods studios\dune 2000\dune2000.exe (Intelligent Games) [File not signed]
FirewallRules: [TCP Query User{6B704020-617F-488C-AD8A-3BAB26986F38}E:\games\gruntmods studios\dune 2000\dune2000.exe] => (Allow) E:\games\gruntmods studios\dune 2000\dune2000.exe (Intelligent Games) [File not signed]
FirewallRules: [UDP Query User{D248E725-522F-49AB-9C32-0BDCF8694549}E:\games\dune 2000\dune2000.dat] => (Allow) E:\games\dune 2000\dune2000.dat (Intelligent Games) [File not signed]
FirewallRules: [TCP Query User{15464C13-D2AF-4E8B-B3F9-F8B6A6819751}E:\games\dune 2000\dune2000.dat] => (Allow) E:\games\dune 2000\dune2000.dat (Intelligent Games) [File not signed]
FirewallRules: [{D749EB47-A008-4109-83F4-075521FFFA64}] => (Allow) LPort=7935
FirewallRules: [{5C8EF466-EDDE-4224-A5C1-660CD9454700}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe (Adobe Systems Incorporated -> )
FirewallRules: [{904E2CA6-92AF-4182-8E9D-633574C3DC09}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe (Adobe Systems Incorporated -> )
FirewallRules: [UDP Query User{071FAB7D-8B59-4D65-AD2A-414DFA1087C0}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [TCP Query User{3B754B71-8568-46E3-8C34-C96E2ACE06BB}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{3F5CEB77-C2F1-4BD6-B2D6-A65C1C5C7EC6}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{3990C4FE-2F1A-4163-8BB8-DE263911F90A}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{C9638E59-AF2B-44EF-8090-EBB2CA110913}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A2DCC788-55A7-4E55-8677-E298CD1FC7DC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{274F4180-639F-42C4-B625-8E6A4C79F653}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B1B298F5-31F4-4073-A09F-9501D6985AE1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B2BE6074-F490-4BBD-B0F2-3E0A59E73951}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe => No File
FirewallRules: [{66D04DD5-D392-4F9C-9EC9-60693468C39A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe => No File
FirewallRules: [{C0E01154-E550-45E7-8437-94FBFC02061A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe => No File
FirewallRules: [{F6B3FFE8-0DCA-4FBC-A7E7-E73F9DA42FB6}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe => No File
FirewallRules: [{55C41923-4707-42EA-840A-9D8461CCF1FF}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe => No File
FirewallRules: [{D3EF1E64-B5F8-4603-93E8-144D7B983086}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe => No File
FirewallRules: [{1FD3A8F5-9CE2-4DBE-95A1-29CD24C42164}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{53079F10-0F4D-4931-9B58-C438D59DA5F3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{585036A0-68DA-4B50-84BE-3C42C99E7ABA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{C865E1E2-8867-4026-ACBB-9A220AEB89B6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{93AB9033-90BC-49F4-A1EB-7121C77CC8A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe => No File
FirewallRules: [{0DD18826-B6B1-4135-ACD1-B65337055FC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe => No File
FirewallRules: [{83CBE357-62D5-4A68-A443-95B4C1FA1C5D}] => (Allow) C:\Program Files (x86)\Nox\bin\Nox.exe (Beijing Duodian Online Science and Technology Co.,Ltd -> Duodian Technology Co. Ltd.)
FirewallRules: [{0466FCA5-EF3E-4A8C-8DB5-0041A3B1DE58}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe (Beijing Duodian Online Science and Technology Co.,Ltd -> )
FirewallRules: [{0FD2E54A-221D-4622-9996-F427CA418483}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{3685F4A6-02D0-4FF8-B105-91B528B157A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{B1665D2C-CA07-4D0F-AF91-A9127033654C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{856F014D-8DA8-4D7F-AD9D-EB21A00805BC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{EDC528F3-EB1B-498C-A652-3551D94FA300}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{741D1189-9835-4C16-B8B5-D5DF989EBE04}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{1996D9B0-67B4-4372-9A29-81F1A01D27D4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{D2154812-7F58-4DD6-99A2-6DED9EBF274E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{4C50CCE2-A31D-4BDD-8E4F-6BA98D8A9F6F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{74CED41D-B54B-4EF6-BE57-99DB97C2ABC5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{8315E85D-267D-4B74-9055-8672315FD397}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{DCF90B90-9809-466B-AF7B-6A3F78B66F1E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{BE88C801-5BB6-4348-88FF-5EBC2E93A03E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{5D2AC09A-C8F7-46A0-A8BF-0DC74DA7A22E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett Packard -> Hewlett-Packard)
FirewallRules: [{055D6299-5093-46B9-985E-604AFF023C0C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{B58F8372-73AD-4764-AD81-672B650E3CFF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett Packard -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{BE06702D-1180-4E21-B6E4-95FED1206312}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{6C9FCBB8-C10A-479F-9AFF-9E9CAEC4114C}] => (Allow) E:\Games\Steam\steamapps\common\Dawn of War III\RelicDoW3.exe (Relic Entertainment, Inc -> The build server will stamp this field)
FirewallRules: [{81E207B0-7726-4BBD-A0B6-F7FF48487C22}] => (Allow) E:\Games\Steam\steamapps\common\Dawn of War III\RelicDoW3.exe (Relic Entertainment, Inc -> The build server will stamp this field)
FirewallRules: [{345AE9FF-FFF4-454B-BCBA-B0F47EEE7888}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{CD984F95-29D2-4246-8B12-288BE0F2CAD4}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{3A983CF9-091C-4BD6-8657-3497B6FF1D91}] => (Allow) LPort=54925
FirewallRules: [{E503E002-733D-4134-84AD-DBA46D2E9284}] => (Allow) C:\Program Files (x86)\MAGIX\Music Maker\25\MusicMaker.exe (MAGIX Software GmbH -> MAGIX Software GmbH)
FirewallRules: [{D13DDE05-38B2-4DBC-82CF-F057BB0F66FF}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (Plex, Inc -> Plex, Inc.)
FirewallRules: [{24463C16-4E6C-41CB-9BD9-DD0F184E13DB}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe (Plex, Inc -> Python Software Foundation)
FirewallRules: [{74A7676B-426B-497A-8DBB-135B35315448}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe (Plex, Inc -> Plex, Inc.)
FirewallRules: [{3BD0154F-042C-4DC7-A9A6-1CC48B2228A1}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (Plex, Inc -> )
FirewallRules: [{7BB00E26-3418-4BEE-BF26-67080E11BCBD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe => No File
FirewallRules: [{6684CA8B-177A-44A8-82EA-592C9588DB0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\LaunchPad\LaunchPad.exe => No File
FirewallRules: [{46D13A03-089A-4ED5-A2D3-433E017A2814}] => (Allow) C:\Program Files\BiglyBT\BiglyBT.exe (Bigly Software -> Bigly Software)
FirewallRules: [{97FFB24A-DFD9-49F2-905A-8FD0AA6D846D}] => (Allow) C:\Program Files\BiglyBT\BiglyBT.exe (Bigly Software -> Bigly Software)
FirewallRules: [{EAA32D31-D4DC-44A1-91AE-F5D486A4EE1C}] => (Allow) E:\Games\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe () [File not signed]
FirewallRules: [{7AE77780-C42C-46AF-9C8C-2DCF1C8A2AD8}] => (Allow) E:\Games\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe () [File not signed]
FirewallRules: [{E260102A-6E07-4F9A-93BA-F2968C772E6C}] => (Allow) E:\Games\Steam\steamapps\common\The Divinty Engine Enhanced Edition\TheDivinityEngine.exe () [File not signed]
FirewallRules: [{7AD12F68-54A8-496B-8C00-418595105B35}] => (Allow) E:\Games\Steam\steamapps\common\The Divinty Engine Enhanced Edition\TheDivinityEngine.exe () [File not signed]
FirewallRules: [{52E18F87-E798-420E-8E6F-00E480652E37}] => (Allow) E:\Games\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios Games Ltd. -> LariLauncher)
FirewallRules: [{A96601C6-E0A3-473E-BE10-9AA219EF0904}] => (Allow) E:\Games\Steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (Larian Studios Games Ltd. -> LariLauncher)
FirewallRules: [TCP Query User{BD5A8D5C-063A-49B3-9912-8FF63B4F0AD0}E:\games\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) E:\games\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios Games Ltd. -> )
FirewallRules: [UDP Query User{2979CA7B-BD10-487B-9B1A-D8D74AC961B6}E:\games\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe] => (Allow) E:\games\steam\steamapps\common\divinity original sin 2\defed\bin\eocapp.exe (Larian Studios Games Ltd. -> )
FirewallRules: [{28B3EC15-E4AC-418E-B748-1374DCC7E034}] => (Allow) E:\Games\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{200E5287-9316-4A8A-9642-D01FDB618D9D}] => (Allow) E:\Games\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D11B7C59-6317-4B1C-AB3C-0537763A03A4}] => (Allow) E:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D90B768F-BCE8-4366-AED3-5F718C2E0852}] => (Allow) E:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{0157A7C3-F1A8-4694-9AFC-BF4BEA380E9F}] => (Allow) E:\Games\Steam\steamapps\common\The Divinity Engine 2\DefEd\DivinityEngine2.exe () [File not signed]
FirewallRules: [{1C191E55-D608-4D4E-AFD5-7A9A1FE096C6}] => (Allow) E:\Games\Steam\steamapps\common\The Divinity Engine 2\DefEd\DivinityEngine2.exe () [File not signed]
FirewallRules: [{4B979712-AA1D-493F-9B19-A2E6AA0BF187}] => (Allow) E:\Games\Steam\steamapps\common\The Divinity Engine 2\DivinityEngine2.exe () [File not signed]
FirewallRules: [{00DDA77E-022A-4E41-A302-B2EBB7EA5E68}] => (Allow) E:\Games\Steam\steamapps\common\The Divinity Engine 2\DivinityEngine2.exe () [File not signed]
FirewallRules: [{9EA80711-46E1-48B7-8679-FA89A237079F}] => (Allow) E:\Games\Steam\steamapps\common\Game Master Engine\GameMasterEngine.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{5F6FE099-8F8E-4247-816E-6F56E3885C77}] => (Allow) E:\Games\Steam\steamapps\common\Game Master Engine\GameMasterEngine.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{D6874AB9-ED88-4BE9-A016-1CFD81EE1DF0}] => (Allow) E:\Games\Steam\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{12C288BE-E953-4FA0-9DB1-1EFE7BAFF817}] => (Allow) E:\Games\Steam\steamapps\common\Cities_Skylines\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [TCP Query User{D26E1C04-39D2-4565-AA29-299787ACA29C}E:\games\arkenforge\masterstoolkit\masterstoolkit.exe] => (Allow) E:\games\arkenforge\masterstoolkit\masterstoolkit.exe () [File not signed]
FirewallRules: [UDP Query User{388EFE28-A3CF-403F-84AE-3F6D069F2ADF}E:\games\arkenforge\masterstoolkit\masterstoolkit.exe] => (Allow) E:\games\arkenforge\masterstoolkit\masterstoolkit.exe () [File not signed]
FirewallRules: [{7F4470A2-65F8-4B47-9FE2-13A5B668CAA8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1C8E539A-53DA-4A85-BB29-9D0A0039FF45}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3DD295AA-6B8F-4C73-8131-EFC8E4FF1A36}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D67CBAAF-27D5-4842-BC73-D682832D61F7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{065939F2-6AB0-406A-A93F-3342FD31ECFD}] => (Allow) E:\Games\Steam\steamapps\common\Moons of Ardan Demo\MoonsOfArdan.exe () [File not signed]
FirewallRules: [{8CD8A3BD-4E02-43EB-B5F9-6BD3BD4BD40E}] => (Allow) E:\Games\Steam\steamapps\common\Moons of Ardan Demo\MoonsOfArdan.exe () [File not signed]
FirewallRules: [{864BCB0A-8F51-43AD-891A-49D1A857CB46}] => (Allow) E:\Games\Steam\steamapps\common\Wildshape\Wildshape Editor.exe () [File not signed]
FirewallRules: [{59A55F5D-C6BE-4C72-A72B-659FFD24E162}] => (Allow) E:\Games\Steam\steamapps\common\Wildshape\Wildshape Editor.exe () [File not signed]
FirewallRules: [{DDD4FB75-252D-42E9-B28A-FF5103180351}] => (Allow) E:\Games\Steam\steamapps\common\Patron\GameLauncher.exe () [File not signed]
FirewallRules: [{86407C4F-5764-4E99-BCB4-9662F6EBD92D}] => (Allow) E:\Games\Steam\steamapps\common\Patron\GameLauncher.exe () [File not signed]
FirewallRules: [{7BE48DE2-716A-4359-8EDC-48ADA7EE3C6E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{913136A3-C337-440A-BE93-41A3D3A31899}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E92C66CF-65A4-47D6-8166-4B9BA7FBA545}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F42DDBE6-AE20-4C7D-A11B-D533DE53C25A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D0E2469D-C68B-4F45-B9A9-EFA2F3626C39}] => (Allow) E:\Games\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{3B1505DD-81A0-4998-94A4-A33365C543C5}] => (Allow) E:\Games\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{C518AE47-3712-450C-92F5-DF5F05C38775}] => (Allow) E:\Games\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{04A17EE2-E153-449B-9F0D-77A0ADAFDDEE}] => (Allow) E:\Games\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{D2DCE390-7DDE-4102-AA1B-FB843CADA1DD}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{08DF86B7-AEFE-403B-944B-56BF4141FC61}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
 
==================== Restore Points =========================
 
20-03-2022 05:03:39 Scheduled Checkpoint
30-03-2022 01:09:24 Scheduled Checkpoint
07-04-2022 05:03:54 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices ============
 
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (04/09/2022 04:31:25 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (04/08/2022 12:32:43 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (04/07/2022 02:14:27 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (04/06/2022 03:44:51 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (04/05/2022 03:26:15 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (04/04/2022 07:39:43 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (04/04/2022 05:07:39 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on Data (E:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
 
Error: (04/03/2022 01:11:24 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
 
System errors:
=============
Error: (04/08/2022 12:59:18 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.
 
Error: (04/07/2022 10:53:54 AM) (Source: googledrivefs3688) (EventID: 2) (User: )
Description: The driver version of the disk does not match.
 
Error: (04/07/2022 01:45:09 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.
 
Error: (04/06/2022 02:53:28 PM) (Source: googledrivefs3688) (EventID: 2) (User: )
Description: The driver version of the disk does not match.
 
Error: (04/05/2022 07:54:26 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.
 
Error: (04/05/2022 12:03:12 AM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.
 
Error: (04/04/2022 04:55:22 PM) (Source: googledrivefs3688) (EventID: 2) (User: )
Description: The driver version of the disk does not match.
 
Error: (04/04/2022 08:02:14 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.
 
 
Windows Defender:
================
Date: 2022-04-09 04:02:38
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2022-04-07 01:35:48
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2022-04-06 02:43:59
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2022-04-05 03:02:47
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2022-04-04 02:47:21
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===============
Date: 2022-04-08 02:25:37
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2022-03-17 18:45:38
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume4\Program Files\Google\Drive File Stream\55.0.3.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.
 
Date: 2022-03-15 01:23:41
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
Date: 2021-06-09 06:34:37
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\91.0.4472.77\chrome.dll that did not meet the Microsoft signing level requirements.
 
Date: 2021-06-09 06:34:06
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\91.0.4472.77\chrome_elf.dll that did not meet the Microsoft signing level requirements.
 
 
==================== Memory info =========================== 
 
BIOS: American Megatrends Inc. F2 07/27/2015
Motherboard: Gigabyte Technology Co., Ltd. Z170-HD3P-CF
Processor: Intel® Core™ i7-6700K CPU @ 4.00GHz
Percentage of memory in use: 52%
Total physical RAM: 32717.75 MB
Available physical RAM: 15418.64 MB
Total Virtual: 65485.75 MB
Available Virtual: 33329.21 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:231.39 GB) (Free:61.19 GB) NTFS
Drive d: (Google Drive) (Fixed) (Total:202 GB) (Free:57.93 GB) FAT32
Drive e: (Data) (Fixed) (Total:1862.89 GB) (Free:404.47 GB) NTFS
Drive g: (Games) (Fixed) (Total:119.24 GB) (Free:108.66 GB) NTFS
 
\\?\Volume{30fac8cd-8666-4af0-afef-5f4c1abfd165}\ () (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{20d742c7-fd80-4e7a-8933-d4e5f812014e}\ () (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS
\\?\Volume{7b276940-d514-4b46-a6ac-e5c686732d8a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: CB71ABBB)
 
Partition: GPT.
 
==========================================================
Disk: 1 (Protective MBR) (Size: 119.2 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==========================================================
Disk: 2 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

 


BC AdBot (Login to Remove)

 

#2 nasdaq

nasdaq

  • Avatar image
  • Malware Response Team
  • 48,096 posts
  • ONLINE
    •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:13 PM

Posted 10 April 2022 - 08:42 AM

Duplicate.

The topic will be closed.


Back to Virus, Trojan, Spyware, and Malware Removal Help


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users


  1. BleepingComputer.com
  2. Security
  3. Virus, Trojan, Spyware, and Malware Removal Help
  4. Privacy Policy
  5. Rules ·