Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News: German authorities identify REvil and GangCrab ransomware bosses

Featured Deal: Protect up to 9 devices from ads and tracking for just $16 in this AdGuard deal

Latest Buyer's Guide: Best VPNs in 2025

XMRig Miner

Started by wilsontanaeeee , May 24 2023 08:19 AM

This topic is locked

55 replies to this topic

#1 wilsontanaeeee

Members
107 posts
OFFLINE

Local time:09:19 AM

Posted 24 May 2023 - 08:19 AM

Requested by Oh My!
I found the actual XR.exe file in a temp, I deleted it.
After a while, XMRig Miner was apparently hiding itself whenever i viewed task manager. (Oh my, if you want I can record it)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-05-2023
Ran by Andrew Tan (administrator) on WINDOWS11 (Dell Inc. Inspiron 7501) (24-05-2023 21:11:52)
Running from C:\Users\Andrew Tan\Downloads\FRST64.exe
Loaded Profiles: Andrew Tan
Platform: Microsoft Windows 10 Home Single Language Version 21H2 19044.2965 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserProcess.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\AnalyticsSubAgent\Dell.TechHub.Analytics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\Andrew Tan\AppData\Roaming\Zoom\bin\Zoom.exe <2>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe ->) (Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RAPS.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe <2>
(C:\Users\Andrew Tan\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Andrew Tan\AppData\Local\Programs\Opera\98.0.4759.39\opera_crashreporter.exe
(C:\Users\Andrew Tan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\XUService.exe ->) () [File not signed] C:\Users\Andrew Tan\AppData\Local\Temp\RuntimeService.exe
(C:\Users\Andrew Tan\AppData\Roaming\Zoom\bin\Zoom.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Users\Andrew Tan\AppData\Roaming\Zoom\bin\CptHost.exe
(Discord Inc. -> Discord Inc.) C:\Users\Andrew Tan\AppData\Local\Discord\app-1.0.9013\Discord.exe <6>
(DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\dptf_helper.exe
(explorer.exe ->) () [File not signed] C:\Users\Andrew Tan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\XUService.exe
(explorer.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4779.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <25>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <69>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14>
(explorer.exe ->) (Spotify AB -> Spotify Ltd) C:\Users\Andrew Tan\AppData\Roaming\Spotify\Spotify.exe <6>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_5a14f9d63e895eba\WavesSvc64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.242\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.242\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Opera Norway AS -> Opera Software) C:\Users\Andrew Tan\AppData\Local\Programs\Opera\opera.exe <19>
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Inc -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (EEO Education Ltd. -> Apple Inc.) C:\Program Files (x86)\ClassIn\MacmDNSResponder.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4de65d949492707a\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4de65d949492707a\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d4564390a9b1e980\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\TbtP2pShortcutService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\ThunderboltService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_dd349ca1e8d98184\LMS.exe
(services.exe ->) (Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_34f570cbe7f3d6c7\RstMwService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\drivers\SessionService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_780e4f2b5ffcba60\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Oracle America, Inc. -> ) C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f82b8b1a0b601f77\RtkAudUService64.exe <3>
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(services.exe ->) (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe
(services.exe ->) (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\IAS\IntelAudioService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(services.exe ->) (voidtools -> voidtools) C:\Program Files (x86)\Everything\Everything.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_5a14f9d63e895eba\WavesSysSvc64.exe
(services.exe ->) (WOLF OF WEBSTREET (OPC) PRIVATE LIMITED -> Copyright 2017.) C:\Program Files (x86)\MalwareFox AntiMalware\ZAM.exe
(svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4779.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_11.2302.5.0_x64__8wekyb3d8bbwe\Time.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Rivet Networks LLC -> DELL) C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f82b8b1a0b601f77\RtkAudUService64.exe [1342568 2021-08-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_5a14f9d63e895eba\WavesSvc64.exe [1774584 2021-02-02] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1684216 2020-05-13] (Open Source Developer, Phillip Gibbons -> Highresolution Enterprises)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3089288 2022-11-11] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\MalwareFox AntiMalware\ZAM.exe [15767792 2021-12-14] (WOLF OF WEBSTREET (OPC) PRIVATE LIMITED -> Copyright 2017.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37123024 2023-05-04] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\Run: [Discord] => C:\Users\Andrew Tan\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1785864 2023-05-22] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\Run: [Spotify] => C:\Users\Andrew Tan\AppData\Roaming\Spotify\Spotify.exe [20403576 2023-05-17] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4362600 2023-04-29] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\Run: [Voicemod] => C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe [7442264 2022-10-05] (Voicemod Sociedad Limitada -> Voicemod)
HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\Run: [MicrosoftEdgeAutoLaunch_9A22365D39E8759F3CAF0A95110B968C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4152216 2023-05-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\Run: [AudioTekService] => C:\Users\Andrew Tan\AppData\Local\AudioTekService.exe [4608 2023-05-22] () [File not signed]
HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\Run: [Medal] => C:\Users\Andrew Tan\AppData\Local\Medal\update.exe [1974144 2023-03-08] (Ferox Games B.V. -> )
HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\Run: [DiscordCanary] => C:\Users\Andrew Tan\AppData\Local\DiscordCanary\Update.exe [1525016 2023-04-19] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\Run: [Opera Browser Assistant] => C:\Users\Andrew Tan\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3970456 2023-05-16] (Opera Norway AS -> Opera Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\113.0.5672.127\Installer\chrmstp.exe [2023-05-19] (Google LLC -> Google LLC)
Startup: C:\Users\Andrew Tan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MySQL System Tray Monitor.lnk [2021-05-01]
ShortcutTarget: MySQL System Tray Monitor.lnk -> C:\Program Files (x86)\MySQL\MySQL Tools for 5.0\MySQLSystemTrayMonitor.exe () [File not signed]
Startup: C:\Users\Andrew Tan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NisService.exe [2023-05-24] () [File not signed]
Startup: C:\Users\Andrew Tan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OBEBroker.exe [2023-05-24] () [File not signed]
Startup: C:\Users\Andrew Tan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2021-09-03]
ShortcutTarget: Twitch.lnk -> C:\Users\Andrew Tan\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc. -> Twitch Interactive, Inc.)
Startup: C:\Users\Andrew Tan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vpad-framework.lnk [2021-09-27]
ShortcutTarget: vpad-framework.lnk -> C:\Users\Andrew Tan\AppData\Roaming\VideoPad Framework\vpadtool.exe (No File)
Startup: C:\Users\Andrew Tan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\XUService.exe [2023-05-24] () [File not signed]
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CADA5D6-2D35-4A84-BED5-54006D986D0C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {21547006-0ECB-4AEC-9A2A-E79D48473192} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [190816 2023-05-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {29D4EC61-05C1-48F0-A23A-D03D82371A3B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {3303EBAF-D42C-47CC-B1C4-EFF5DE943849} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {38B57C18-3890-4BF4-AF02-BEAC50F2F4FD} - System32\Tasks\GoogleUpdateTaskMachineUA{0C3193D9-E0A1-40EB-982F-E192C6B22216} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-05-06] (Google LLC -> Google LLC)
Task: {47EE2B48-A497-4717-B411-F331A6743C62} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {49F67AE3-7E49-4CAD-91D8-7DEF88367F3F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4A841A0D-613B-4110-8AD0-285B890B4207} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {56063D6C-390D-463E-9F85-589AB3DD93B3} - System32\Tasks\Opera scheduled assistant Autoupdate 1619668565 => C:\Users\Andrew Tan\AppData\Local\Programs\Opera\launcher.exe [2675616 2023-05-06] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Andrew Tan\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {589A1BA5-2F66-40F1-9448-FF84D17DB83D} - System32\Tasks\Opera scheduled Autoupdate 1619668564 => C:\Users\Andrew Tan\AppData\Local\Programs\Opera\launcher.exe [2675616 2023-05-06] (Opera Norway AS -> Opera Software)
Task: {635B1E58-25CD-4B55-B429-267B538A9ED6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6414D4B3-34A0-409B-8905-652AADBEEFC8} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\SupportAssistInstaller.exe [738144 2023-04-07] (Dell Inc -> Dell Inc.)
Task: {65AC68B8-40C2-4AE3-B799-E322E658830B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {66AFBE83-D640-4118-A70F-5EDE546D46A6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {749DC086-B7F2-4AAF-8ACA-46A50E8031CB} - System32\Tasks\GoogleUpdateTaskMachineCore{C6B68B4B-17A0-43DC-BB26-A9C98CDEFC59} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-05-06] (Google LLC -> Google LLC)
Task: {7A30B2AA-BE1E-4058-B7FA-96DD28BB288B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {7A9EE446-EB0E-4CEF-B72C-E60DBB33A4A5} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {83B585B3-AF21-4332-BB1B-5724A2193E24} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {901E6ED6-935E-4344-AF68-1717E7847560} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {955B8602-1153-420C-9953-A39609F52944} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [71936 2021-02-23] (Oracle America, Inc. -> Oracle Corporation)
Task: {9950A17D-CCB5-4F08-BE10-F62DDBE25615} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ACA4C8A6-59B4-4723-814A-6A5830F52989} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157664 2023-05-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {B063F88D-5937-4AC6-88A8-5BEDC9ED48EC} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [732064 2023-05-13] (Mozilla Corporation -> Mozilla Foundation)
Task: {B8C7CD77-9F3D-442C-9220-3135E8609104} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B9738DDF-8A3A-4E3F-BCA5-84F1D6A8B0F2} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157664 2023-05-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {BE11BB44-2543-4C05-97FF-D8FCD7CC32F7} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-05-13] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {BFC4DC71-1323-4067-9063-12015A3CCCB4} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2639880 2023-05-22] (Overwolf Ltd -> Overwolf LTD)
Task: {E03ED6A3-F2DC-4D71-8756-01BBBE1B6D34} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [96520 2021-08-13] (Rivet Networks LLC -> DELL)
Task: {E82BA656-29EE-4152-B580-0D2894E9DD79} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2021-08-26] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {FD3A8970-C5F4-4438-8108-5794A39874EC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-16] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{17569a79-5a70-40f4-8d3f-5ab0e963d0b8}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{17569a79-5a70-40f4-8d3f-5ab0e963d0b8}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2e6b4772-bc1a-4b8d-95ee-c3505efe4e53}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{f7f833c5-ba0d-4bb8-a5e5-6caa399c3f96}: [DhcpNameServer] 172.4.1.172

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Andrew Tan\AppData\Local\Microsoft\Edge\User Data\Default [2023-05-24]
Edge Notifications: Default -> hxxps://aternos.org; hxxps://meet.google.com
Edge Extension: (AutoDraw for skribbl.io) - C:\Users\Andrew Tan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bpnefockcbbpkbahgkkacjmebfheacjb [2023-01-05]
Edge Extension: (RoPro - Enhance Your Roblox Experience) - C:\Users\Andrew Tan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ccldjpmlknihnmejmgnpdbggebnijcme [2023-03-15]
Edge Extension: (skribbl.io Bot) - C:\Users\Andrew Tan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\egfjccfngpialgcfdanenhidjhcbbonp [2022-11-18]
Edge Extension: (Edge relevant text changes) - C:\Users\Andrew Tan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-27]
Edge Extension: (Chessvision.ai Chess Position Scanner) - C:\Users\Andrew Tan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\johejpedmdkeiffkdaodgoipdjodhlld [2023-03-01]
Edge Profile: C:\Users\Andrew Tan\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2022-11-18]
Edge Profile: C:\Users\Andrew Tan\AppData\Local\Microsoft\Edge\User Data\Profile 2 [2023-02-02]
Edge Profile: C:\Users\Andrew Tan\AppData\Local\Microsoft\Edge\User Data\Profile 3 [2023-02-02]

FireFox:
========
FF DefaultProfile: wgx1cm4n.default
FF ProfilePath: C:\Users\Andrew Tan\AppData\Roaming\Mozilla\Firefox\Profiles\wgx1cm4n.default [2022-03-01]
FF ProfilePath: C:\Users\Andrew Tan\AppData\Roaming\Mozilla\Firefox\Profiles\5pgugucv.default-release [2023-05-24]
FF Homepage: Mozilla\Firefox\Profiles\5pgugucv.default-release -> hxxps://www.google.com/
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-05-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-05-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-05-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-05-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Andrew Tan\AppData\Local\Google\Chrome\User Data\Default [2023-05-24]
CHR Notifications: Default -> hxxps://meet.google.com
CHR Extension: (RoPro - Enhance Your Roblox Experience) - C:\Users\Andrew Tan\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbacgifemdbhdkfppmeilbgppmhaobf [2023-03-13]
CHR Extension: (AutoDraw for skribbl.io) - C:\Users\Andrew Tan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpnefockcbbpkbahgkkacjmebfheacjb [2023-01-05]
CHR Extension: (Lumin PDF - Beautiful PDF Editor) - C:\Users\Andrew Tan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbkidnlfklnjanneifjjojofckpcogcl [2021-04-29]
CHR Extension: (Video Downloader Professional) - C:\Users\Andrew Tan\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2023-04-19]
CHR Extension: (Google Font Previewer for Chrome) - C:\Users\Andrew Tan\AppData\Local\Google\Chrome\User Data\Default\Extensions\engndlnldodigdjamndkplafgmkkencc [2022-07-06]
CHR Extension: (EditThisCookie) - C:\Users\Andrew Tan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2021-04-29]
CHR Extension: (YoutubeDownloader) - C:\Users\Andrew Tan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfcdbodapcbfckbfpmgeldfkkgjknceo [2021-12-03] [UpdateUrl:hxxps://clients24.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Google Docs Offline) - C:\Users\Andrew Tan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-23]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Andrew Tan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-05-02]
CHR Extension: (PDF Mergy - Merge PDF files) - C:\Users\Andrew Tan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgecghmkcdefnknohcimkoemhaofpoha [2022-10-10]
CHR Extension: (Google Translate) - C:\Users\Andrew Tan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfhgpjbcoignfibliobpclhpfnadhofn [2021-12-03]
CHR Extension: (Cisco Webex Extension) - C:\Users\Andrew Tan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2022-07-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Andrew Tan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-29]
CHR Extension: (Stylebot) - C:\Users\Andrew Tan\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiaejidbmkiecgbjeifoejpgmdaleoha [2022-07-27]
CHR Profile: C:\Users\Andrew Tan\AppData\Local\Google\Chrome\User Data\System Profile [2022-02-22]

Opera:
=======
OPR Profile: C:\Users\Andrew Tan\AppData\Roaming\Opera Software\Opera Stable [2023-05-24]
OPR DownloadDir: C:\Users\Andrew Tan\Desktop
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (RoPro - Enhance Your Roblox Experience) - C:\Users\Andrew Tan\AppData\Roaming\Opera Software\Opera Stable\Extensions\adbacgifemdbhdkfppmeilbgppmhaobf [2023-03-22]
OPR Extension: (SearchBlox) - C:\Users\Andrew Tan\AppData\Roaming\Opera Software\Opera Stable\Extensions\blddohgncmehcepnokognejaaahehncd [2022-08-17]
OPR Extension: (Rich Hints Agent) - C:\Users\Andrew Tan\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-03-10]
OPR Extension: (Opera Wallet) - C:\Users\Andrew Tan\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-05-19]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Andrew Tan\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-02]
OPR Extension: (Opera AI Prompts) - C:\Users\Andrew Tan\AppData\Roaming\Opera Software\Opera Stable\Extensions\mljbnbeedpkgakdchcmfapkjhfcogaoc [2023-05-19]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-06-14] (BattlEye Innovations e.K. -> )
R2 Bonjour Service; C:\Program Files (x86)\ClassIn\MacmDNSResponder.exe [474072 2023-02-09] (EEO Education Ltd. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11749376 2023-05-16] (Microsoft Corporation -> Microsoft Corporation)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [315008 2020-08-18] (Dell Inc -> Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458960 2023-03-14] (Dell Inc -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [161488 2023-03-14] (Dell Inc -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [484560 2023-03-14] (Dell Inc -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [55712 2022-11-07] (Dell Inc -> )
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [22224 2023-04-11] (Dell Inc -> Dell INC.)
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{340EC5D1-A327-4DCA-B35D-73C78915FD9E} [21312 2021-03-16] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [49880 2023-01-19] (Dell Inc -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [156064 2022-12-09] (Dell Inc -> Dell)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1136040 2023-04-23] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2023-04-24] (Epic Games Inc. -> Epic Games, Inc.)
R2 Everything; C:\Program Files (x86)\Everything\Everything.exe [1774696 2021-05-12] (voidtools -> voidtools)
S3 Macromedia Licensing Service; C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2021-05-02] () [File not signed]
R2 MySQL80; C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe [50786024 2021-03-25] (Oracle America, Inc. -> )
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2639880 2023-05-22] (Overwolf Ltd -> Overwolf LTD)
R2 RAPSService; C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe [66296 2021-08-13] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [66296 2021-08-13] (Rivet Networks LLC -> Rivet Networks, LLC.)
R2 SmartByte Analytics Service; C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe [1633040 2021-08-13] (Rivet Networks LLC -> Rivet Networks)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2390800 2021-08-13] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [160096 2023-04-07] (Dell Inc -> Dell Inc.)
R2 TbtP2pShortcutService; C:\Windows\TbtP2pShortcutService.exe [256608 2022-06-29] (Intel Corporation -> Intel Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [14691624 2021-08-25] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746728 2021-11-22] (Oracle Corporation -> Oracle Corporation)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10430256 2022-11-11] (Riot Games, Inc. -> Riot Games, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe [3216064 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe [133544 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\MalwareFox AntiMalware\ZAM.exe [15767792 2021-12-14] (WOLF OF WEBSTREET (OPC) PRIVATE LIMITED -> Copyright 2017.)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_780e4f2b5ffcba60\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_780e4f2b5ffcba60\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACE-BASE; C:\Windows\system32\drivers\ACE-BASE.sys [1869904 2023-05-04] (HIGH MORALE DEVELOPMENTS LIMITED -> ANTICHEATEXPERT.COM)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [320728 2021-08-25] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2021-03-16] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 DDDriver; C:\Windows\System32\drivers\dddriver64Dcsa.sys [43400 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Dell Technologies)
R3 DellInstrumentation; C:\Windows\System32\drivers\DellInstrumentation.sys [46528 2023-03-14] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 HoYoProtect; C:\Windows\system32\HoYoKProtect.sys [3669520 2023-04-02] (Microsoft Windows Hardware Compatibility Publisher -> miHoYo)
R3 MpKsl886adf66; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C02EFAF4-0B73-4B2A-8183-36162437D7A6}\MpKslDrv.sys [212264 2023-05-24] (Microsoft Windows -> Microsoft Corporation)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
R3 SmbCoSvc; C:\Windows\system32\DRIVERS\SmbCo10X64.sys [166032 2021-08-13] (Intel Corporation -> Rivet Networks, LLC.)
S3 UniFairy; C:\Windows\system32\UniFairy.sys [828144 2021-10-29] (Tencent Technology(Shenzhen) Company Limited -> )
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [239672 2021-11-22] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [249584 2021-11-22] (Oracle Corporation -> Oracle Corporation)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [22216888 2022-11-10] (Riot Games, Inc. -> Riot Games, Inc.)
R3 VOICEMOD_Driver; C:\Windows\system32\drivers\mvvad.sys [48144 2022-07-04] (Voicemod Sociedad Limitada -> Windows ® Win 7 DDK provider)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49616 2023-05-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [498944 2023-05-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99608 2023-05-03] (Microsoft Windows -> Microsoft Corporation)
S1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2021-12-10] (Zemana Ltd. -> Zemana Ltd.)
S1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2021-12-10] (Zemana Ltd. -> Zemana Ltd.)
S3 MpKsld74a28cf; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E306C3C8-6AA2-4403-B6FD-282F619D2CAB}\MpKslDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-05-24 21:11 - 2023-05-24 21:11 - 000000000 ____D C:\Users\Andrew Tan\Downloads\FRST-OlderVersion
2023-05-20 16:03 - 2023-05-20 16:03 - 000000000 ____D C:\ProgramData\PLUG
2023-05-17 10:41 - 2023-05-17 10:41 - 004348082 _____ C:\Users\Andrew Tan\Downloads\sakayanji.mp4
2023-05-13 19:33 - 2023-05-18 08:34 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-05-10 15:21 - 2023-05-10 15:21 - 000000000 ___HD C:\$WinREAgent
2023-05-06 02:38 - 2023-05-19 00:49 - 000003790 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{0C3193D9-E0A1-40EB-982F-E192C6B22216}
2023-05-06 02:38 - 2023-05-19 00:49 - 000003666 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{C6B68B4B-17A0-43DC-BB26-A9C98CDEFC59}
2023-05-03 16:08 - 2023-05-24 14:52 - 000000000 ____D C:\Users\Andrew Tan\AppData\Roaming\discordcanary
2023-05-03 16:07 - 2023-05-24 14:52 - 000000000 ____D C:\Users\Andrew Tan\AppData\Local\DiscordCanary
2023-05-02 18:49 - 2023-05-03 13:37 - 000000139 _____ C:\Users\Andrew Tan\Downloads\tinytask.ini
2023-05-02 17:10 - 2023-05-02 17:10 - 000036352 _____ () C:\Users\Andrew Tan\Downloads\tinytask.exe
2023-05-02 10:43 - 2023-05-04 11:14 - 001869904 _____ (ANTICHEATEXPERT.COM) C:\Windows\system32\Drivers\ACE-BASE.sys
2023-05-02 10:43 - 2023-05-02 10:43 - 000000000 ____D C:\Users\Andrew Tan\AppData\LocalLow\Cognosphere
2023-05-01 20:49 - 2023-05-04 11:14 - 000000000 ____D C:\Program Files\Star Rail
2023-05-01 20:49 - 2023-05-01 20:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Rail
2023-04-28 10:21 - 2023-04-28 10:21 - 000014316 _____ C:\Users\Andrew Tan\Downloads\Fixlog.txt
2023-04-28 10:17 - 2023-04-28 10:17 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2023-04-28 10:16 - 2023-04-28 10:19 - 000000000 ____D C:\Windows\pss

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-05-24 21:13 - 2022-01-09 09:23 - 000041315 _____ C:\Users\Andrew Tan\Downloads\FRST.txt
2023-05-24 21:12 - 2022-01-09 09:22 - 000000000 ____D C:\FRST
2023-05-24 21:11 - 2022-01-09 09:22 - 002382848 _____ (Farbar) C:\Users\Andrew Tan\Downloads\FRST64.exe
2023-05-24 20:58 - 2021-10-26 10:23 - 000000000 ____D C:\Program Files (x86)\Steam
2023-05-24 20:54 - 2021-04-29 10:48 - 000000000 ____D C:\Program Files (x86)\Google
2023-05-24 20:53 - 2021-07-28 17:14 - 000000000 ____D C:\Users\Andrew Tan\AppData\Local\Discord
2023-05-24 20:28 - 2021-10-13 20:54 - 000000000 ____D C:\Users\Andrew Tan\AppData\Local\Spotify
2023-05-24 18:58 - 2019-12-07 17:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-05-24 18:44 - 2021-10-13 20:52 - 000000000 ____D C:\Users\Andrew Tan\AppData\Roaming\Spotify
2023-05-24 18:44 - 2021-08-23 20:33 - 000000000 ____D C:\Users\Andrew Tan\AppData\Local\osu!
2023-05-24 18:41 - 2021-07-28 17:14 - 000000000 ____D C:\Users\Andrew Tan\AppData\Roaming\discord
2023-05-24 17:45 - 2021-03-16 14:39 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-05-24 15:59 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\system32\inetsrv
2023-05-24 15:09 - 2021-04-15 21:20 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2023-05-24 14:56 - 2021-03-16 14:47 - 000986510 _____ C:\Windows\system32\PerfStringBackup.INI
2023-05-24 14:56 - 2019-12-07 17:13 - 000000000 ____D C:\Windows\INF
2023-05-24 14:55 - 2022-02-09 14:02 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-05-24 14:54 - 2021-08-18 18:14 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2023-05-24 14:54 - 2021-04-15 21:19 - 000000000 ____D C:\ProgramData\NVIDIA
2023-05-24 14:53 - 2021-05-03 15:28 - 000000000 ____D C:\Users\Andrew Tan\AppData\Local\CrashDumps
2023-05-24 14:52 - 2021-06-16 16:42 - 000000000 ____D C:\Program Files\TeamViewer
2023-05-24 14:52 - 2021-04-28 19:05 - 000000000 ____D C:\Users\Andrew Tan
2023-05-24 14:51 - 2021-12-19 11:18 - 000000000 ____D C:\ProgramData\Goodix
2023-05-24 14:51 - 2021-04-15 21:14 - 000000000 ____D C:\Intel
2023-05-24 14:51 - 2021-03-16 14:39 - 000008192 ___SH C:\DumpStack.log.tmp
2023-05-24 14:51 - 2021-03-16 14:39 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-05-24 14:51 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\ServiceState
2023-05-24 14:17 - 2023-03-06 14:50 - 000000000 ____D C:\temp
2023-05-24 08:26 - 2021-10-01 14:14 - 000000000 ____D C:\Users\Andrew Tan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2023-05-24 08:26 - 2021-05-20 10:12 - 000000256 _____ C:\Users\Andrew Tan\AppData\LocalLow\rbxcsettings.rbx
2023-05-23 19:20 - 2021-12-11 16:25 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1953523510-4150578024-2247769738-1001
2023-05-23 19:20 - 2021-09-02 19:19 - 000000000 ____D C:\Program Files (x86)\Overwolf
2023-05-23 19:20 - 2021-04-28 19:11 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1953523510-4150578024-2247769738-1001
2023-05-23 19:20 - 2021-04-28 19:05 - 000002400 _____ C:\Users\Andrew Tan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-05-23 19:12 - 2019-12-07 17:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-05-23 19:12 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\AppReadiness
2023-05-23 17:14 - 2019-12-07 17:03 - 000786432 _____ C:\Windows\system32\config\BBI
2023-05-22 08:33 - 2023-03-04 12:54 - 001311744 _____ C:\Users\Andrew Tan\AppData\Local\audioassembly.dll
2023-05-22 08:33 - 2023-03-04 12:54 - 000004608 _____ () C:\Users\Andrew Tan\AppData\Local\AudioTekService.exe
2023-05-20 12:53 - 2021-03-16 14:50 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-05-20 10:29 - 2022-02-17 00:24 - 000000000 ____D C:\Program Files\RUXIM
2023-05-19 08:14 - 2021-04-29 11:57 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-05-18 08:39 - 2021-04-29 11:56 - 000004474 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1619668565
2023-05-18 08:34 - 2021-04-29 11:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-05-16 08:48 - 2021-03-16 14:51 - 000000000 ____D C:\Program Files\Microsoft Office
2023-05-16 08:44 - 2021-04-29 11:57 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-05-12 16:47 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\system32\NDF
2023-05-12 16:33 - 2022-01-09 18:14 - 000000000 ____D C:\Users\Andrew Tan\.VirtualBox
2023-05-12 16:30 - 2022-01-09 18:14 - 000000000 ____D C:\ProgramData\VirtualBox
2023-05-12 12:26 - 2022-10-21 16:58 - 002794960 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2023-05-12 12:26 - 2022-10-21 16:58 - 000488912 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2023-05-12 12:26 - 2022-10-21 16:58 - 000247248 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll
2023-05-12 12:26 - 2022-10-21 16:58 - 000202192 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2023-05-12 12:26 - 2022-10-21 16:58 - 000165376 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2023-05-12 12:26 - 2022-10-21 16:58 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2023-05-12 12:26 - 2022-10-21 16:58 - 000079312 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2023-05-12 12:26 - 2022-10-21 16:58 - 000062968 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2023-05-12 12:20 - 2021-04-28 19:32 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-05-11 12:36 - 2021-04-28 19:10 - 000000000 ____D C:\Users\Andrew Tan\AppData\Local\Packages
2023-05-11 12:36 - 2019-12-07 17:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-05-11 08:50 - 2021-04-29 21:01 - 000000000 ____D C:\Users\Andrew Tan\AppData\Local\D3DSCache
2023-05-11 08:47 - 2021-03-16 14:50 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-05-11 08:47 - 2021-03-16 14:50 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-05-11 08:40 - 2021-03-16 14:39 - 005135160 _____ C:\Windows\system32\FNTCACHE.DAT
2023-05-11 08:39 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\SystemResources
2023-05-11 08:39 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2023-05-11 08:39 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\system32\oobe
2023-05-11 08:39 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-05-11 08:39 - 2019-12-07 17:14 - 000000000 ____D C:\Windows\bcastdvr
2023-05-10 19:11 - 2021-04-15 21:19 - 000000000 ____D C:\ProgramData\Package Cache
2023-05-10 17:53 - 2021-04-15 21:18 - 000000000 ____D C:\Program Files\Dell
2023-05-10 17:51 - 2021-04-15 21:24 - 000003946 _____ C:\Windows\system32\Tasks\Dell SupportAssistAgent AutoUpdate
2023-05-10 17:50 - 2021-04-29 11:56 - 000004210 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1619668564
2023-05-10 17:50 - 2021-04-29 11:56 - 000001494 _____ C:\Users\Andrew Tan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2023-05-10 17:46 - 2021-04-15 21:18 - 000000000 ____D C:\Program Files (x86)\Dell
2023-05-10 15:36 - 2019-12-07 17:03 - 000000000 ____D C:\Windows\CbsTemp
2023-05-10 15:31 - 2021-03-16 14:42 - 003015168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-05-10 14:51 - 2021-04-28 19:42 - 000000000 ____D C:\Windows\system32\MRT
2023-05-10 14:44 - 2021-04-28 19:42 - 159583304 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-05-09 09:07 - 2021-03-16 15:03 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-05-03 17:44 - 2021-10-31 11:02 - 000000000 ____D C:\Program Files\dotnet
2023-05-03 16:08 - 2021-07-28 17:14 - 000000000 ____D C:\Users\Andrew Tan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2023-05-03 16:08 - 2021-07-28 17:14 - 000000000 ____D C:\Users\Andrew Tan\AppData\Local\SquirrelTemp
2023-05-03 08:40 - 2021-03-16 14:39 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-05-01 20:50 - 2022-05-27 14:26 - 000000000 ____D C:\Users\Andrew Tan\AppData\Local\HoYoverse
2023-04-28 10:21 - 2021-04-15 21:22 - 000000000 ____D C:\Windows\system32\Tasks\McAfee
2023-04-28 10:17 - 2021-12-30 17:48 - 000000000 ____D C:\Users\Andrew Tan\AppData\Roaming\ClassIn
2023-04-25 12:41 - 2021-11-24 17:53 - 000000000 ____D C:\Program Files\Genshin Impact
2023-04-24 10:51 - 2022-01-09 09:24 - 000060296 _____ C:\Users\Andrew Tan\Downloads\Addition.txt

==================== Files in the root of some directories ========

2021-09-08 11:17 - 2021-09-08 11:17 - 000000488 _____ () C:\Users\Andrew Tan\AppData\Roaming\.cache~$
2021-07-13 16:46 - 2021-10-13 14:15 - 000000612 _____ () C:\Users\Andrew Tan\AppData\Roaming\mscache.lock
2021-10-09 12:42 - 2021-10-09 12:42 - 000000016 _____ () C:\Users\Andrew Tan\AppData\Roaming\obs-virtualcam.txt
2021-07-13 16:46 - 2021-10-13 14:18 - 000011722 _____ () C:\Users\Andrew Tan\AppData\Roaming\salwyrr.properties.backup
2021-07-13 16:46 - 2021-10-13 14:16 - 000011722 _____ () C:\Users\Andrew Tan\AppData\Roaming\slw.saves
2021-05-13 21:52 - 2023-02-28 08:48 - 000000128 _____ () C:\Users\Andrew Tan\AppData\Roaming\winscp.rnd
2023-03-04 12:54 - 2023-05-22 08:33 - 001311744 _____ () C:\Users\Andrew Tan\AppData\Local\audioassembly.dll
2023-03-04 12:54 - 2023-05-22 08:33 - 000004608 _____ () C:\Users\Andrew Tan\AppData\Local\AudioTekService.exe
2021-07-16 17:14 - 2021-07-16 17:14 - 000016438 _____ () C:\Users\Andrew Tan\AppData\Local\partner.bmp
2022-01-25 08:12 - 2022-01-25 08:12 - 000000128 _____ () C:\Users\Andrew Tan\AppData\Local\PUTTY.RND
2022-01-10 09:26 - 2022-01-10 10:15 - 000007605 _____ () C:\Users\Andrew Tan\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-05-2023
Ran by Andrew Tan (24-05-2023 21:14:45)
Running from C:\Users\Andrew Tan\Downloads
Microsoft Windows 10 Home Single Language Version 21H2 19044.2965 (X64) (2021-04-28 13:01:37)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1953523510-4150578024-2247769738-500 - Administrator - Disabled)
Andrew Tan (S-1-5-21-1953523510-4150578024-2247769738-1001 - Administrator - Enabled) => C:\Users\Andrew Tan
DefaultAccount (S-1-5-21-1953523510-4150578024-2247769738-503 - Limited - Disabled)
Guest (S-1-5-21-1953523510-4150578024-2247769738-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1953523510-4150578024-2247769738-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Disabled - Up to date) {FE987762-0FB6-6BB6-1BF1-73F8ED8566FA}
FW: McAfee Firewall (Disabled) {C6A3F647-45D9-6AEE-30AE-DACD13562181}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AutoHotkey (HKLM\...\AutoHotkey) (Version: 2.0.2 - AutoHotkey Foundation LLC)
AutoHotkey (user) (HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\AutoHotkey) (Version: 2.0.2 - AutoHotkey Foundation LLC)
Badlion Client (HKLM\...\1de14785-dd8c-5cd2-aae8-d4a376f81d78) (Version: 3.3.2 - Badlion)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BlueStacks 5 (HKLM\...\BlueStacks_nxt) (Version: 5.2.130.1002 - BlueStack Systems, Inc.)
ClassIn (HKLM-x32\...\ClassIn) (Version: 4.2.5.30h6 - Beijing EEO Education Technology Co., Ltd.)
CurseForge (HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.205.1.5800 - Overwolf app)
Dell Digital Delivery Services (HKLM-x32\...\{CF95CED4-3A1E-4486-B7FA-428C25D617ED}) (Version: 5.0.64.0 - Dell Inc.)
Dell Mobile Connect Drivers (HKLM\...\{44701B2F-7D33-4F59-B319-64A06D880882}) (Version: 3.2.9660 - Screenovate Technologies Ltd.)
Dell Power Manager Service (HKLM\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.7.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\{6D3561B7-19AA-438B-9C83-CD2CED199472}) (Version: 3.14.0.91 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{FFFED431-EF80-4C39-A66E-E11BC7413D33}) (Version: 5.5.5.16206 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{cff56899-3afb-4fe1-aeec-a0474836d1cd}) (Version: 5.5.5.16206 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{0ACC4393-7CDB-4512-800B-0404A9DF75E6}) (Version: 5.5.6.18729 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{3238f3fe-4c2d-4438-8bfd-e6bb87adb36e}) (Version: 5.5.6.18729 - Dell Inc.)
Dell Update for Windows Universal (HKLM\...\{931EF4E8-D267-4504-A5E9-5DE70B9712E9}) (Version: 4.6.0 - Dell Inc.)
Discord (HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\Discord) (Version: 1.0.9002 - Discord Inc.)
Discord Canary (HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\DiscordCanary) (Version: 1.0.60 - Discord Inc.)
Dynamic Application Loader Host Interface Service (HKLM\...\{ECFC785A-9107-4259-9288-0ABC86C0F6AB}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{A7BBC0A6-3DB0-41CC-BCED-DDFC5D4F3060}) (Version: 1.2.17.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{19695986-25CE-41AC-9C6F-54794653EDBA}) (Version: 2.0.36.0 - Epic Games, Inc.)
Everything 1.4.1.1009 (x86) (HKLM-x32\...\Everything) (Version: 1.4.1.1009 - voidtools)
FTB App (HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\Overwolf_cmogmmciplgmocnhikmphehmeecmpaggknkjlbag) (Version: 1.22.813.1844 - Overwolf app)
Genshin Impact (HKLM\...\Genshin Impact) (Version: 2.25.2.0 - miHoYo Co.,Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 113.0.5672.127 - Google LLC)
IdentityV (HKLM-x32\...\IdentityV) (Version: 1.0.0.1 - Netease, Inc.)
IIS URL Rewrite Module 2 (HKLM\...\{9BCA2118-F753-4A1E-BCF3-5A820729965C}) (Version: 7.2.1993 - Microsoft Corporation)
Intel® Icls (HKLM\...\{27946170-623E-45A2-9D7F-BEC95A5B78E6}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® LMS (HKLM\...\{364EE9BC-EB74-4436-B502-FA8FF2F7153F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2036.15.0.1835 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{DCC7FC90-C9BC-445B-A12B-ACC4278102BA}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{FEAA68D6-DA1D-4440-91B6-43906444FA49}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Driver (HKLM\...\{E34D6B17-6F86-49F8-AECB-DE7B543A5960}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Java 8 Update 291 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Java 8 Update 291 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180291F0}) (Version: 8.0.2910.10 - Oracle Corporation)
Key Presser 2.1.7.8 (HKLM-x32\...\{A74CA1C1-AE87-46CB-BF3B-3E7BB192222B}_is1) (Version: - Robot-Soft.com, Inc.)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lunar Client (HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\1fcec38f-e773-5444-8669-32b8eb41524b) (Version: 2.9.4 - Moonsworth, LLC)
Macromedia Dreamweaver MX 2004 (HKLM-x32\...\{05BB2EC5-6BEF-4DDC-9E75-BEE7B161157A}) (Version: 7.0.1 - Macromedia)
Macromedia Extension Manager (HKLM-x32\...\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}) (Version: 1.5 - Macromedia)
MalwareFox AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Wolf of Webstreet OPC Private Limited)
Medal (HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\Medal) (Version: 4.1943.0 - Medal B.V.)
Microsoft .NET Host - 5.0.11 (x64) (HKLM\...\{15150450-57AB-4186-B520-329EED51AF7A}) (Version: 40.44.30523 - Microsoft Corporation) Hidden
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.14 (x64) (HKLM\...\{40D4EC44-91F8-4EEE-869E-F4B3E90E6688}) (Version: 48.59.55225 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.11 (x64) (HKLM\...\{303BF805-644E-4A76-8964-B39786190EAC}) (Version: 40.44.30523 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.14 (x64) (HKLM\...\{D1726E78-81F3-40A2-A7AF-6286BAA49B1C}) (Version: 48.59.55225 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.11 (x64) (HKLM\...\{9E190CBD-B034-491A-BD02-BDDBB4D67F74}) (Version: 40.44.30523 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.14 (x64) (HKLM\...\{61202CF9-3B84-4E5A-91A1-2984FAE38259}) (Version: 48.59.55225 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.14 (x64) (HKLM-x32\...\{a75f0c38-355e-478f-b573-1dbc42915c5c}) (Version: 6.0.14.32123 - Microsoft Corporation)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.16327.20248 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 113.0.1774.50 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 113.0.1774.50 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\OneDriveSetup.exe) (Version: 23.091.0430.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Web Platform Installer 5.1 (HKLM\...\{4D38C3A3-B685-4AB5-BD6D-FD88BCED5805}) (Version: 5.1.51515.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.11 (x64) (HKLM\...\{EB19F3DA-DB90-4269-BBD9-0FDC8056B372}) (Version: 40.44.30524 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 5.0.11 (x64) (HKLM-x32\...\{59d2a8eb-a667-428d-a393-42df4da226a4}) (Version: 5.0.11.30524 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (HKLM-x32\...\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{08D2E121-7F6A-43EB-97FD-629B44903403}) (Version: 1.00.0000 - Adobe) Hidden
Minecraft Launcher (HKLM-x32\...\{733C3ACB-432D-4880-B0E1-660000D7974D}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 113.0.1 (x64 en-US)) (Version: 113.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 88.0 - Mozilla)
MySQL Connector/ODBC 8.0 (HKLM-x32\...\{E1868314-A805-443C-8363-0C2EB19299A7}) (Version: 8.0.24 - Oracle Corporation)
MySQL Installer - Community (HKLM-x32\...\{1886D589-D6C7-4A83-B71E-6BA7C8CBBFA9}) (Version: 1.4.36.0 - Oracle Corporation)
MySQL Installer - Community (HKLM-x32\...\{E893209B-DB26-475E-ABE3-900812CBDF9A}) (Version: 1.4.25.0 - Oracle Corporation)
MySQL Installer - Community (HKLM-x32\...\{FF10F640-6428-4AD2-B735-7D219C5E36B3}) (Version: 1.4.37.0 - Oracle Corporation)
MySQL Server 8.0 (HKLM\...\{D5201299-C610-4861-BFB6-A85BCCC69046}) (Version: 8.0.24 - Oracle Corporation)
MySQL Tools for 5.0 (HKLM-x32\...\{FCB10DE3-E190-4A7E-B06A-FAC61567ABFC}) (Version: 5.0.17 - MySQL AB, Sun Microsystems, Inc.)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Graphics Driver 527.37 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 527.37 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.20.0221 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.20.0221 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.1.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16327.20248 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Opera Stable 98.0.4759.39 (HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\Opera 98.0.4759.39) (Version: 98.0.4759.39 - Opera Software)
Oracle VM VirtualBox 6.1.30 (HKLM\...\{9F1FFDC2-9B49-41F3-B6F1-18DC368D6CA2}) (Version: 6.1.30 - Oracle Corporation)
osu! (HKLM-x32\...\{1a3ba6ae-6993-4683-96ec-997565bf6127}) (Version: latest - ppy Pty Ltd)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.223.0.33 - Overwolf Ltd.)
Plague Inc Evolved MULTi14 - ElAmigos version 1.18.4.0 (HKLM-x32\...\{BDF7DD42-37BE-43A2-8F9C-44EE65466076}_is1) (Version: 1.18.4.0 - Ndemic Creations)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Roblox Player for Andrew Tan (HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for Andrew Tan (HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\roblox-studio) (Version: - Roblox Corporation)
Scratch 3 3.25.0 (HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\bad79d23-e888-5a7b-9e99-60ee89b6c8bf) (Version: 3.25.0 - Scratch Foundation)
SmartByte Drivers and Services (HKLM\...\{A0CDAD3D-0329-4E3E-8DC1-30E333D6564D}) (Version: 3.1.995 - Rivet Networks)
Spotify (HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\Spotify) (Version: 1.2.11.916.geb595a67 - Spotify AB)
Star Rail (HKLM\...\Star Rail) (Version: 2.24.2.0 - COGNOSPHERE PTE. LTD.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StepMania 5 (HKLM-x32\...\StepMania 5) (Version: 5.0.12 - StepMania)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.21.5 - TeamViewer)
TETR.IO 8.0.0 (HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\9a3dfa06-7288-5a53-9344-33af40bb4e08) (Version: 8.0.0 - osk)
TL for Mc-launcher.com version rolling (HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\a55a547b-6921-3d4a-8f5a-12275fdb4abc_is1) (Version: rolling - TL)
Twitch (HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C270D21B-2327-49B8-85F7-395133A93C75}) (Version: 8.92.0.0 - Microsoft Corporation)
VALORANT (HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
Voicemod (HKLM\...\{8435A407-F778-4647-9CDB-46E5EC50BAD0}_is1) (Version: 2.37.0.0 - Voicemod S.L.)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
WinSCP 5.17.10 (HKLM-x32\...\winscp3_is1) (Version: 5.17.10 - Martin Prikryl)
X-Mouse Button Control 2.19.2 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.19.2 - Highresolution Enterprises)
YoutubeDownloader (HKLM-x32\...\7DFA4CC1-24E7-4181-B4F8-0CDB7C89DBE2) (Version: 2.0.0.1583 - )
Zoom (HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\ZoomUMX) (Version: 5.13.11 (13434) - Zoom Video Communications, Inc.)

Packages:
=========
Dell CinemaColor -> C:\Program Files\WindowsApps\PortraitDisplays.DellCinemaColor_2.4.78.0_x64__2dgmkzkw4h30c [2022-08-11] (Portrait Displays)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.4.9.0_x64__htrsf667h5kn2 [2023-04-12] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_5.0.64.0_x64__htrsf667h5kn2 [2023-03-12] (Dell Inc)
Dell Mobile Connect 3.3 -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0 [2023-03-12] (Screenovate Technologies) [Startup Task]
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.14.40.0_x64__htrsf667h5kn2 [2023-04-04] (Dell Inc)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.14.4.0_x64__htrsf667h5kn2 [2023-05-10] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.6.36.0_x86__htrsf667h5kn2 [2022-08-13] (Dell Inc)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.17.945.0_x64__rz1tebttyb220 [2023-05-09] (Dolby Laboratories)
Dolby Vision Extensions -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyVisionAccess_2.2.317.0_x64__rz1tebttyb220 [2023-05-18] (Dolby Laboratories)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.17.0_x64__xbfy0k16fey96 [2023-05-23] (Dropbox Inc.)
FacePlay -> C:\Program Files\WindowsApps\58208AdvancedKernels.FacePlay_1.0.18.0_x64__ex0sdd25ebkq6 [2022-11-29] (Advanced Kernels)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_145.3.1086.0_x64__v10z8vjag6ke6 [2023-05-20] (HP Inc.)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4779.0_x64__8j3eq9eme6ctt [2023-04-18] (INTEL CORP) [Startup Task]
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1037.0_x64__8j3eq9eme6ctt [2023-03-12] (INTEL CORP)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2023-03-12] (McAfee LLC.)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2305.14002.0_x64__8wekyb3d8bbwe [2023-05-20] (Microsoft Corporation) [Startup Task]
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.2.4.0_x64__8wekyb3d8bbwe [2023-03-22] (Microsoft Studios)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-04-28] (Microsoft Corporation)
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2 [2023-03-12] (Dell Inc)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-09-14] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-12] (NVIDIA Corp.)
Partner Promo -> C:\Program Files\WindowsApps\DellInc.PartnerPromo_1.0.21.0_x64__htrsf667h5kn2 [2021-04-28] (Dell Inc)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-01-27] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-13] (Microsoft Corporation)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.575.424.0_x86__55nm5eh3cm0pr [2023-05-13] (ROBLOX Corporation)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_3.1.1001.0_x64__rh07ty8m5nkag [2021-10-27] (Rivet Networks LLC)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-18] (Microsoft Studios) [MS Ad]
Thunderbolt™ Control Center -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.36.0_x64__8j3eq9eme6ctt [2022-09-26] (INTEL CORP)
Waves MaxxAudio Pro for Dell 2020 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell2020_3.0.98.0_x64__fh4rh281wavaa [2021-07-02] (Waves Audio)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1953523510-4150578024-2247769738-1001_Classes\CLSID\{0BAD39CB-DD3E-4F21-9156-649B0156C28E}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_5a14f9d63e895eba\WavesSvc64.exe (Waves Inc -> Waves Audio Ltd.)
CustomCLSID: HKU\S-1-5-21-1953523510-4150578024-2247769738-1001_Classes\CLSID\{89b2b650-c4dd-d68b-46e7-3176f1973c8b}\localserver32 -> C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Windows\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_d51acc8493d6b911\OptaneShellExt.dll [2022-10-27] (Intel Corporation -> )
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\MalwareFox AntiMalware\ZAMShellExt64.dll [2021-12-10] (Zemana Ltd. -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Windows\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_d51acc8493d6b911\OptaneShellExt.dll [2022-10-27] (Intel Corporation -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_780e4f2b5ffcba60\nvshext.dll [2023-02-13] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\MalwareFox AntiMalware\ZAMShellExt64.dll [2021-12-10] (Zemana Ltd. -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Andrew Tan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\53b77523eaecddc1\Profile 4 - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 3"

==================== Loaded Modules (Whitelisted) =============

2021-10-26 10:31 - 2022-11-07 18:17 - 000387072 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2021-10-26 10:31 - 2022-11-07 18:17 - 008052736 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2021-03-25 19:33 - 2021-03-25 19:33 - 000045568 _____ () [File not signed] C:\Program Files\MySQL\MySQL Server 8.0\lib\plugin\component_reference_cache.dll
2021-03-25 19:31 - 2021-03-25 19:31 - 000554496 _____ (Google Inc.) [File not signed] C:\Program Files\MySQL\MySQL Server 8.0\bin\libprotobuf-lite.dll
2022-04-04 11:02 - 2022-04-04 10:46 - 000393216 _____ (Leading Edge Pty Ltd) [File not signed] C:\Program Files\PrprVirtualCam\SpoutCam64.ax
2021-03-16 14:51 - 2021-03-16 14:51 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2021-03-16 14:51 - 2021-03-16 14:51 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2018-03-08 07:18 - 2018-03-08 07:18 - 000015360 _____ (NHibernate community) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Iesi.Collections.dll
2020-11-11 20:57 - 2020-11-11 20:57 - 000537088 _____ (NHibernate.info) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\FluentNHibernate.dll
2022-11-07 12:53 - 2022-11-07 12:53 - 001548800 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Dell Digital Delivery Services\SQLite.Interop.dll
2018-02-06 17:25 - 2018-02-06 17:25 - 000176640 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.dll
2018-03-23 12:10 - 2018-03-23 12:10 - 000028160 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.EagerFetching.dll
2021-02-17 04:19 - 2021-02-17 04:19 - 000124928 _____ (Stateless Contributors) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\stateless.dll
2021-12-17 05:45 - 2021-12-17 05:45 - 000258048 _____ (The Apache Software Foundation) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\log4net.dll
2021-03-25 15:08 - 2021-03-25 15:08 - 002863616 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\MySQL\MySQL Server 8.0\bin\libcrypto-1_1-x64.dll
2021-03-25 15:08 - 2021-03-25 15:08 - 000686080 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\MySQL\MySQL Server 8.0\bin\libssl-1_1-x64.dll
2016-12-18 08:55 - 2016-12-18 08:55 - 000097280 _____ (Tunnel Vision Laboratories, LLC) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Antlr3.Runtime.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_291\bin\ssv.dll [2021-05-28] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-05-28] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-03-07] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\ssv.dll [2021-05-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\jp2ssv.dll [2021-05-27] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-05-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-05-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-05-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-05-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-05-04] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 17:14 - 2022-01-01 13:22 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1       localhost

2022-03-05 11:25 - 2022-07-14 08:16 - 000000439 _____ C:\Windows\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\Microsoft\Web Platform Installer\;C:\Program Files\dotnet\
HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "XMouseButtonControl"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run: => "ZAM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\StartupApproved\StartupFolder: => "MySQL System Tray Monitor.lnk"
HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\StartupApproved\Run: => "Voicemod"
HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\StartupApproved\Run: => "Medal"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A9538A56-0A0A-4D62-8094-65D2E78920B6}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{446EF9BE-B041-4730-8014-C56B452E22D6}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8ED13493-0AF3-4AD5-B99D-B65B8C5CDB1F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BC032D83-9CBB-45D4-95C4-C12CB88F6E7F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{29BC978B-9AAF-4DF9-8E73-0D075A1A3C32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Hidden Room\TheHiddenRoom.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{5904BD47-20FB-481C-B95E-01A064EAF223}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Hidden Room\TheHiddenRoom.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{EE728AE4-7DAD-43DD-90B8-17508003DF9F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AA9BFE7C-2C1A-42DA-A62B-DF2869D37603}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0B01601D-A4BD-4F5A-977D-8C6854E00C68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crab Game\Crab Game.exe () [File not signed]
FirewallRules: [{54C525B2-CF47-4DEF-85A0-53621BA2586E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crab Game\Crab Game.exe () [File not signed]
FirewallRules: [{8AABEEC6-F412-4503-BBC7-8EAE14B79EEE}] => (Allow) C:\Users\Andrew Tan\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{CE325FF3-82B9-4875-B6C9-EABAD8A2B820}] => (Allow) C:\Users\Andrew Tan\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{77435E2F-67FC-4C9D-81B3-1EAFFB8CA39C}] => (Allow) C:\Users\Andrew Tan\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{267F7358-1B56-43CF-A045-286FC6A27712}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HonkaiImpact3rd\BH3.exe (miHoYo Co.,Ltd. -> )
FirewallRules: [{4C6E6800-4CF6-4BFA-BF7D-C4AE0D32A969}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HonkaiImpact3rd\BH3.exe (miHoYo Co.,Ltd. -> )
FirewallRules: [{7F1014C3-BC29-454F-8617-E4F83E08EED5}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [{3FD3FC40-134D-46AA-961F-5662DFF37943}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PrprLive\PrprLive.exe () [File not signed]
FirewallRules: [{84193202-7EDD-4F2D-B7FC-5E3639AB33E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PrprLive\PrprLive.exe () [File not signed]
FirewallRules: [TCP Query User{4B4A39AA-AC94-4F15-8A40-03D7528EF02B}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{A1C78193-CA8B-4102-8322-418B9A124C59}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{755C2F8D-AE20-46F3-B5CC-64A19C185E85}C:\users\andrew tan\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\andrew tan\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{376A965C-4B7F-4CAE-8278-7475E7840E45}C:\users\andrew tan\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\andrew tan\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{A050B376-CC82-407D-BF31-19DE9718DD34}C:\users\andrew tan\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\andrew tan\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{E3EB9F3D-BEF5-4124-BFBC-910694FCB0E8}C:\users\andrew tan\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\andrew tan\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{9E1E8A08-9A12-4A4C-89BC-C9D105344911}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{53AD4D20-BDAD-4BE1-A914-D278E44E3A50}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{105E2A9A-4515-420B-92A6-BC003D1E84A0}C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{4D5AC2D0-26D7-4008-ADB6-6750CC0BE761}C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{76A54AB6-BCCA-4687-86F8-1E739E98FBF6}C:\users\andrew tan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andrew tan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{682620AA-FDD7-4888-BFD2-AC6EE356DD84}C:\users\andrew tan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andrew tan\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{808088C7-0084-4E76-A498-5899F19DF1C4}C:\program files\genshin impact\genshin impact game\genshinimpact_data\plugins\zfgamebrowser.exe] => (Block) C:\program files\genshin impact\genshin impact game\genshinimpact_data\plugins\zfgamebrowser.exe (COGNOSPHERE PTE. LTD. -> )
FirewallRules: [UDP Query User{39ECC4DA-9B66-4977-8B65-043E932F7BA7}C:\program files\genshin impact\genshin impact game\genshinimpact_data\plugins\zfgamebrowser.exe] => (Block) C:\program files\genshin impact\genshin impact game\genshinimpact_data\plugins\zfgamebrowser.exe (COGNOSPHERE PTE. LTD. -> )
FirewallRules: [{A5098CE6-790E-47F2-8775-67FC485FBFB0}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [{9A21AC37-3C5A-4245-BC3B-DE8D6744DE98}] => (Allow) C:\Program Files\Voicemod Desktop\VoicemodDesktop.exe (Voicemod Sociedad Limitada -> Voicemod)
FirewallRules: [TCP Query User{2EC5B061-5D04-4AA3-BFC7-C07BC620785A}C:\users\andrew tan\appdata\roaming\.tlauncher\mcl\minecraft\jre\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\andrew tan\appdata\roaming\.tlauncher\mcl\minecraft\jre\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{BE389ED4-01D0-4A7C-AC4A-587A876D9F7D}C:\users\andrew tan\appdata\roaming\.tlauncher\mcl\minecraft\jre\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\users\andrew tan\appdata\roaming\.tlauncher\mcl\minecraft\jre\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [TCP Query User{20CDF70F-4BEA-4768-80F6-30A0476C2DE7}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{6C58841A-BA37-4FDF-BF47-9326A442C1C8}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{07265135-5D94-4465-A8CD-A213E200EE77}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0E6E89CB-043B-4584-B395-D4D14FCC65F9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C1892DB1-A739-4A03-9CE4-2EC120A85866}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B6BC4A7D-451A-4521-8CEC-7E32DF839551}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{12549EB8-E0A6-4570-B34A-525B81AF357B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9226134C-FC96-433D-A4E7-F39BB88F0AA0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{8B996F62-42B7-4AEE-8F76-482149F75682}C:\users\andrew tan\appdata\local\medal\app-4.1943.0\medal.exe] => (Allow) C:\users\andrew tan\appdata\local\medal\app-4.1943.0\medal.exe (Ferox Games B.V. -> Medal B.V.)
FirewallRules: [UDP Query User{1D130BCD-155A-43F5-B18D-09BF60237CE5}C:\users\andrew tan\appdata\local\medal\app-4.1943.0\medal.exe] => (Allow) C:\users\andrew tan\appdata\local\medal\app-4.1943.0\medal.exe (Ferox Games B.V. -> Medal B.V.)
FirewallRules: [{3CF52E39-3382-46C6-9F09-707449C6127A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Helltaker\Helltaker.exe () [File not signed]
FirewallRules: [{E6FD1F79-E6F5-4DB1-B7C0-66E366ED3E1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Helltaker\Helltaker.exe () [File not signed]
FirewallRules: [TCP Query User{4E7220C2-2BCF-43C3-AF45-A122DC49B3C1}C:\users\andrew tan\appdata\roaming\.tlauncher\mcl\minecraft\jre\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\andrew tan\appdata\roaming\.tlauncher\mcl\minecraft\jre\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{1956A5F7-D29A-4644-B222-4C9FF4FC8DF4}C:\users\andrew tan\appdata\roaming\.tlauncher\mcl\minecraft\jre\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe] => (Allow) C:\users\andrew tan\appdata\roaming\.tlauncher\mcl\minecraft\jre\jre-legacy\windows-x64\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{D1486BAC-99BB-4003-A003-4DC41BE846C7}C:\users\andrew tan\appdata\roaming\.tlauncher\mcl\minecraft\jre\bin\java.exe] => (Allow) C:\users\andrew tan\appdata\roaming\.tlauncher\mcl\minecraft\jre\bin\java.exe
FirewallRules: [UDP Query User{C65D2DE8-2745-4B90-806F-7E4185B24D03}C:\users\andrew tan\appdata\roaming\.tlauncher\mcl\minecraft\jre\bin\java.exe] => (Allow) C:\users\andrew tan\appdata\roaming\.tlauncher\mcl\minecraft\jre\bin\java.exe
FirewallRules: [TCP Query User{981E1989-55F1-484F-B04B-B9E13675C61B}C:\program files\star rail\games\starrail.exe] => (Allow) C:\program files\star rail\games\starrail.exe (COGNOSPHERE PTE. LTD. -> )
FirewallRules: [UDP Query User{02C37401-32A8-451E-B693-2D3A7740E266}C:\program files\star rail\games\starrail.exe] => (Allow) C:\program files\star rail\games\starrail.exe (COGNOSPHERE PTE. LTD. -> )
FirewallRules: [{81E0C718-F4F6-4286-B1FA-86524FBF1CF7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DA3FA354-50B3-40B7-977D-B8870E3C6B9A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{387E9892-EE5A-4D3D-B482-BA9942FE431D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4A65E7F0-2FC1-4DD0-9FFC-A00F4FBA0893}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E451CA71-B37C-4807-B81B-9C338BD40551}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5BBB7678-A237-4D81-8CC1-F3B07751CCF2}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{181174D8-035A-4FF9-B878-5A652DB16F72}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.50\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EC52047B-41C9-4B8D-9707-434107C1E72B}] => (Allow) C:\Program Files (x86)\Overwolf\0.223.0.30\OverwolfBrowser.exe => No File
FirewallRules: [{8AA2765E-284B-483E-AAF7-139543F80819}] => (Allow) C:\Program Files (x86)\Overwolf\0.223.0.30\OverwolfBrowser.exe => No File
FirewallRules: [{461200C2-6607-4722-8F5C-5DD5C9D85EF4}] => (Block) C:\Program Files (x86)\Overwolf\0.223.0.30\OverwolfBrowser.exe => No File
FirewallRules: [{3FEB9D81-8F3A-444B-A00B-E89B73C83655}] => (Block) C:\Program Files (x86)\Overwolf\0.223.0.30\OverwolfBrowser.exe => No File
FirewallRules: [{112040C0-7BF3-4E36-9E1A-08E4A4ADCFD4}] => (Allow) C:\Program Files (x86)\Overwolf\0.204.0.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{F7BDF6E4-A354-46FD-906A-1CB1964B3DE8}] => (Allow) C:\Program Files (x86)\Overwolf\0.204.0.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{DF779FD1-764F-4490-BA6B-43191564E73B}] => (Block) C:\Program Files (x86)\Overwolf\0.204.0.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{FF80FA5C-D477-472D-97FB-11364127DAA7}] => (Block) C:\Program Files (x86)\Overwolf\0.204.0.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{5A515A28-B272-4156-8FEB-5FC76658C80F}] => (Allow) C:\Program Files (x86)\Overwolf\0.223.0.33\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{303FB236-73BB-4656-A537-96177E6AC96E}] => (Allow) C:\Program Files (x86)\Overwolf\0.223.0.33\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [TCP Query User{537414EF-B188-446D-9D04-9E1018A5398A}C:\users\andrew tan\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\andrew tan\appdata\local\discord\app-1.0.9013\discord.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [UDP Query User{1D4AF0FA-6B52-417F-AA7F-66AC273C2D95}C:\users\andrew tan\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\andrew tan\appdata\local\discord\app-1.0.9013\discord.exe (Discord Inc. -> Discord Inc.)

==================== Restore Points =========================

10-05-2023 15:23:03 Windows Modules Installer
19-05-2023 18:45:01 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: ========================

Application errors:
==================
Error: (05/24/2023 05:45:38 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: WINDOWS11)
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.

Error: (05/24/2023 04:40:40 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {4c3b691f-683c-453b-a9a1-29647102fc28}

Error: (05/24/2023 03:59:39 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {4c3b691f-683c-453b-a9a1-29647102fc28}

Error: (05/24/2023 02:52:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AudioTekService.exe, version: 2.0.0.1, time stamp: 0xa325d577
Faulting module name: audioassembly.dll, version: 0.0.0.0, time stamp: 0x6403ee22
Exception code: 0xc0000409
Fault offset: 0x000b70b4
Faulting process id: 0x45a4
Faulting application start time: 0x01d98e0c5dd4463e
Faulting application path: C:\Users\Andrew Tan\AppData\Local\AudioTekService.exe
Faulting module path: C:\Users\Andrew Tan\AppData\Local\audioassembly.dll
Report Id: 900226ec-7140-4dcc-89f6-467174b3e140
Faulting package full name:
Faulting package-relative application ID:

Error: (05/23/2023 06:32:25 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {2c36f763-0691-4e26-a2dc-5b5891c780a0}

Error: (05/23/2023 06:21:52 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {2c36f763-0691-4e26-a2dc-5b5891c780a0}

Error: (05/23/2023 05:15:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AudioTekService.exe, version: 2.0.0.1, time stamp: 0xa325d577
Faulting module name: KERNELBASE.dll, version: 10.0.19041.2965, time stamp: 0xf18c1c30
Exception code: 0xe06d7363
Fault offset: 0x0013d6c2
Faulting process id: 0x4314
Faulting application start time: 0x01d98d571648cc4b
Faulting application path: C:\Users\Andrew Tan\AppData\Local\AudioTekService.exe
Faulting module path: C:\Windows\System32\KERNELBASE.dll
Report Id: 6800702b-e067-43ba-9e6c-d7964ddb7de1
Faulting package full name:
Faulting package-relative application ID:

Error: (05/23/2023 05:15:42 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AudioTekService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.InteropServices.SEHException
   at gwsir____ehnjop.Program.ExitProgram()
   at gwsir____ehnjop.Program.Main(System.String[])

System errors:
=============
Error: (05/24/2023 02:51:43 PM) (Source: volmgr) (EventID: 161) (User: )
Description: Dump file creation failed due to error during dump creation.

Error: (05/24/2023 02:51:57 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:05:19 PM on ‎24/‎5/‎2023 was unexpected.

Error: (05/24/2023 01:31:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The ZAM Controller Service service terminated unexpectedly. It has done this 1 time(s).

Error: (05/24/2023 11:20:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinRing0_1_2_0 service failed to start due to the following error:
The system cannot find the file specified.

Error: (05/24/2023 11:18:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinRing0_1_2_0 service failed to start due to the following error:
The system cannot find the file specified.

Error: (05/24/2023 11:07:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinRing0_1_2_0 service failed to start due to the following error:
The system cannot find the file specified.

Error: (05/24/2023 11:06:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinRing0_1_2_0 service failed to start due to the following error:
The system cannot find the file specified.

Error: (05/23/2023 10:14:18 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} did not register with DCOM within the required timeout.

Windows Defender:
================
Date: 2023-05-24 21:12:36
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Linux/CoinMiner!MTB&threatid=354966&enterprise=0
Name: PUA:Linux/CoinMiner!MTB
Severity: Low
Category: Potentially Unwanted Software
Path: process:_pid:12620,ProcessStart:133293917957747938; process:_pid:13092,ProcessStart:133293856780119371; process:_pid:14592,ProcessStart:133293850244666793; process:_pid:15036,ProcessStart:133294061645720525; process:_pid:18760,ProcessStart:133293895720989159; process:_pid:19128,ProcessStart:133293887778857428; process:_pid:21844,ProcessStart:133293879098411270; process:_pid:22648,ProcessStart:133293982614064440; process:_pid:22764,ProcessStart:133294000400948029; process:_pid:23228,ProcessStart:133293857760102362; process:_pid:24664,ProcessStart:133293907403448823; process:_pid:26368,ProcessStart:133293914592576845; process:_pid:27704,ProcessStart:133293850867297349; process:_pid:28012,ProcessStart:133293910711611096; process:_pid:28056,ProcessStart:133293902221277067; process:_pid:28720,ProcessStart:133293897562858142; process:_pid:29672,ProcessStart:133294049637968198; process:_pid:29720,ProcessStart:133293905556573823; process:_pid:29868,ProcessStart:133294018804834798; process:_pid:29936,ProcessStart:133
Detection Origin: Unknown
Detection Type: Concrete
Detection Source: System
Process Name: C:\Users\ANDREW~1\AppData\Local\Temp\XR.exe
Security intelligence Version: AV: 1.389.2284.0, AS: 1.389.2284.0, NIS: 1.389.2284.0
Engine Version: AM: 1.1.20300.3, NIS: 1.1.20300.3

Date: 2023-05-24 21:10:10
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Linux/CoinMiner!MTB&threatid=354966&enterprise=0
Name: PUA:Linux/CoinMiner!MTB
Severity: Low
Category: Potentially Unwanted Software
Path: process:_pid:12620,ProcessStart:133293917957747938; process:_pid:13092,ProcessStart:133293856780119371; process:_pid:14592,ProcessStart:133293850244666793; process:_pid:15036,ProcessStart:133294061645720525; process:_pid:18760,ProcessStart:133293895720989159; process:_pid:19128,ProcessStart:133293887778857428; process:_pid:21844,ProcessStart:133293879098411270; process:_pid:22648,ProcessStart:133293982614064440; process:_pid:22764,ProcessStart:133294000400948029; process:_pid:23228,ProcessStart:133293857760102362; process:_pid:24664,ProcessStart:133293907403448823; process:_pid:26368,ProcessStart:133293914592576845; process:_pid:27704,ProcessStart:133293850867297349; process:_pid:28012,ProcessStart:133293910711611096; process:_pid:28056,ProcessStart:133293902221277067; process:_pid:28720,ProcessStart:133293897562858142; process:_pid:29672,ProcessStart:133294049637968198; process:_pid:29720,ProcessStart:133293905556573823; process:_pid:29868,ProcessStart:133294018804834798; process:_pid:29936,ProcessStart:133
Detection Origin: Unknown
Detection Type: Concrete
Detection Source: System
Process Name: C:\Users\ANDREW~1\AppData\Local\Temp\XR.exe
Security intelligence Version: AV: 1.389.2284.0, AS: 1.389.2284.0, NIS: 1.389.2284.0
Engine Version: AM: 1.1.20300.3, NIS: 1.1.20300.3

Date: 2023-05-24 20:49:25
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Linux/CoinMiner!MTB&threatid=354966&enterprise=0
Name: PUA:Linux/CoinMiner!MTB
Severity: Low
Category: Potentially Unwanted Software
Path: process:_pid:12620,ProcessStart:133293917957747938; process:_pid:13092,ProcessStart:133293856780119371; process:_pid:14592,ProcessStart:133293850244666793; process:_pid:15036,ProcessStart:133294061645720525; process:_pid:18760,ProcessStart:133293895720989159; process:_pid:19128,ProcessStart:133293887778857428; process:_pid:21844,ProcessStart:133293879098411270; process:_pid:22648,ProcessStart:133293982614064440; process:_pid:22764,ProcessStart:133294000400948029; process:_pid:23228,ProcessStart:133293857760102362; process:_pid:24664,ProcessStart:133293907403448823; process:_pid:26368,ProcessStart:133293914592576845; process:_pid:27704,ProcessStart:133293850867297349; process:_pid:28012,ProcessStart:133293910711611096; process:_pid:28056,ProcessStart:133293902221277067; process:_pid:28720,ProcessStart:133293897562858142; process:_pid:29672,ProcessStart:133294049637968198; process:_pid:29720,ProcessStart:133293905556573823; process:_pid:29868,ProcessStart:133294018804834798; process:_pid:29936,ProcessStart:133
Detection Origin: Unknown
Detection Type: Concrete
Detection Source: System
Process Name: C:\Users\ANDREW~1\AppData\Local\Temp\XR.exe
Security intelligence Version: AV: 1.389.2284.0, AS: 1.389.2284.0, NIS: 1.389.2284.0
Engine Version: AM: 1.1.20300.3, NIS: 1.1.20300.3

Date: 2023-05-24 20:41:59
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Linux/CoinMiner!MTB&threatid=354966&enterprise=0
Name: PUA:Linux/CoinMiner!MTB
Severity: Low
Category: Potentially Unwanted Software
Path: process:_pid:12620,ProcessStart:133293917957747938; process:_pid:13092,ProcessStart:133293856780119371; process:_pid:14592,ProcessStart:133293850244666793; process:_pid:18760,ProcessStart:133293895720989159; process:_pid:19128,ProcessStart:133293887778857428; process:_pid:21844,ProcessStart:133293879098411270; process:_pid:22648,ProcessStart:133293982614064440; process:_pid:22764,ProcessStart:133294000400948029; process:_pid:23228,ProcessStart:133293857760102362; process:_pid:24664,ProcessStart:133293907403448823; process:_pid:26368,ProcessStart:133293914592576845; process:_pid:27704,ProcessStart:133293850867297349; process:_pid:28012,ProcessStart:133293910711611096; process:_pid:28056,ProcessStart:133293902221277067; process:_pid:28720,ProcessStart:133293897562858142; process:_pid:29672,ProcessStart:133294049637968198; process:_pid:29720,ProcessStart:133293905556573823; process:_pid:29868,ProcessStart:133294018804834798; process:_pid:29936,ProcessStart:133293972377838802; process:_pid:30212,ProcessStart:133
Detection Origin: Unknown
Detection Type: Concrete
Detection Source: System
Process Name: C:\Users\ANDREW~1\AppData\Local\Temp\XR.exe
Security intelligence Version: AV: 1.389.2284.0, AS: 1.389.2284.0, NIS: 1.389.2284.0
Engine Version: AM: 1.1.20300.3, NIS: 1.1.20300.3

Date: 2023-05-24 20:29:28
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Linux/CoinMiner!MTB&threatid=354966&enterprise=0
Name: PUA:Linux/CoinMiner!MTB
Severity: Low
Category: Potentially Unwanted Software
Path: process:_pid:12620,ProcessStart:133293917957747938; process:_pid:13092,ProcessStart:133293856780119371; process:_pid:14592,ProcessStart:133293850244666793; process:_pid:18760,ProcessStart:133293895720989159; process:_pid:19128,ProcessStart:133293887778857428; process:_pid:21844,ProcessStart:133293879098411270; process:_pid:22648,ProcessStart:133293982614064440; process:_pid:22764,ProcessStart:133294000400948029; process:_pid:23228,ProcessStart:133293857760102362; process:_pid:24664,ProcessStart:133293907403448823; process:_pid:26368,ProcessStart:133293914592576845; process:_pid:27704,ProcessStart:133293850867297349; process:_pid:28012,ProcessStart:133293910711611096; process:_pid:28056,ProcessStart:133293902221277067; process:_pid:28720,ProcessStart:133293897562858142; process:_pid:29672,ProcessStart:133294049637968198; process:_pid:29720,ProcessStart:133293905556573823; process:_pid:29868,ProcessStart:133294018804834798; process:_pid:29936,ProcessStart:133293972377838802; process:_pid:30212,ProcessStart:133
Detection Origin: Unknown
Detection Type: Concrete
Detection Source: System
Process Name: C:\Users\ANDREW~1\AppData\Local\Temp\XR.exe
Security intelligence Version: AV: 1.389.2284.0, AS: 1.389.2284.0, NIS: 1.389.2284.0
Engine Version: AM: 1.1.20300.3, NIS: 1.1.20300.3
Event[0]:

Date: 2023-04-28 10:17:45
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

CodeIntegrity:
===============
Date: 2023-05-24 21:18:38
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4de65d949492707a\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-05-24 14:18:08
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: Dell Inc. 1.14.0 04/14/2022
Motherboard: Dell Inc. 0K5HK9
Processor: Intel® Core™ i7-10750H CPU @ 2.60GHz
Percentage of memory in use: 82%
Total physical RAM: 16145.69 MB
Available physical RAM: 2747.5 MB
Total Virtual: 32304.44 MB
Available Virtual: 6568.69 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:689.86 GB) (Free:60.53 GB) (Model: PC711 NVMe SK hynix 1TB) (Protected) NTFS
Drive d: (New Volume) (Fixed) (Total:244.14 GB) (Free:243.45 GB) (Model: PC711 NVMe SK hynix 1TB) (Protected) NTFS

\\?\Volume{93b07e67-6750-42b0-b4b3-bdebd01731dd}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.95 GB) NTFS
\\?\Volume{eec7bc95-88a8-4901-a584-7838eebc26d7}\ (Image) (Fixed) (Total:17.23 GB) (Free:0.14 GB) NTFS
\\?\Volume{06b641f5-792e-4c46-b2c6-db23c31ad614}\ (DELLSUPPORT) (Fixed) (Total:1.38 GB) (Free:0.56 GB) NTFS
\\?\Volume{9b156e9e-6e54-468e-972d-615431282eb7}\ (ESP) (Fixed) (Total:0.14 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: EC2C44F9)

Partition: GPT.

==================== End of Addition.txt =======================

Attached Files

Addition.txt 64.01KB 2 downloads
FRST.txt 52.38KB 2 downloads

Edited by Oh My!, 24 May 2023 - 08:34 AM.

BC AdBot (Login to Remove)

BleepingComputer.com
Register to remove ads

#2 Oh My!

Adware and Spyware and Malware

Malware Response Instructor
62,344 posts
ONLINE

Gender:Male
Location:California
Local time:06:19 PM

Posted 24 May 2023 - 08:36 AM

Greetings and :welcome:

to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

===================================================

Ground Rules:

First, please keep in mind most of us at BleepingComputer volunteer our assistance for your benefit in your time of need. Please try to match our commitment to you with your patience toward us.
It is important to not run any tools or take any steps other than those I will provide for you.
Please perform all steps in the order they are listed. If things are not clear or you experience problems be sure to stop and let me know.
Please copy and paste all logs into your post unless otherwise requested.
When your computer is clean I will let you know, provide instructions to remove tools and reports, and offer you information about how you can combat future infections.
If you do not reply to your topic after 5 days I will assume it has been abandoned and I will close it.

===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and let me know.

Please allow me some time to review what you have posted.

Lord, to whom shall we go? You have the words of eternal life and we have believed and have come to know that you are the Holy One of God.
John 6:68-69

The Man on the Middle Cross Said I Could Come

#3 Oh My!

Adware and Spyware and Malware

Malware Response Instructor
62,344 posts
ONLINE

Gender:Male
Location:California
Local time:06:19 PM

Posted 24 May 2023 - 09:33 AM

Nice to work with you again.

Please do this.

===================================================

Java Out of Date

--------------------

Java is known to have ongoing security concerns. If you know you don't need it, or even if you are unsure, I would recommend uninstalling it. If it is necessary in the future you will be alerted for the need to download it.

If you would rather have the program on your system skip the above and complete the Clean Install of Java Using JavaRa instructions here.

===================================================

Farbar Recovery Scan Tool Fix

--------------------

Right click on the FRST icon and select Run as administrator
Highlight the below information then hit the Ctrl + C keys at the same time and the text will be copied
There is no need to paste the information anywhere, FRST will do it for you

Start::
CreateRestorePoint:
CloseProcesses:
Folder: C:\ProgramData\PLUG
File: C:\Users\Andrew Tan\AppData\Local\Temp\RuntimeService.exe
File: C:\Users\Andrew Tan\AppData\Local\AudioTekService.exe
C:\Users\Andrew Tan\AppData\Local\Temp\RuntimeService.exe
C:\Users\Andrew Tan\AppData\Local\AudioTekService.exe
C:\temp
C:\Windows\system32\Tasks\McAfee
C:\Users\Andrew Tan\AppData\Roaming\VideoPad Framework\vpadtool.exe (No File) 
Startup: C:\Users\Andrew Tan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\XUService.exe [2023-05-24] () [File not signed]
Startup: C:\Users\Andrew Tan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vpad-framework.lnk [2021-09-27]
HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\Run: [AudioTekService] => C:\Users\Andrew Tan\AppData\Local\AudioTekService.exe [4608 2023-05-22] () [File not signed]
S3 MpKsld74a28cf; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E306C3C8-6AA2-4403-B6FD-282F619D2CAB}\MpKslDrv.sys [X] 
Powershell: Get-AppxPackage -allusers *5A894077.McAfeeSecurity* | Remove-AppxPackage
cmd: netsh winsock reset catalog
cmd: netsh int ip reset resetlog.txt
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state ON
cmd: bitsadmin /reset /allusers
cmd: ipconfig /flushdns
Removeproxy:
hosts:
Emptytemp:
cmd: sfc /scannow
cmd: DISM /Online /Cleanup-Image /RestoreHealth
End::

Click Fix
When completed the tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
Note: This step resets your Firewall settings and you may be asked later to grant permission for legitimate programs to pass through the Firewall. If you recognize the program agree to the request.
Note: The Emptytemp: command will remove cookies and may result in some websites (like banking) indicating they do not recognize your computer. It may be necessary to receive and apply a verification code.
Copy/paste the following in the Search: box

SearchAll: McAfee;XUService;AudioTekService

Click Search Files button
When completed click OK and a Search.txt document will open on your desktop
Copy and paste the report in your reply. If the file is too large zip and upload it here.

===================================================

Malwarebytes AdwCleaner

-------------------

Please download AdwCleaner and save it to your Desktop
Close all open programs and browsers
Right click on the icon and select Run as administrator
Click Scan now
Allow the program to Quarantine what it finds except for Pre-installed applications if you would like to keep those or other entries you would like to keep
When completed click View Scan Log File
Copy and paste the contents in your reply
Click Skip Basic Repair if it appears then close the program

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:

Java updated or removed?
Fixlog
Search.txt
AdwCleaner report

#4 wilsontanaeeee

Topic Starter

Members
107 posts
OFFLINE

Local time:09:19 AM

Posted 24 May 2023 - 08:08 PM

Fix result of Farbar Recovery Scan Tool (x64) Version: 23-05-2023
Ran by Andrew Tan (25-05-2023 08:39:39) Run:2
Running from C:\Users\Andrew Tan\Downloads
Loaded Profiles: Andrew Tan
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start::
CreateRestorePoint:
CloseProcesses:
Folder: C:\ProgramData\PLUG
File: C:\Users\Andrew Tan\AppData\Local\Temp\RuntimeService.exe
File: C:\Users\Andrew Tan\AppData\Local\AudioTekService.exe
C:\Users\Andrew Tan\AppData\Local\Temp\RuntimeService.exe
C:\Users\Andrew Tan\AppData\Local\AudioTekService.exe
C:\temp
C:\Windows\system32\Tasks\McAfee
C:\Users\Andrew Tan\AppData\Roaming\VideoPad Framework\vpadtool.exe (No File)
Startup: C:\Users\Andrew Tan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\XUService.exe [2023-05-24] () [File not signed]
Startup: C:\Users\Andrew Tan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vpad-framework.lnk [2021-09-27]
HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\...\Run: [AudioTekService] => C:\Users\Andrew Tan\AppData\Local\AudioTekService.exe [4608 2023-05-22] () [File not signed]
S3 MpKsld74a28cf; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E306C3C8-6AA2-4403-B6FD-282F619D2CAB}\MpKslDrv.sys [X]
Powershell: Get-AppxPackage -allusers *5A894077.McAfeeSecurity* | Remove-AppxPackage
cmd: netsh winsock reset catalog
cmd: netsh int ip reset resetlog.txt
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state ON
cmd: bitsadmin /reset /allusers
cmd: ipconfig /flushdns
Removeproxy:
hosts:
Emptytemp:
cmd: sfc /scannow
cmd: DISM /Online /Cleanup-Image /RestoreHealth
End::
*****************

Restore point was successfully created.
Processes closed successfully.

========================= Folder: C:\ProgramData\PLUG ========================

2023-05-20 16:03 - 2023-05-25 08:32 - 000000000 ____D [00000000000000000000000000000000] C:\ProgramData\PLUG\Logs
2023-05-20 16:03 - 2023-05-25 08:32 - 000131072 ____A [A1B0B6D547BA74E3598EF4F2144BE322] () C:\ProgramData\PLUG\Logs\RUXIMLog.001.etl
2023-05-20 16:03 - 2023-05-24 18:52 - 000131072 ____A [D408A2BD7B9CE29E8CA8627352D7BA8D] () C:\ProgramData\PLUG\Logs\RUXIMLog.002.etl
2023-05-20 16:03 - 2023-05-24 14:52 - 000131072 ____A [5AAF0B8A93292D4CDDBE1DFC45558AD5] () C:\ProgramData\PLUG\Logs\RUXIMLog.003.etl
2023-05-20 16:03 - 2023-05-24 14:07 - 000131072 ____A [C704776A79E15F393116B2CE148253E7] () C:\ProgramData\PLUG\Logs\RUXIMLog.004.etl
2023-05-20 16:03 - 2023-05-24 14:07 - 000131072 ____A [301822477D6136153FC424793C4D9739] () C:\ProgramData\PLUG\Logs\RUXIMLog.006.etl
2023-05-20 16:03 - 2023-05-24 10:07 - 000131072 ____A [960F0DF27784DC39FB04F05558945DA0] () C:\ProgramData\PLUG\Logs\RUXIMLog.007.etl
2023-05-20 16:03 - 2023-05-24 06:14 - 000131072 ____A [2F517876F914BB0D51AA4D2CB318BC16] () C:\ProgramData\PLUG\Logs\RUXIMLog.008.etl
2023-05-20 16:03 - 2023-05-24 01:57 - 000131072 ____A [F0E1814C5B306EB44D4CDDB1DFE9D775] () C:\ProgramData\PLUG\Logs\RUXIMLog.009.etl
2023-05-20 16:03 - 2023-05-23 21:56 - 000131072 ____A [6860D07724A218B70F9A48916A8BC863] () C:\ProgramData\PLUG\Logs\RUXIMLog.010.etl
2023-05-20 16:03 - 2023-05-23 17:14 - 000131072 ____A [63D3EBF5171B4330FEEA00C4357EA62E] () C:\ProgramData\PLUG\Logs\RUXIMLog.011.etl
2023-05-20 16:03 - 2023-05-23 16:41 - 000131072 ____A [F8082BA78649E4DCD673ABF606BC3297] () C:\ProgramData\PLUG\Logs\RUXIMLog.012.etl
2023-05-20 16:03 - 2023-05-23 12:41 - 000131072 ____A [BF3B2C9E6789234C8EC507705C7209A3] () C:\ProgramData\PLUG\Logs\RUXIMLog.013.etl
2023-05-20 16:03 - 2023-05-23 12:41 - 000131072 ____A [86DA28B89BD2719B71374D4AFF65AAE7] () C:\ProgramData\PLUG\Logs\RUXIMLog.015.etl
2023-05-20 16:03 - 2023-05-23 08:41 - 000131072 ____A [997C86A02DA13A47EFEF4DAEBCA85FFB] () C:\ProgramData\PLUG\Logs\RUXIMLog.016.etl
2023-05-20 16:03 - 2023-05-23 04:41 - 000131072 ____A [C0BED5D1DB08C7BEEBBD6ED3B5892726] () C:\ProgramData\PLUG\Logs\RUXIMLog.017.etl
2023-05-20 16:03 - 2023-05-23 00:41 - 000131072 ____A [738414D913D578E34E2DC2C37D26DEE3] () C:\ProgramData\PLUG\Logs\RUXIMLog.018.etl
2023-05-20 16:03 - 2023-05-22 20:40 - 000131072 ____A [DCCA2293D3BA1DC48E986F17967F8E71] () C:\ProgramData\PLUG\Logs\RUXIMLog.019.etl
2023-05-20 16:03 - 2023-05-22 16:32 - 000131072 ____A [EE3517F046CAD5CC3836DF06B1F77A13] () C:\ProgramData\PLUG\Logs\RUXIMLog.020.etl
2023-05-20 16:03 - 2023-05-22 12:32 - 000131072 ____A [EB8CA7485A5DC5BAFE3AD9198EC3D6C1] () C:\ProgramData\PLUG\Logs\RUXIMLog.021.etl
2023-05-20 16:03 - 2023-05-22 12:32 - 000131072 ____A [A2DEED997966757D407B0C5153CC3A29] () C:\ProgramData\PLUG\Logs\RUXIMLog.023.etl
2023-05-20 16:03 - 2023-05-22 08:32 - 000131072 ____A [0E323F09F685D8C22846EC9065B91556] () C:\ProgramData\PLUG\Logs\RUXIMLog.024.etl
2023-05-20 16:03 - 2023-05-21 20:01 - 000131072 ____A [FA0AF1D6B418ACA2BD6C95CC357DB51A] () C:\ProgramData\PLUG\Logs\RUXIMLog.025.etl
2023-05-20 16:03 - 2023-05-21 16:39 - 000131072 ____A [B0A716FC121FB9E786E6216EE7E22331] () C:\ProgramData\PLUG\Logs\RUXIMLog.026.etl
2023-05-20 16:03 - 2023-05-21 12:39 - 000131072 ____A [212B937B165988F39A094A96A1A9D2D0] () C:\ProgramData\PLUG\Logs\RUXIMLog.027.etl
2023-05-20 16:03 - 2023-05-21 08:36 - 000131072 ____A [24A2447973B7785E7684894090330535] () C:\ProgramData\PLUG\Logs\RUXIMLog.028.etl
2023-05-20 16:03 - 2023-05-21 08:36 - 000131072 ____A [00EA955E910B6BB611DEF8ACE5FA7E63] () C:\ProgramData\PLUG\Logs\RUXIMLog.030.etl
2023-05-20 16:03 - 2023-05-20 20:03 - 000131072 ____A [FFA3D0BEA03A875E405354E8DF64AE0B] () C:\ProgramData\PLUG\Logs\RUXIMLog.031.etl
2023-05-20 16:03 - 2023-05-20 16:03 - 000131072 ____A [63B73D8513D064CED2D962FDE9846647] () C:\ProgramData\PLUG\Logs\RUXIMLog.032.etl

====== End of Folder: ======

========================= File: C:\Users\Andrew Tan\AppData\Local\Temp\RuntimeService.exe ========================

C:\Users\Andrew Tan\AppData\Local\Temp\RuntimeService.exe
File not signed
MD5: 307DD9DC4A250F0D92B6973844AD9BA0
Creation and modification date: 2023-03-06 14:50 - 2023-05-25 08:32
Size: 000015872
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/gui/file/19a2f9ab341ea2e192ef2282852a846e71479c6d896b8d6db4eccbb82c0ccf2b/detection/f-19a2f9ab341ea2e192ef2282852a846e71479c6d896b8d6db4eccbb82c0ccf2b-1679230104

====== End of File: ======

========================= File: C:\Users\Andrew Tan\AppData\Local\AudioTekService.exe ========================

C:\Users\Andrew Tan\AppData\Local\AudioTekService.exe
File not signed
MD5: 15A3AA40212D9564A3D3C87D8F2F422A
Creation and modification date: 2023-03-04 12:54 - 2023-05-22 08:33
Size: 000004608
Attributes: ----A
Company Name:
Internal Name: standalonerunner.exe
Original Name: standalonerunner.exe
Product:
Description:
File Version: 2.0.0.1
Product Version: 2.0.0.1
Copyright:
VirusTotal: https://www.virustotal.com/gui/file/625d485fb189bd29e1af74b909bd864f0ee1a705e546c2296b1dd1f3ee6600c2/detection/f-625d485fb189bd29e1af74b909bd864f0ee1a705e546c2296b1dd1f3ee6600c2-1681121032

====== End of File: ======

C:\Users\Andrew Tan\AppData\Local\Temp\RuntimeService.exe => moved successfully
C:\Users\Andrew Tan\AppData\Local\AudioTekService.exe => moved successfully
C:\temp => moved successfully
C:\Windows\system32\Tasks\McAfee => moved successfully
"C:\Users\Andrew Tan\AppData\Roaming\VideoPad Framework\vpadtool.exe (No File)" => not found
C:\Users\Andrew Tan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\XUService.exe => moved successfully
C:\Users\Andrew Tan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\vpad-framework.lnk => moved successfully
"HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AudioTekService" => removed successfully
MpKsld74a28cf => service not found.

========= Get-AppxPackage -allusers *5A894077.McAfeeSecurity* | Remove-AppxPackage =========

========= End of Powershell: =========

========= netsh winsock reset catalog =========

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

========= End of CMD: =========

========= netsh int ip reset resetlog.txt =========

Resetting Compartment Forwarding, OK!
Resetting Compartment, OK!
Resetting Control Protocol, OK!
Resetting Echo Sequence Request, OK!
Resetting Global, OK!
Resetting Interface, OK!
Resetting Anycast Address, OK!
Resetting Multicast Address, OK!
Resetting Unicast Address, OK!
Resetting Neighbor, OK!
Resetting Path, OK!
Resetting Potential, OK!
Resetting Prefix Policy, OK!
Resetting Proxy Neighbor, OK!
Resetting Route, OK!
Resetting Site Prefix, OK!
Resetting Subinterface, OK!
Resetting Wakeup Pattern, OK!
Resetting Resolve Neighbor, OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , failed.
Access is denied.

Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Resetting , OK!
Restart the computer to complete this action.

========= End of CMD: =========

========= netsh advfirewall reset =========

Ok.

========= End of CMD: =========

========= netsh advfirewall set allprofiles state ON =========

Ok.

========= End of CMD: =========

========= bitsadmin /reset /allusers =========

BITSADMIN version 3.0
BITS administration utility.
© Copyright Microsoft Corp.

{9ECE2450-0885-4D12-B743-DC30FBD542F3} canceled.
Unable to cancel {F6C59591-9857-48B3-A342-DE609D366D09}.
{73121A76-2276-4CA1-9CCC-54DFD9B88E0C} canceled.
2 out of 3 jobs canceled.

========= End of CMD: =========

========= ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully

========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= sfc /scannow =========

Beginning system scan. This process will take some time.

Beginning verification phase of system scan.

Verification 0% complete.
Verification 1% complete.
Verification 1% complete.
Verification 2% complete.
Verification 3% complete.
Verification 3% complete.
Verification 4% complete.
Verification 4% complete.
Verification 5% complete.
Verification 6% complete.
Verification 6% complete.
Verification 7% complete.
Verification 7% complete.
Verification 8% complete.
Verification 9% complete.
Verification 9% complete.
Verification 10% complete.
Verification 10% complete.
Verification 11% complete.
Verification 12% complete.
Verification 12% complete.
Verification 13% complete.
Verification 13% complete.
Verification 14% complete.
Verification 15% complete.
Verification 15% complete.
Verification 16% complete.
Verification 17% complete.
Verification 17% complete.
Verification 18% complete.
Verification 18% complete.
Verification 19% complete.
Verification 20% complete.
Verification 20% complete.
Verification 21% complete.
Verification 21% complete.
Verification 22% complete.
Verification 23% complete.
Verification 23% complete.
Verification 24% complete.
Verification 24% complete.
Verification 25% complete.
Verification 26% complete.
Verification 26% complete.
Verification 27% complete.
Verification 27% complete.
Verification 28% complete.
Verification 29% complete.
Verification 29% complete.
Verification 30% complete.
Verification 30% complete.
Verification 31% complete.
Verification 32% complete.
Verification 32% complete.
Verification 33% complete.
Verification 34% complete.
Verification 34% complete.
Verification 35% complete.
Verification 35% complete.
Verification 36% complete.
Verification 37% complete.
Verification 37% complete.
Verification 38% complete.
Verification 38% complete.
Verification 39% complete.
Verification 40% complete.
Verification 40% complete.
Verification 41% complete.
Verification 41% complete.
Verification 42% complete.
Verification 43% complete.
Verification 43% complete.
Verification 44% complete.
Verification 44% complete.
Verification 45% complete.
Verification 46% complete.
Verification 46% complete.
Verification 47% complete.
Verification 47% complete.
Verification 48% complete.
Verification 49% complete.
Verification 49% complete.
Verification 50% complete.
Verification 51% complete.
Verification 51% complete.
Verification 52% complete.
Verification 52% complete.
Verification 53% complete.
Verification 54% complete.
Verification 54% complete.
Verification 55% complete.
Verification 55% complete.
Verification 56% complete.
Verification 57% complete.
Verification 57% complete.
Verification 58% complete.
Verification 58% complete.
Verification 59% complete.
Verification 60% complete.
Verification 60% complete.
Verification 61% complete.
Verification 61% complete.
Verification 62% complete.
Verification 63% complete.
Verification 63% complete.
Verification 64% complete.
Verification 64% complete.
Verification 65% complete.
Verification 66% complete.
Verification 66% complete.
Verification 67% complete.
Verification 68% complete.
Verification 68% complete.
Verification 69% complete.
Verification 69% complete.
Verification 70% complete.
Verification 71% complete.
Verification 71% complete.
Verification 72% complete.
Verification 72% complete.
Verification 73% complete.
Verification 74% complete.
Verification 74% complete.
Verification 75% complete.
Verification 75% complete.
Verification 76% complete.
Verification 77% complete.
Verification 77% complete.
Verification 78% complete.
Verification 78% complete.
Verification 79% complete.
Verification 80% complete.
Verification 80% complete.
Verification 81% complete.
Verification 81% complete.
Verification 82% complete.
Verification 83% complete.
Verification 83% complete.
Verification 84% complete.
Verification 85% complete.
Verification 85% complete.
Verification 86% complete.
Verification 86% complete.
Verification 87% complete.
Verification 88% complete.
Verification 88% complete.
Verification 89% complete.
Verification 89% complete.
Verification 90% complete.
Verification 91% complete.
Verification 91% complete.
Verification 92% complete.
Verification 92% complete.
Verification 93% complete.
Verification 94% complete.
Verification 94% complete.
Verification 95% complete.
Verification 95% complete.
Verification 96% complete.
Verification 97% complete.
Verification 97% complete.
Verification 98% complete.
Verification 98% complete.
Verification 99% complete.
Verification 100% complete.

Windows Resource Protection found corrupt files and successfully repaired them.
For online repairs, details are included in the CBS log file located at
windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log. For offline
repairs, details are included in the log file provided by the /OFFLOGFILE flag.

========= End of CMD: =========

========= DISM /Online /Cleanup-Image /RestoreHealth =========

Deployment Image Servicing and Management tool
Version: 10.0.19041.844

Image Version: 10.0.19044.2965

[== 3.8% ]

[== 4.8% ]

[=== 5.7% ]

[=== 6.6% ]

[==== 7.5% ]

[==== 8.5% ]

[===== 9.4% ]

[====== 10.4% ]

[====== 11.3% ]

[======= 12.3% ]

[======= 13.3% ]

[======== 14.3% ]

[======== 15.2% ]

[========= 16.2% ]

[========= 17.1% ]

[========== 17.5% ]

[========== 18.5% ]

[=========== 19.5% ]

[=========== 20.5% ]

[============ 21.4% ]

[============= 22.4% ]

[============= 23.4% ]

[============== 24.4% ]

[============== 25.4% ]

[=============== 25.9% ]

[=============== 26.6% ]

[=============== 27.0% ]

[=============== 27.1% ]

[=============== 27.2% ]

[================ 28.2% ]

[================ 29.2% ]

[================= 30.2% ]

[================== 31.2% ]

[================== 32.2% ]

[=================== 33.1% ]

[=================== 34.1% ]

[==================== 34.9% ]

[==================== 35.9% ]

[===================== 36.6% ]

[===================== 37.6% ]

[====================== 38.4% ]

[====================== 39.4% ]

[======================= 40.2% ]

[======================= 40.4% ]

[======================= 40.8% ]

[======================= 41.4% ]

[======================== 41.8% ]

[======================== 42.3% ]

[======================== 42.6% ]

[======================== 43.0% ]

[======================== 43.1% ]

[========================= 43.5% ]

[========================= 43.9% ]

[========================== 44.9% ]

[========================== 45.8% ]

[===========================46.6% ]

[===========================47.5% ]

[===========================48.5% ]

[===========================49.5% ]

[===========================50.5% ]

[===========================51.5% ]

[===========================52.5% ]

[===========================53.1% ]

[===========================53.2% ]

[===========================53.4% ]

[===========================53.4% ]

[===========================53.5% ]

[===========================53.6% ]

[===========================53.6% ]

[===========================53.7% ]

[===========================53.8% ]

[===========================53.9% ]

[===========================54.0% ]

[===========================54.1% ]

[===========================54.3% ]

[===========================54.4% ]

[===========================54.5% ]

[===========================54.6% ]

[===========================54.6% ]

[===========================54.8% ]

[===========================54.9% ]

[===========================54.9% ]

[===========================55.0% ]

[===========================55.0% ]

[===========================55.1% ]

[===========================55.2% ]

[===========================55.2% ]

[===========================55.2% ]

[===========================55.3% ]

[===========================55.3% ]

[===========================55.4% ]

[===========================55.5% ]

[===========================55.6% ]

[===========================55.9% ]

[===========================56.2% ]

[===========================56.2% ]

[===========================56.2% ]

[===========================56.4% ]

[===========================56.5% ]

[===========================56.5% ]

[===========================56.6% ]

[===========================56.7% ]

[===========================57.5%= ]

[===========================57.9%= ]

[===========================58.3%= ]

[===========================59.3%== ]

[===========================60.2%== ]

[===========================62.3%==== ]

[===========================84.9%================= ]

[==========================100.0%==========================]
The restore operation completed successfully.
The operation completed successfully.

========= End of CMD: =========

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1835008 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 38348781 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 635049380 B
Windows/system/drivers => 28017500 B
Edge => 0 B
Chrome => 497111579 B
Firefox => 1112750464 B
Opera => 30723976 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 31928387 B
systemprofile32 => 31928387 B
LocalService => 32163713 B
NetworkService => 32958611 B
Andrew Tan => 2653839067 B
RedComNetwork => 2653839067 B
DefaultAppPool => 2653839067 B
SSMOnlineRenew => 2653839067 B
OnlineRenew => 2653839067 B
ssmreprint => 2653839067 B

RecycleBin => 28674326015 B
EmptyTemp: => 43.8 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 08:50:55 ====

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 05-25-2023
# Duration: 00:00:10
# OS: Windows 10 (Build 19044.2965)
# Scanned: 32072
# Detected: 21

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.DellCommand|PowerManager Folder C:\Program Files\DELL\COMMANDPOWERMANAGER
Preinstalled.DellCommand|PowerManager Folder C:\ProgramData\DELL\COMMANDPOWERMANAGER
Preinstalled.DellCommand|PowerManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AGENT
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AUDIT
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\PLUGIN
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSISTAGENT
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SAREMEDIATION\PLUGIN
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SUPPORTASSIST
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\SUPPORTASSIST\CLIENT\TECHNICIANTOOLKIT
Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6414D4B3-34A0-409B-8905-652AADBEEFC8}
Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6414D4B3-34A0-409B-8905-652AADBEEFC8}
Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dell SupportAssistAgent AutoUpdate
Preinstalled.DellSupportAssistAgent Task C:\Windows\System32\Tasks\DELL SUPPORTASSISTAGENT AUTOUPDATE
Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATESERVICE
Preinstalled.DellUpdateforWindows10 Folder C:\Program Files\DELL\UPDATE
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATESERVICE
Preinstalled.SmartByte Folder C:\Program Files\RIVET NETWORKS
Preinstalled.SmartByte Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E03ED6A3-F2DC-4D71-8756-01BBBE1B6D34}
Preinstalled.SmartByte Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartByte Telemetry
Preinstalled.SmartByte Task C:\Windows\System32\Tasks\SMARTBYTE TELEMETRY

AdwCleaner[S00].txt - [3565 octets] - [20/01/2022 22:13:19]
AdwCleaner[S01].txt - [3626 octets] - [27/01/2022 18:51:13]
AdwCleaner[S02].txt - [3687 octets] - [31/01/2022 16:39:27]
AdwCleaner[S03].txt - [3748 octets] - [03/02/2022 16:15:45]
AdwCleaner[S04].txt - [3809 octets] - [03/02/2022 21:56:17]
AdwCleaner[S05].txt - [4408 octets] - [09/02/2022 11:40:24]
AdwCleaner[C05].txt - [2361 octets] - [09/02/2022 11:41:05]
AdwCleaner[S06].txt - [3992 octets] - [09/02/2022 11:42:21]
AdwCleaner[S07].txt - [4053 octets] - [09/02/2022 12:49:39]
AdwCleaner[S08].txt - [4114 octets] - [09/02/2022 13:21:09]
AdwCleaner[S09].txt - [4175 octets] - [09/02/2022 14:22:08]
AdwCleaner[S10].txt - [4236 octets] - [09/02/2022 21:13:26]
AdwCleaner[S11].txt - [4297 octets] - [10/02/2022 08:41:12]
AdwCleaner[S12].txt - [4358 octets] - [10/02/2022 19:37:18]
AdwCleaner[S13].txt - [4419 octets] - [11/02/2022 08:04:41]
AdwCleaner[S14].txt - [4480 octets] - [11/02/2022 17:56:30]
AdwCleaner[S15].txt - [4541 octets] - [12/02/2022 08:15:42]
AdwCleaner[S16].txt - [4602 octets] - [14/02/2022 13:30:34]
AdwCleaner[S17].txt - [4663 octets] - [14/02/2022 18:39:26]
AdwCleaner[S18].txt - [4724 octets] - [15/02/2022 07:45:10]
AdwCleaner[S19].txt - [4785 octets] - [22/02/2022 09:27:43]
AdwCleaner[S20].txt - [4846 octets] - [03/03/2022 22:44:13]
AdwCleaner[S21].txt - [4907 octets] - [08/03/2022 21:48:47]
AdwCleaner[S22].txt - [4968 octets] - [17/03/2022 14:40:14]
AdwCleaner[S23].txt - [5029 octets] - [26/03/2022 14:41:13]
AdwCleaner[S24].txt - [5090 octets] - [04/04/2022 11:04:34]
AdwCleaner[S25].txt - [5151 octets] - [09/04/2022 10:43:53]
AdwCleaner[S26].txt - [5212 octets] - [12/04/2022 13:10:57]
AdwCleaner[S27].txt - [5273 octets] - [12/05/2022 11:02:05]
AdwCleaner[S28].txt - [5334 octets] - [25/05/2022 17:58:11]
AdwCleaner[S29].txt - [5395 octets] - [28/05/2022 09:34:53]
AdwCleaner[S30].txt - [5539 octets] - [05/07/2022 10:08:19]
AdwCleaner[S31].txt - [5600 octets] - [07/07/2022 07:49:56]
AdwCleaner[S32].txt - [5661 octets] - [19/07/2022 19:51:40]
AdwCleaner[S33].txt - [5722 octets] - [06/08/2022 20:56:42]
AdwCleaner[S34].txt - [5783 octets] - [10/08/2022 20:37:02]
AdwCleaner[S35].txt - [5844 octets] - [14/12/2022 16:01:45]
AdwCleaner[S36].txt - [5905 octets] - [08/02/2023 16:30:37]
AdwCleaner[S37].txt - [5966 octets] - [06/03/2023 18:27:50]
AdwCleaner[S38].txt - [6025 octets] - [06/03/2023 18:38:33]
AdwCleaner[S39].txt - [6086 octets] - [08/03/2023 13:02:45]
AdwCleaner[S40].txt - [6147 octets] - [22/03/2023 15:08:37]
AdwCleaner[S41].txt - [6208 octets] - [25/03/2023 09:59:53]
AdwCleaner[S42].txt - [6269 octets] - [09/04/2023 08:10:24]
AdwCleaner[S43].txt - [6330 octets] - [23/04/2023 19:08:30]
AdwCleaner[S44].txt - [6391 octets] - [30/04/2023 09:30:34]
AdwCleaner[S45].txt - [6452 octets] - [01/05/2023 17:32:50]
AdwCleaner[S46].txt - [6513 octets] - [18/05/2023 08:58:10]
AdwCleaner[S47].txt - [6574 octets] - [23/05/2023 17:05:42]
AdwCleaner[S48].txt - [6635 octets] - [24/05/2023 13:31:26]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S49].txt ##########

Farbar Recovery Scan Tool (x64) Version: 23-05-2023
Ran by Andrew Tan (25-05-2023 08:55:21)
Running from C:\Users\Andrew Tan\Downloads
Boot Mode: Normal

================== Search Files: "SearchAll: McAfee;XUService;AudioTekService" =============

File:
========
C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~0056D315-50AF-428A-B3E8-DDA3A34004EB~amd64~~21.4.0.156.5.cat
[2021-10-06 09:41][2021-05-19 10:48] 000010343 ____S () A01B076826A59F06BB769FE8B985C34E [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~005FB4F8-E6A6-46DC-BB2A-1DAEAE830389~amd64~~21.4.0.156.5.cat
[2021-10-06 09:41][2021-05-19 10:48] 000010331 ____S () 0CAC76AC58A4AE00D0622AA95E38E89F [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~00668F6E-1CB5-4956-AA4B-683D312BF252~amd64~~22.2.0.140.14.cat
[2022-06-09 12:41][2022-02-09 13:56] 000011407 ____S () EBA4CB04E063724A89C515D42A2A7F39 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~00AEADAD-2234-4E73-AA81-DA5504234951~amd64~~21.4.0.156.5.cat
[2021-06-30 12:15][2021-05-19 10:48] 000010335 ____S () 1314F15EA7D0D64C93CEF42209344F9C [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~01A117DF-A888-4FE2-84D8-A136EF51D287~amd64~~21.4.0.156.5.cat
[2021-10-06 09:41][2021-05-19 10:48] 000010343 ____S () A01B076826A59F06BB769FE8B985C34E [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~024598AE-B2AE-4D92-BD80-FC627741350A~amd64~~20.12.0.172.8.cat
[2021-04-28 20:05][2020-12-11 16:36] 000010347 ____S () 5DC41BF1508DAE45FA95896DEBEF82DF [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~042FFCBB-5032-4EA4-A9BA-81CA0A6F6B66~amd64~~21.4.0.156.5.cat
[2021-09-06 19:49][2021-05-19 10:48] 000010335 ____S () 1314F15EA7D0D64C93CEF42209344F9C [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~044F2445-DBFA-4221-A945-E6D74BFF1296~amd64~~21.4.0.156.5.cat
[2021-06-30 12:15][2021-05-19 10:48] 000010331 ____S () EF712D7967BE39420C57C8F0BB8EEBB2 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~0826D6C4-7ABC-4E01-9F42-3C64EB087564~amd64~~22.2.0.140.14.cat
[2022-04-12 10:53][2022-02-09 13:56] 000011414 ____S () C7E75ECF910BA890BB858CAF138DDD23 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~08AF0A90-A256-44CA-BF23-1905DDEE76AE~amd64~~21.4.0.156.5.cat
[2021-06-30 12:15][2021-05-19 10:48] 000010342 ____S () 483DE13C7A4915F90CC3C8B9310D8ED1 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~08B41BC8-F6F9-4E27-9BED-A0E331BC6F93~amd64~~21.4.0.156.5.cat
[2021-08-18 10:52][2021-05-19 10:48] 000010343 ____S () A01B076826A59F06BB769FE8B985C34E [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~09F9469C-7CE6-4C2F-B8C4-E33CFAED7DCD~amd64~~21.09.0.167.5.cat
[2022-02-14 20:49][2021-09-28 15:02] 000010363 ____S () 2DF4FE1B6D3B08D573605F168ABBB7BC [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~0A6B301F-EEBB-4055-BEB2-4F552F1C0550~amd64~~21.09.0.167.5.cat
[2021-11-04 12:12][2021-09-28 15:02] 000010367 ____S () 86AD421887B9FAD089150F4A4AAC8EE4 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~0AE5108C-791F-4244-B0F7-4733BE672795~amd64~~21.09.0.167.5.cat
[2021-12-07 09:39][2021-09-28 15:02] 000010363 ____S () A2314D3C458577D22E0C9D1190D9956A [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~0B1AB9CE-4E7F-41FC-8704-7DF3A865BF5E~amd64~~21.4.0.156.5.cat
[2021-08-18 10:52][2021-05-19 10:48] 000010331 ____S () 0CAC76AC58A4AE00D0622AA95E38E89F [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~0CEFDAED-4B4B-420F-8B80-4F6B4965E2AF~amd64~~21.4.0.156.5.cat
[2021-08-03 10:12][2021-05-19 10:48] 000010331 ____S () EF712D7967BE39420C57C8F0BB8EEBB2 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~100A30F3-235C-4818-A606-00ACAACC6EDF~amd64~~22.2.0.140.14.cat
[2022-06-09 12:41][2022-02-09 13:56] 000011415 ____S () C7395D1311E7589093235EF450208671 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~100FFB3E-D355-4727-A995-E78309B76F53~amd64~~20.12.0.172.8.cat
[2021-04-28 20:05][2020-12-11 16:36] 000010347 ____S () E6F4E19471541470CD1F5CF81E39BB35 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~117F2484-0533-4C53-B4CA-F064C81C45A2~amd64~~21.4.0.156.5.cat
[2021-10-06 09:41][2021-05-19 10:48] 000010339 ____S () 74684AA896EA7751E7FA6D950D08D9CD [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~12D79BD5-8C63-41D5-9E85-7BB36793BDFE~amd64~~21.09.0.167.5.cat
[2022-02-14 20:49][2021-09-28 15:02] 000010363 ____S () 47EC0D787DD494A32C00912059B87DE8 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~1352F32F-5CAE-4CD3-B0C6-52143B619BF2~amd64~~21.4.0.156.5.cat
[2021-08-03 10:12][2021-05-19 10:48] 000010339 ____S () 74684AA896EA7751E7FA6D950D08D9CD [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~13816741-6F5B-4AB6-B028-AFDA326B05F0~amd64~~21.09.0.167.5.cat
[2022-02-14 20:49][2021-09-28 15:02] 000010363 ____S () A2314D3C458577D22E0C9D1190D9956A [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~13F0CC87-CDB0-448F-9CE3-D46506C58828~amd64~~21.2.0.161.8.cat
[2021-05-20 12:42][2021-03-02 14:06] 000010356 ____S () 84ED36C276BE37034EF679337D84705B [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~1475EE9B-DEAD-4FAE-9F4D-CD18228130DD~amd64~~21.09.0.167.5.cat
[2022-02-14 20:49][2021-09-28 15:02] 000010363 ____S () A2314D3C458577D22E0C9D1190D9956A [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~19EC6D4A-2727-45C6-9AA4-CF325289CAD9~amd64~~22.2.0.140.14.cat
[2022-06-09 12:41][2022-02-09 13:56] 000011411 ____S () 2BA7BD6C855928B2FDC63732FFA4417E [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~1A54A6F5-E94C-4B9C-B4E3-D0DF07B3AA4D~amd64~~21.4.0.156.5.cat
[2021-06-30 12:15][2021-05-19 10:48] 000010343 ____S () A01B076826A59F06BB769FE8B985C34E [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~1AE9F13E-77D3-4D75-857B-ECA1C57AA604~amd64~~21.4.0.156.5.cat
[2021-10-06 09:41][2021-05-19 10:48] 000010335 ____S () 1314F15EA7D0D64C93CEF42209344F9C [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~1C29F421-81B1-4DA5-94F1-B76CE0B9CFE8~amd64~~21.4.0.156.5.cat
[2021-08-03 10:12][2021-05-19 10:48] 000010331 ____S () 0CAC76AC58A4AE00D0622AA95E38E89F [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~1F2F9CDF-4EA1-4D04-9499-C65C602EF224~amd64~~21.09.0.167.5.cat
[2021-12-07 09:39][2021-09-28 15:02] 000010367 ____S () B61D2DB4B83BF914EB1F30D1B0B21C81 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~1F79C95E-6406-43C4-B326-C2EB98C65F19~amd64~~21.4.0.156.5.cat
[2021-09-06 19:49][2021-05-19 10:48] 000010331 ____S () 0CAC76AC58A4AE00D0622AA95E38E89F [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~1F905D9B-C003-473A-9746-5F3F8E25BEE2~amd64~~21.09.0.167.5.cat
[2021-12-07 09:39][2021-09-28 15:02] 000010363 ____S () A2314D3C458577D22E0C9D1190D9956A [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~2073A8C9-2294-440A-A359-15B1A1CE2F08~amd64~~22.2.0.140.14.cat
[2022-06-09 12:41][2022-02-09 13:56] 000011415 ____S () EF95386138090933B604562469B59780 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~20CEA324-3FCE-4D3B-B6D5-0255DE5619E4~amd64~~21.4.0.156.5.cat
[2021-08-03 10:12][2021-05-19 10:48] 000010335 ____S () 2762A1B9903937D906E8737EECED9787 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~21B9010B-7BF3-4585-BBDE-B171E5FC05DB~amd64~~22.4.0.222.6.cat
[2022-07-14 17:42][2022-06-09 12:38] 000011376 ____S () DDF6EB44B42E8279DB002FDBECA7C0CB [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~24D59EC7-56F2-441C-8A55-0523B07D3F53~amd64~~21.09.0.167.5.cat
[2021-11-04 12:12][2021-09-28 15:02] 000010363 ____S () A2314D3C458577D22E0C9D1190D9956A [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~2625F47C-5B33-446D-BC1B-80C8606616CC~amd64~~22.4.0.222.6.cat
[2022-07-14 17:42][2022-06-09 12:38] 000011384 ____S () 1EBA99A39C26721E4AE2DEB799C92AA3 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~2690831E-2799-4AE5-B298-8B68D426378E~amd64~~21.4.0.156.5.cat
[2021-08-03 10:12][2021-05-19 10:48] 000010331 ____S () 0CAC76AC58A4AE00D0622AA95E38E89F [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~27916515-556F-4D78-90E7-1B3AB89A54C1~amd64~~21.4.0.156.5.cat
[2021-09-06 19:49][2021-05-19 10:48] 000010331 ____S () 0CAC76AC58A4AE00D0622AA95E38E89F [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~2990CCD6-71DD-4D42-BDF5-3ED53F77D9AA~amd64~~21.4.0.156.5.cat
[2021-08-03 10:12][2021-05-19 10:48] 000010331 ____S () 0CAC76AC58A4AE00D0622AA95E38E89F [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~2A5EA337-8048-431E-962F-F4148BAD2977~amd64~~21.2.0.161.8.cat
[2021-05-20 12:42][2021-03-02 14:06] 000010354 ____S () F1B1B0F3CD919791EA331C889FA8FADB [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~2A895C93-F60F-47DA-85F4-0132FD661321~amd64~~21.09.0.167.5.cat
[2022-01-06 14:10][2021-09-28 15:02] 000010363 ____S () A2314D3C458577D22E0C9D1190D9956A [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~2A90D52F-B1CE-450F-B38E-C509B0D3517F~amd64~~21.09.0.167.5.cat
[2022-01-06 14:10][2021-09-28 15:02] 000010363 ____S () 2DF4FE1B6D3B08D573605F168ABBB7BC [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~2AD1358C-12DD-4AAE-93A9-C580ABA525E0~amd64~~21.4.0.156.5.cat
[2021-10-06 09:41][2021-05-19 10:48] 000010335 ____S () 2762A1B9903937D906E8737EECED9787 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~2C027D1A-89B6-48A0-A433-91F15E869639~amd64~~21.4.0.156.5.cat
[2021-09-06 19:49][2021-05-19 10:48] 000010339 ____S () 74684AA896EA7751E7FA6D950D08D9CD [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~2C163E68-1387-425B-8243-9F6D155F8E84~amd64~~22.4.0.222.6.cat
[2022-07-14 17:42][2022-06-09 12:38] 000011373 ____S () 06DBFBB93621BA2CBC58D3E486BA98E4 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~2DF74E45-5A6B-47AA-9D5F-42C7D194B278~amd64~~21.09.0.167.5.cat
[2021-10-20 15:01][2021-09-28 12:02] 000010358 ____S () 691457B3F210057214172AB6B00CB512 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~30468E7C-A6A4-4CA3-A323-988C80CE5BDB~amd64~~21.2.0.161.8.cat
[2021-05-20 12:42][2021-03-02 14:06] 000010353 ____S () 6CA7EE40E4368F73E72361C172678AE6 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~30AC2207-3501-4368-99DA-F88989A8A294~amd64~~21.2.0.161.8.cat
[2021-05-20 12:38][2021-03-02 14:06] 000010353 ____S () FCACAB5B218299EEFD36E213B084A066 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~31535472-C951-4622-827C-495803D05D1E~amd64~~22.2.0.140.14.cat
[2022-04-12 10:53][2022-02-09 13:56] 000011411 ____S () D3E961B0856DB8CC289317F10F8DD829 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~337D2C9D-70A2-4394-A567-9B2003B7FAD2~amd64~~21.09.0.167.5.cat
[2022-01-06 14:10][2021-09-28 15:02] 000010367 ____S () B61D2DB4B83BF914EB1F30D1B0B21C81 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~33F83E0D-8F3A-47A9-ADB7-BE605C7F01F5~amd64~~21.4.0.156.5.cat
[2021-10-06 09:41][2021-05-19 10:48] 000010342 ____S () 483DE13C7A4915F90CC3C8B9310D8ED1 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~38E7B64A-B37E-4279-AF75-C73C69FE839F~amd64~~21.4.0.156.5.cat
[2021-09-06 19:49][2021-05-19 10:48] 000010331 ____S () 0CAC76AC58A4AE00D0622AA95E38E89F [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~3901EDDB-108B-4306-B0DE-C3802FDDD8A4~amd64~~21.09.0.167.5.cat
[2021-10-20 15:01][2021-09-28 12:02] 000010356 ____S () 0BC622475C2EC007287C8FBECB610843 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~39F8CA98-C9A7-471D-B282-1B0141DB3433~amd64~~22.2.0.140.14.cat
[2022-06-09 12:41][2022-02-09 13:56] 000011407 ____S () 9B9949F0B6E69BB5D626E8FE7807A0B3 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~3B4208A2-7D7E-4CE3-8F78-CA67F2D924E6~amd64~~21.09.0.167.5.cat
[2021-12-07 09:39][2021-09-28 15:02] 000010363 ____S () 2DF4FE1B6D3B08D573605F168ABBB7BC [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~3B4D9915-3509-4207-B757-52ABF57661CF~amd64~~20.12.0.172.8.cat
[2021-04-28 20:05][2020-12-11 16:36] 000010343 ____S () 8E3052F3B28A3D0EF037A95D5DB188F3 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~3BD0BE5F-A2F2-44D5-A1B0-B3CAD4D95B84~amd64~~21.09.0.167.5.cat
[2021-10-20 15:01][2021-09-28 12:02] 000010367 ____S () B61D2DB4B83BF914EB1F30D1B0B21C81 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~3BD39347-5396-40F8-899A-A8CCE75910A5~amd64~~21.4.0.156.5.cat
[2021-06-30 12:15][2021-05-19 10:48] 000010342 ____S () 483DE13C7A4915F90CC3C8B9310D8ED1 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~3C74A8EF-9A33-439D-8DFE-D70FCAF34DD3~amd64~~21.09.0.167.5.cat
[2021-11-04 12:12][2021-09-28 15:02] 000010356 ____S () 0BC622475C2EC007287C8FBECB610843 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~3CE6434F-524C-4054-B1E9-97D6EB2F8266~amd64~~21.4.0.156.5.cat
[2021-09-06 19:49][2021-05-19 10:48] 000010335 ____S () 1314F15EA7D0D64C93CEF42209344F9C [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~3DC07661-61CC-4C08-B94C-0978A6FFC69E~amd64~~21.09.0.167.5.cat
[2021-10-20 15:01][2021-09-28 12:02] 000010363 ____S () 47EC0D787DD494A32C00912059B87DE8 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~3E5EE9EB-E3E0-4DE5-8C9F-CE81DBF535E8~amd64~~21.09.0.167.5.cat
[2022-02-14 20:49][2021-09-28 15:02] 000010356 ____S () 0BC622475C2EC007287C8FBECB610843 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~3F76D303-482B-4FC0-A786-4AD108A99BA6~amd64~~22.2.0.140.14.cat
[2022-06-09 12:41][2022-02-09 13:56] 000011411 ____S () B3F3D9A91D5D60C2765AEAE2A51BFDB9 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~3FEEC144-A697-47A5-8446-8934FA8836C2~amd64~~21.09.0.167.5.cat
[2021-12-07 09:39][2021-09-28 15:02] 000010356 ____S () 0BC622475C2EC007287C8FBECB610843 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~404ECD97-005D-4149-BB59-64DF69C4BA05~amd64~~22.2.0.140.14.cat
[2022-04-12 10:53][2022-02-09 13:56] 000011414 ____S () C7E75ECF910BA890BB858CAF138DDD23 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~413D6E96-4861-47D4-8FFB-EA852DD2C0E7~amd64~~21.4.0.156.5.cat
[2021-09-06 19:49][2021-05-19 10:48] 000010342 ____S () 483DE13C7A4915F90CC3C8B9310D8ED1 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~41F8FBC0-4CC2-4773-A541-4F5525DF6B70~amd64~~21.4.0.156.5.cat
[2021-06-30 12:15][2021-05-19 10:48] 000010339 ____S () 74684AA896EA7751E7FA6D950D08D9CD [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~43C7223A-305E-4042-8F59-BA9A7CEA3047~amd64~~22.4.0.222.6.cat
[2022-07-14 17:42][2022-06-09 12:38] 000011379 ____S () 76855340A32A45D10BF6A6A4CF15DCE4 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~441304E7-BDC4-455C-9D6A-84F9D3C0424A~amd64~~21.09.0.167.5.cat
[2022-01-06 14:10][2021-09-28 15:02] 000010363 ____S () CB2833EDDFB220195BB4AE42DA033D24 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~4426E7DA-23C7-4449-95C7-09ADB9C8971A~amd64~~22.2.0.140.14.cat
[2022-04-12 10:53][2022-02-09 13:56] 000011407 ____S () EBA4CB04E063724A89C515D42A2A7F39 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~44B1B05D-E057-4831-8ABF-C8B7FEB9FCD6~amd64~~21.09.0.167.5.cat
[2021-10-20 15:01][2021-09-28 12:02] 000010356 ____S () 0BC622475C2EC007287C8FBECB610843 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~46080441-665C-4985-B9E1-B7904B9CAAB3~amd64~~21.4.0.156.5.cat
[2021-06-30 12:15][2021-05-19 10:48] 000010335 ____S () 2762A1B9903937D906E8737EECED9787 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~467CFB95-604D-4310-B5BA-3E749F0AC3BF~amd64~~21.4.0.156.5.cat
[2021-10-06 09:41][2021-05-19 10:48] 000010331 ____S () 0CAC76AC58A4AE00D0622AA95E38E89F [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~471564DB-CF08-4253-AF74-70E246A54789~amd64~~21.09.0.167.5.cat
[2022-01-06 14:10][2021-09-28 15:02] 000010356 ____S () 0BC622475C2EC007287C8FBECB610843 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~476D8828-B70A-48B7-826E-A76AAA8BD428~amd64~~22.4.0.222.6.cat
[2022-07-14 17:42][2022-06-09 12:38] 000011376 ____S () DDF6EB44B42E8279DB002FDBECA7C0CB [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~4790B43A-2A1F-4959-A034-436F86EA0D06~amd64~~20.12.0.172.8.cat
[2021-04-28 20:05][2020-12-11 16:36] 000010343 ____S () E75FAE5190A74354CB5CA15CC0AFACBC [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~47D2024E-B2D8-4B42-8553-2FC945F7544B~amd64~~21.09.0.167.5.cat
[2021-12-07 09:39][2021-09-28 15:02] 000010363 ____S () 47EC0D787DD494A32C00912059B87DE8 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~49D044A7-3D39-4E1B-BC8D-654D64C78032~amd64~~21.09.0.167.5.cat
[2022-01-06 14:10][2021-09-28 15:02] 000010363 ____S () A2314D3C458577D22E0C9D1190D9956A [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~4A753AAC-33FC-4131-88F0-C2AAEDB712D1~amd64~~21.4.0.156.5.cat
[2021-08-03 10:12][2021-05-19 10:48] 000010335 ____S () 2762A1B9903937D906E8737EECED9787 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~4B0A8213-CE6C-4128-A1DF-9DCC8A8DB53C~amd64~~21.4.0.156.5.cat
[2021-06-30 12:15][2021-05-19 10:48] 000010339 ____S () 74684AA896EA7751E7FA6D950D08D9CD [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~4B5A8B2A-1532-467A-BA54-B4B02B51DF8C~amd64~~22.2.0.140.14.cat
[2022-04-12 10:53][2022-02-09 13:56] 000011407 ____S () EBA4CB04E063724A89C515D42A2A7F39 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~4C277656-422C-48E9-B9B4-77701538A403~amd64~~21.09.0.167.5.cat
[2021-11-04 12:12][2021-09-28 15:02] 000010363 ____S () A2314D3C458577D22E0C9D1190D9956A [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~4D416BF0-B362-4702-BE0E-4E0F653413A9~amd64~~22.2.0.140.14.cat
[2022-04-12 10:53][2022-02-09 13:56] 000011411 ____S () D3E961B0856DB8CC289317F10F8DD829 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~4F957296-5C05-45FC-8CBE-F8C94F0A1333~amd64~~21.09.0.167.5.cat
[2022-01-06 14:10][2021-09-28 15:02] 000010363 ____S () CB2833EDDFB220195BB4AE42DA033D24 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~50A38239-A06A-453D-948E-E66D1CB36049~amd64~~21.09.0.167.5.cat
[2021-12-07 09:39][2021-09-28 15:02] 000010363 ____S () A2314D3C458577D22E0C9D1190D9956A [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~528AD05B-1582-46A1-B399-608D03163C0A~amd64~~21.4.0.156.5.cat
[2021-08-18 10:52][2021-05-19 10:48] 000010335 ____S () 2762A1B9903937D906E8737EECED9787 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~5353FA9E-8AA5-4BD8-857C-679A1E9364FB~amd64~~21.09.0.167.5.cat
[2021-11-04 12:12][2021-09-28 15:02] 000010367 ____S () B61D2DB4B83BF914EB1F30D1B0B21C81 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~53D30C6D-3200-470D-A964-EAC564085D23~amd64~~22.2.0.140.14.cat
[2022-04-12 10:53][2022-02-09 13:56] 000011415 ____S () C7395D1311E7589093235EF450208671 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~54812165-C07F-46B8-B5B2-18E8C47E6B4C~amd64~~21.4.0.156.5.cat
[2021-06-30 12:15][2021-05-19 10:48] 000010331 ____S () EF712D7967BE39420C57C8F0BB8EEBB2 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~54E230EC-C00A-4A19-8413-49EBA2C38A23~amd64~~21.4.0.156.5.cat
[2021-08-03 10:12][2021-05-19 10:48] 000010327 ____S () 8C3406F6EF6A013E67DBCA2FF8873299 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~557F5387-8EE8-4507-9FD1-E92B5AE75D77~amd64~~22.2.0.140.14.cat
[2022-06-09 12:41][2022-02-09 13:56] 000011407 ____S () EBA4CB04E063724A89C515D42A2A7F39 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~5643FB78-D9DA-4F3A-B517-DF1EC0C157A5~amd64~~21.4.0.156.5.cat
[2021-06-30 12:15][2021-05-19 10:48] 000010331 ____S () 0CAC76AC58A4AE00D0622AA95E38E89F [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~566A4BA0-5F61-4DD3-88B7-D39C31EA3F31~amd64~~21.2.0.161.8.cat
[2021-05-20 12:42][2021-03-02 14:06] 000010349 ____S () B7B5E5829A0646EDD291CC2B66632C6C [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~56CBEED9-383D-4A21-9687-40E740822F29~amd64~~21.4.0.156.5.cat
[2021-08-03 10:12][2021-05-19 10:48] 000010335 ____S () 1314F15EA7D0D64C93CEF42209344F9C [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~57FDEFD7-E3A2-4815-8BFE-5D1DD98B6676~amd64~~21.2.0.161.8.cat
[2021-05-20 12:42][2021-03-02 14:06] 000010353 ____S () FCACAB5B218299EEFD36E213B084A066 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~5A66A096-A8D6-41AA-AF0F-6DB3F7462F86~amd64~~21.4.0.156.5.cat
[2021-08-18 10:52][2021-05-19 10:48] 000010331 ____S () 0CAC76AC58A4AE00D0622AA95E38E89F [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~5A8BA2AC-4FC3-4A42-BC09-E71D85F90115~amd64~~21.09.0.167.5.cat
[2022-02-14 20:49][2021-09-28 15:02] 000010358 ____S () 691457B3F210057214172AB6B00CB512 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~5C15804A-67BC-4A02-B248-1E1EAEDAB059~amd64~~22.2.0.140.14.cat
[2022-06-09 12:41][2022-02-09 13:56] 000011414 ____S () C7E75ECF910BA890BB858CAF138DDD23 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~5C60CD52-CD67-4785-BDD2-7B607D7A4749~amd64~~22.2.0.140.14.cat
[2022-03-10 12:10][2022-02-09 13:56] 000011411 ____S () B3F3D9A91D5D60C2765AEAE2A51BFDB9 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~5CE9D213-1642-4C5E-88AF-CC34B02D4974~amd64~~21.09.0.167.5.cat
[2021-10-20 15:01][2021-09-28 12:02] 000010358 ____S () 691457B3F210057214172AB6B00CB512 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~5F674FD1-3E04-44A6-AE16-A13FAF831462~amd64~~22.4.0.222.6.cat
[2022-07-14 17:42][2022-06-09 12:38] 000011380 ____S () 34C4BBCE569713845ACC9BEA0C1BF9EA [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~6043A819-56A7-4785-8021-7C064542F015~amd64~~22.2.0.140.14.cat
[2022-04-12 10:53][2022-02-09 13:56] 000011411 ____S () D3E961B0856DB8CC289317F10F8DD829 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~6244F3D5-2847-422A-892D-3C6154B4779B~amd64~~21.4.0.156.5.cat
[2021-09-06 19:49][2021-05-19 10:48] 000010331 ____S () EF712D7967BE39420C57C8F0BB8EEBB2 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~62573693-616B-4F8B-B370-F718F8679B8F~amd64~~22.2.0.140.14.cat
[2022-03-10 12:11][2022-02-09 13:56] 000011415 ____S () EF95386138090933B604562469B59780 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~628CA272-B6FE-4F42-8CE0-B3A2AA2EC955~amd64~~21.09.0.167.5.cat
[2021-11-04 12:12][2021-09-28 15:02] 000010356 ____S () 0BC622475C2EC007287C8FBECB610843 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~62AB7415-FC3B-4FB7-891A-F8F45AF3742E~amd64~~21.2.0.161.8.cat
[2021-05-20 12:42][2021-03-02 14:06] 000010349 ____S () B7B5E5829A0646EDD291CC2B66632C6C [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~641151BC-A81D-485A-B197-4323A7536E96~amd64~~22.4.0.222.6.cat
[2022-07-14 17:42][2022-06-09 12:38] 000011380 ____S () 8C79FCA1710E194F28013335AD903976 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~64891E7E-65E3-4CDB-A61A-66E3CFB3565D~amd64~~21.09.0.167.5.cat
[2021-11-04 12:12][2021-09-28 15:02] 000010367 ____S () 86AD421887B9FAD089150F4A4AAC8EE4 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~66E538E7-D20F-4E89-9D14-CBE9D3E64024~amd64~~21.09.0.167.5.cat
[2021-12-07 09:39][2021-09-28 15:02] 000010358 ____S () 691457B3F210057214172AB6B00CB512 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~67A1FAB6-FC7E-4112-8686-6B22C50703A6~amd64~~21.4.0.156.5.cat
[2021-09-06 19:49][2021-05-19 10:48] 000010343 ____S () A01B076826A59F06BB769FE8B985C34E [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~6852F1CC-F7E0-4724-AF7F-4377EE43B976~amd64~~22.2.0.140.14.cat
[2022-03-10 12:11][2022-02-09 13:56] 000011414 ____S () C7E75ECF910BA890BB858CAF138DDD23 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~6B287DED-288F-4450-822E-DA6BD318BAA6~amd64~~20.12.0.172.8.cat
[2021-04-28 20:05][2020-12-11 16:36] 000010343 ____S () 8E3052F3B28A3D0EF037A95D5DB188F3 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~6CB85ADB-91AA-4859-88B8-73F3E0DC054B~amd64~~21.09.0.167.5.cat
[2022-01-06 14:10][2021-09-28 15:02] 000010356 ____S () 0BC622475C2EC007287C8FBECB610843 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~6E00A732-193B-4200-BF25-7B7359691B8E~amd64~~21.09.0.167.5.cat
[2021-12-07 09:39][2021-09-28 15:02] 000010363 ____S () CB2833EDDFB220195BB4AE42DA033D24 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~6E42569D-CB7B-45A6-A592-5C49E73D3CC4~amd64~~21.09.0.167.5.cat
[2022-02-14 20:49][2021-09-28 15:02] 000010363 ____S () A2314D3C458577D22E0C9D1190D9956A [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~6E8CB9C0-F5D3-4878-8DC6-BB4AFA380CF7~amd64~~21.4.0.156.5.cat
[2021-08-03 10:12][2021-05-19 10:48] 000010331 ____S () EF712D7967BE39420C57C8F0BB8EEBB2 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~729EA51F-59BC-406D-8030-45C810EC1AB7~amd64~~20.12.0.172.8.cat
[2021-04-28 20:05][2020-12-11 16:36] 000010339 ____S () 48682A6BE028FD47D9392D8C2A218D8B [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~72A435BF-071D-43E3-9D0F-DDE2B3EFAFE7~amd64~~21.09.0.167.5.cat
[2021-11-04 12:12][2021-09-28 15:02] 000010363 ____S () 2DF4FE1B6D3B08D573605F168ABBB7BC [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~72CB828F-F1CC-48EE-AC4B-E409B8B71037~amd64~~21.2.0.161.8.cat
[2021-05-20 12:38][2021-03-02 14:06] 000010356 ____S () 84ED36C276BE37034EF679337D84705B [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~72E53E40-ACBE-4DE2-A5C0-7F812B50A696~amd64~~22.2.0.140.14.cat
[2022-06-09 12:41][2022-02-09 13:56] 000011411 ____S () B3F3D9A91D5D60C2765AEAE2A51BFDB9 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~72F4FA1C-103C-4518-95B6-994C03F79E0C~amd64~~21.2.0.161.8.cat
[2021-05-20 12:38][2021-03-02 14:06] 000010354 ____S () F1B1B0F3CD919791EA331C889FA8FADB [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~730704E1-41B2-46EF-B31E-B9AA7D5EA5CF~amd64~~21.09.0.167.5.cat
[2021-10-20 15:01][2021-09-28 12:02] 000010367 ____S () B61D2DB4B83BF914EB1F30D1B0B21C81 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~730F8B3A-08B3-4836-81A9-A725D4F2C3A0~amd64~~21.09.0.167.5.cat
[2022-01-06 14:10][2021-09-28 15:02] 000010363 ____S () A2314D3C458577D22E0C9D1190D9956A [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~74FCCDEC-E029-45AC-AD0E-EF46912132E2~amd64~~21.2.0.161.8.cat
[2021-05-20 12:38][2021-03-02 14:06] 000010352 ____S () 3A9D91B192A9B46F21559A7DC70FDACC [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~7569EEA0-917F-49A0-8A06-3FBD75071032~amd64~~22.4.0.222.6.cat
[2022-07-14 17:42][2022-06-09 12:38] 000011380 ____S () B4AD87179A182A4B3282FCF5405B1F87 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~790814F1-673A-418B-BFBD-13966C4CC599~amd64~~21.4.0.156.5.cat
[2021-08-18 10:52][2021-05-19 10:48] 000010343 ____S () A01B076826A59F06BB769FE8B985C34E [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~79587444-F13A-46F5-970B-B096FF282CA1~amd64~~21.09.0.167.5.cat
[2021-11-04 12:12][2021-09-28 15:02] 000010367 ____S () B61D2DB4B83BF914EB1F30D1B0B21C81 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~7A7385DC-4B6E-4B89-A6CF-9A59BAC38D35~amd64~~22.2.0.140.14.cat
[2022-03-10 12:11][2022-02-09 13:56] 000011414 ____S () C7E75ECF910BA890BB858CAF138DDD23 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~7A887266-0B0B-496A-AFDC-7A4587A964FE~amd64~~21.2.0.161.8.cat
[2021-05-20 12:42][2021-03-02 14:06] 000010359 ____S () 6BB8FCEC37FE0B0FE40BDE3E7A72BAA2 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~7AB11FD7-F936-43F3-B781-E03B9A4B55EE~amd64~~22.4.0.222.6.cat
[2022-07-14 17:42][2022-06-09 12:38] 000011384 ____S () F8A01431A0FADF565E4108F5AD2B7E9E [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~7B6A5A9C-4944-4288-925C-64353579E9F4~amd64~~21.4.0.156.5.cat
[2021-10-06 09:41][2021-05-19 10:48] 000010331 ____S () 0CAC76AC58A4AE00D0622AA95E38E89F [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~7BF264C5-24F9-4742-8536-39C2168BEA85~amd64~~21.09.0.167.5.cat
[2021-12-07 09:39][2021-09-28 15:02] 000010358 ____S () 691457B3F210057214172AB6B00CB512 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~7C4A7ECC-0B8B-44C4-9886-08E597E4B406~amd64~~22.2.0.140.14.cat
[2022-03-10 12:11][2022-02-09 13:56] 000011411 ____S () D3E961B0856DB8CC289317F10F8DD829 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~7CD33199-90D0-4207-975A-595BEBB2E6E7~amd64~~21.4.0.156.5.cat
[2021-09-06 19:49][2021-05-19 10:48] 000010335 ____S () 2762A1B9903937D906E8737EECED9787 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~7CFEC683-325D-4E19-BB61-9377235B55A7~amd64~~21.09.0.167.5.cat
[2021-12-07 09:39][2021-09-28 15:02] 000010363 ____S () CB2833EDDFB220195BB4AE42DA033D24 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~7DEF087E-26E5-400E-A58B-43404278242E~amd64~~21.4.0.156.5.cat
[2021-08-18 10:52][2021-05-19 10:48] 000010331 ____S () EF712D7967BE39420C57C8F0BB8EEBB2 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~7E0A730C-EBD0-483F-B39E-D343C8BB251D~amd64~~21.09.0.167.5.cat
[2021-11-04 12:12][2021-09-28 15:02] 000010363 ____S () CB2833EDDFB220195BB4AE42DA033D24 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~7EC4C5E2-B3E5-4153-B759-0ECBAAD70B85~amd64~~21.09.0.167.5.cat
[2022-01-06 14:10][2021-09-28 15:02] 000010367 ____S () B61D2DB4B83BF914EB1F30D1B0B21C81 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~7F197EB3-653A-4423-AE0B-2DEAA3E79633~amd64~~21.4.0.156.5.cat
[2021-08-03 10:12][2021-05-19 10:48] 000010339 ____S () 74684AA896EA7751E7FA6D950D08D9CD [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~7F20BA50-F4F8-43E7-BF5E-F58E17483617~amd64~~21.4.0.156.5.cat
[2021-08-18 10:52][2021-05-19 10:48] 000010327 ____S () 8C3406F6EF6A013E67DBCA2FF8873299 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~7F7AE396-F6D8-47A2-A015-9B155478AC33~amd64~~21.09.0.167.5.cat
[2021-11-04 12:12][2021-09-28 15:02] 000010363 ____S () CB2833EDDFB220195BB4AE42DA033D24 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~804FC461-27F1-4C21-8BA0-D111ECD70D6C~amd64~~21.09.0.167.5.cat
[2021-11-04 12:12][2021-09-28 15:02] 000010358 ____S () 691457B3F210057214172AB6B00CB512 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~8110C596-E171-4CFC-ACCA-C0C553BC84E6~amd64~~22.2.0.140.14.cat
[2022-06-09 12:41][2022-02-09 13:56] 000011411 ____S () 2BA7BD6C855928B2FDC63732FFA4417E [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~8165D30C-FB60-457B-BA62-660C808D56FB~amd64~~22.4.0.222.6.cat
[2022-07-14 17:42][2022-06-09 12:38] 000011373 ____S () 06DBFBB93621BA2CBC58D3E486BA98E4 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~83E656BF-DD4D-4123-AE78-37BB8F1C95E7~amd64~~21.09.0.167.5.cat
[2021-11-04 12:12][2021-09-28 15:02] 000010363 ____S () A2314D3C458577D22E0C9D1190D9956A [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~8402BCAE-520F-4049-9DD3-85277AE07FF3~amd64~~22.2.0.140.14.cat
[2022-06-09 12:41][2022-02-09 13:56] 000011415 ____S () C7395D1311E7589093235EF450208671 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~84FF3BDB-B2C7-4E41-A89B-2F5795E0024C~amd64~~21.09.0.167.5.cat
[2021-10-20 15:01][2021-09-28 12:02] 000010363 ____S () CB2833EDDFB220195BB4AE42DA033D24 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~864A4573-E4F2-4E6B-8D76-E71513E4CE04~amd64~~21.4.0.156.5.cat
[2021-06-30 12:15][2021-05-19 10:48] 000010335 ____S () 1314F15EA7D0D64C93CEF42209344F9C [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~869846A8-AD33-45BC-85EF-ECBD3FBD1F17~amd64~~21.09.0.167.5.cat
[2021-10-20 15:01][2021-09-28 12:02] 000010363 ____S () 47EC0D787DD494A32C00912059B87DE8 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~89D5B54E-E7F9-45F6-9C02-A5295C767886~amd64~~22.4.0.222.6.cat
[2022-07-14 17:42][2022-06-09 12:38] 000011380 ____S () B4AD87179A182A4B3282FCF5405B1F87 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~8A5C72AE-CE9D-45FB-86C8-27ED73BE8911~amd64~~20.12.0.172.8.cat
[2021-04-28 20:05][2020-12-11 16:36] 000010347 ____S () E6F4E19471541470CD1F5CF81E39BB35 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~8B14CDD6-51A1-42FC-8D19-6F1609E630DD~amd64~~21.09.0.167.5.cat
[2022-01-06 14:10][2021-09-28 15:02] 000010363 ____S () 2DF4FE1B6D3B08D573605F168ABBB7BC [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~8B4DD6DF-B9D7-4A39-A8A6-31D9C88BC5B0~amd64~~21.09.0.167.5.cat
[2021-10-20 15:01][2021-09-28 12:02] 000010363 ____S () A2314D3C458577D22E0C9D1190D9956A [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~8BC6D6B6-BD48-4308-A213-BFD63D253A99~amd64~~21.09.0.167.5.cat
[2021-11-04 12:12][2021-09-28 15:02] 000010363 ____S () A2314D3C458577D22E0C9D1190D9956A [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~8BCA573A-2F89-4A94-8E7C-A6BB606E3856~amd64~~22.2.0.140.14.cat
[2022-04-12 10:53][2022-02-09 13:56] 000011411 ____S () B3F3D9A91D5D60C2765AEAE2A51BFDB9 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~8C067135-D823-4A44-BF8A-5700B8F16420~amd64~~21.09.0.167.5.cat
[2021-10-20 15:01][2021-09-28 12:02] 000010363 ____S () A2314D3C458577D22E0C9D1190D9956A [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~8DC97600-40AD-4D1C-860B-479742BD63BE~amd64~~21.4.0.156.5.cat
[2021-06-30 12:15][2021-05-19 10:48] 000010327 ____S () 8C3406F6EF6A013E67DBCA2FF8873299 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~8E0A6CE1-34EE-4CAE-BE4E-DEA708186D53~amd64~~20.12.0.172.8.cat
[2021-04-28 20:05][2020-12-11 16:36] 000010343 ____S () A86BD4A299FDF98FD2A11DEFD94CBEA8 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~8E9EFA71-456B-43FC-A4DD-E0B684786080~amd64~~21.4.0.156.5.cat
[2021-10-06 09:41][2021-05-19 10:48] 000010335 ____S () 1314F15EA7D0D64C93CEF42209344F9C [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~8F5B9685-0C4D-4180-9FC6-990308A80C13~amd64~~21.4.0.156.5.cat
[2021-08-18 10:52][2021-05-19 10:48] 000010335 ____S () 1314F15EA7D0D64C93CEF42209344F9C [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~919A27D6-1854-4192-974C-2DDF80F31CCC~amd64~~21.4.0.156.5.cat
[2021-10-06 09:41][2021-05-19 10:48] 000010327 ____S () 8C3406F6EF6A013E67DBCA2FF8873299 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~92417D3B-1B4A-49C3-B45F-90BD0CAEAACF~amd64~~21.09.0.167.5.cat
[2022-02-14 20:49][2021-09-28 15:02] 000010363 ____S () A2314D3C458577D22E0C9D1190D9956A [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~92698CFE-810C-4F35-BA4A-71AD6D327B13~amd64~~21.4.0.156.5.cat
[2021-06-30 12:15][2021-05-19 10:48] 000010331 ____S () 0CAC76AC58A4AE00D0622AA95E38E89F [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~92AC2E8D-B94B-415B-AB22-B9388748E63E~amd64~~21.4.0.156.5.cat
[2021-06-30 12:15][2021-05-19 10:48] 000010335 ____S () 2762A1B9903937D906E8737EECED9787 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~92FE91C4-C6A2-4C45-91A0-5DB28AB9BE28~amd64~~21.09.0.167.5.cat
[2021-10-20 15:01][2021-09-28 12:02] 000010363 ____S () 2DF4FE1B6D3B08D573605F168ABBB7BC [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~93D8F07F-F7B7-4F0C-BF6D-8B03A45B0D45~amd64~~22.2.0.140.14.cat
[2022-03-10 12:11][2022-02-09 13:56] 000011407 ____S () 9B9949F0B6E69BB5D626E8FE7807A0B3 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~94F36E63-0353-42A1-9E8E-2B49DE849776~amd64~~22.2.0.140.14.cat
[2022-06-09 12:41][2022-02-09 13:56] 000011415 ____S () EF95386138090933B604562469B59780 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~9551A98A-BAD6-4A61-B343-A3270B7DDD01~amd64~~21.4.0.156.5.cat
[2021-08-03 10:12][2021-05-19 10:48] 000010327 ____S () 8C3406F6EF6A013E67DBCA2FF8873299 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~98662893-6EDA-401E-A5B3-7236E606D5D1~amd64~~21.09.0.167.5.cat
[2022-01-06 14:10][2021-09-28 15:02] 000010363 ____S () 47EC0D787DD494A32C00912059B87DE8 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~9A89F593-EB58-48F3-806B-F0CC6DE27CCC~amd64~~21.09.0.167.5.cat
[2022-02-14 20:49][2021-09-28 15:02] 000010363 ____S () 47EC0D787DD494A32C00912059B87DE8 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~9B678535-F4FE-4105-AA46-11A8C888565B~amd64~~20.12.0.172.8.cat
[2021-04-28 20:05][2020-12-11 16:36] 000010347 ____S () 5DC41BF1508DAE45FA95896DEBEF82DF [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~9BF3F12A-76F9-4D36-A347-5CF61994F9FA~amd64~~21.4.0.156.5.cat
[2021-08-03 10:12][2021-05-19 10:48] 000010343 ____S () A01B076826A59F06BB769FE8B985C34E [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~9D2A23E1-0BB0-4C7D-A871-F172D1D0BD82~amd64~~21.4.0.156.5.cat
[2021-09-06 19:49][2021-05-19 10:48] 000010342 ____S () 483DE13C7A4915F90CC3C8B9310D8ED1 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~9D91A633-C1A6-466C-A3C3-1425B4C0893B~amd64~~22.2.0.140.14.cat
[2022-06-09 12:41][2022-02-09 13:56] 000011414 ____S () C7E75ECF910BA890BB858CAF138DDD23 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~9DA759B8-2658-46C1-B8AA-31E29322D153~amd64~~21.09.0.167.5.cat
[2022-01-06 14:10][2021-09-28 15:02] 000010358 ____S () 691457B3F210057214172AB6B00CB512 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~9DE12895-36DE-4AA8-9537-6218FECF3DAE~amd64~~22.4.0.222.6.cat
[2022-07-14 17:42][2022-06-09 12:38] 000011380 ____S () 34C4BBCE569713845ACC9BEA0C1BF9EA [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~A0173015-1990-46B7-B8B5-95F52D4BD3E3~amd64~~22.4.0.222.6.cat
[2022-07-14 17:42][2022-06-09 12:38] 000011380 ____S () 8C79FCA1710E194F28013335AD903976 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~A2334510-5F14-4159-B5AE-E74282E9F0AB~amd64~~21.09.0.167.5.cat
[2021-11-04 12:12][2021-09-28 15:02] 000010363 ____S () 2DF4FE1B6D3B08D573605F168ABBB7BC [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~A3946553-AFDB-40DC-9FCF-B379DFF7F7D6~amd64~~21.2.0.161.8.cat
[2021-05-20 12:42][2021-03-02 14:06] 000010358 ____S () DFD83717499FAE49722650473EFF1467 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~A59884AD-7E20-4755-883E-183531BEF678~amd64~~21.4.0.156.5.cat
[2021-09-06 19:49][2021-05-19 10:48] 000010327 ____S () 8C3406F6EF6A013E67DBCA2FF8873299 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~A5D05996-B8A0-4AAE-AFC2-650C51F7EA98~amd64~~22.4.0.222.6.cat
[2022-07-14 17:42][2022-06-09 12:38] 000011384 ____S () F8A01431A0FADF565E4108F5AD2B7E9E [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~A72DD2E3-E443-4C4D-B34D-B51EB1EF43D9~amd64~~22.2.0.140.14.cat
[2022-06-09 12:41][2022-02-09 13:56] 000011411 ____S () D3E961B0856DB8CC289317F10F8DD829 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~A83B1F56-3DBB-4CF2-88FC-6DB7B7135DB8~amd64~~21.09.0.167.5.cat
[2022-02-14 20:49][2021-09-28 15:02] 000010363 ____S () CB2833EDDFB220195BB4AE42DA033D24 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~A9F1C98A-115A-4FE6-A709-41E9310FE724~amd64~~21.4.0.156.5.cat
[2021-08-18 10:52][2021-05-19 10:48] 000010335 ____S () 2762A1B9903937D906E8737EECED9787 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~AC006825-117E-4585-B4D2-6C13E4E095DF~amd64~~21.09.0.167.5.cat
[2022-01-06 14:10][2021-09-28 15:02] 000010363 ____S () 47EC0D787DD494A32C00912059B87DE8 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~AC2A62AE-34A8-4596-8C57-032415F28C5B~amd64~~21.4.0.156.5.cat
[2021-06-30 12:15][2021-05-19 10:48] 000010331 ____S () 0CAC76AC58A4AE00D0622AA95E38E89F [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~AD15EFBF-1066-4333-B7FC-16B1D57E754E~amd64~~22.2.0.140.14.cat
[2022-06-09 12:41][2022-02-09 13:56] 000011407 ____S () 9B9949F0B6E69BB5D626E8FE7807A0B3 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~ADAD3762-BE01-49C2-85EC-2B5C06BFE478~amd64~~22.2.0.140.14.cat
[2022-06-09 12:41][2022-02-09 13:56] 000011411 ____S () D3E961B0856DB8CC289317F10F8DD829 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~ADE8998B-9C1D-44EF-BA08-2464D9B479D4~amd64~~21.09.0.167.5.cat
[2021-11-04 12:12][2021-09-28 15:02] 000010358 ____S () 691457B3F210057214172AB6B00CB512 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~AE97232F-D067-48A8-8AC9-C6F7F2D89EE3~amd64~~21.4.0.156.5.cat
[2021-10-06 09:41][2021-05-19 10:48] 000010327 ____S () 8C3406F6EF6A013E67DBCA2FF8873299 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~AF75016D-786B-4810-8178-22A7609AE25E~amd64~~21.09.0.167.5.cat
[2022-02-14 20:49][2021-09-28 15:02] 000010367 ____S () B61D2DB4B83BF914EB1F30D1B0B21C81 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~B17E2482-33AC-441D-B3BB-A777F1CCB617~amd64~~22.2.0.140.14.cat
[2022-03-10 12:11][2022-02-09 13:56] 000011411 ____S () 2BA7BD6C855928B2FDC63732FFA4417E [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~B1E2CC84-0327-4CCA-8EBD-D97026E5A171~amd64~~21.09.0.167.5.cat
[2021-10-20 15:01][2021-09-28 12:02] 000010363 ____S () CB2833EDDFB220195BB4AE42DA033D24 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~B217EE2B-40D2-4792-8A25-FC3F4CA2D639~amd64~~21.09.0.167.5.cat
[2021-12-07 09:39][2021-09-28 15:02] 000010363 ____S () A2314D3C458577D22E0C9D1190D9956A [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~B415E2AC-20C1-471B-8838-437E0393C60D~amd64~~21.09.0.167.5.cat
[2021-12-07 09:39][2021-09-28 15:02] 000010367 ____S () 86AD421887B9FAD089150F4A4AAC8EE4 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~B4A597A7-36DD-4DE5-AF3B-BCDDD89E7AC0~amd64~~22.2.0.140.14.cat
[2022-06-09 12:41][2022-02-09 13:56] 000011411 ____S () D3E961B0856DB8CC289317F10F8DD829 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~B5663ED5-FC35-47D6-8D3D-39054DC36340~amd64~~21.4.0.156.5.cat
[2021-08-03 10:12][2021-05-19 10:48] 000010342 ____S () 483DE13C7A4915F90CC3C8B9310D8ED1 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~B625BC20-9E9A-4136-ADC5-B9A848767299~amd64~~21.4.0.156.5.cat
[2021-09-06 19:49][2021-05-19 10:48] 000010339 ____S () 74684AA896EA7751E7FA6D950D08D9CD [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~B8153EAA-9383-4F6D-9EA5-16377B45D3BF~amd64~~21.09.0.167.5.cat
[2022-02-14 20:49][2021-09-28 15:02] 000010367 ____S () 86AD421887B9FAD089150F4A4AAC8EE4 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~B83CEBE3-4875-4662-8E6E-E94A53095A84~amd64~~21.09.0.167.5.cat
[2021-11-04 12:12][2021-09-28 15:02] 000010363 ____S () 47EC0D787DD494A32C00912059B87DE8 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~B9DCDB5D-D8FF-419A-A68F-9CFDEEEA5716~amd64~~21.09.0.167.5.cat
[2021-10-20 15:01][2021-09-28 12:02] 000010367 ____S () 86AD421887B9FAD089150F4A4AAC8EE4 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~BA637303-F023-4006-8F27-5466FAB18C92~amd64~~21.09.0.167.5.cat
[2022-02-14 20:49][2021-09-28 15:02] 000010367 ____S () B61D2DB4B83BF914EB1F30D1B0B21C81 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~BBD875A2-9DCE-4C4B-9AC9-51B03C8DD8ED~amd64~~22.2.0.140.14.cat
[2022-03-10 12:11][2022-02-09 13:56] 000011415 ____S () C7395D1311E7589093235EF450208671 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~BC299CBE-1091-41F4-B862-C230F7590626~amd64~~21.4.0.156.5.cat
[2021-08-03 10:12][2021-05-19 10:48] 000010342 ____S () 483DE13C7A4915F90CC3C8B9310D8ED1 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~BD3C5E0F-0F42-47D6-BB2C-812F170341C0~amd64~~21.4.0.156.5.cat
[2021-08-18 10:52][2021-05-19 10:48] 000010342 ____S () 483DE13C7A4915F90CC3C8B9310D8ED1 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~BD4F4B57-4C78-4E47-802F-468C761EE491~amd64~~21.09.0.167.5.cat
[2021-10-20 15:01][2021-09-28 12:02] 000010363 ____S () A2314D3C458577D22E0C9D1190D9956A [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~BDED42E9-1D8D-49E9-BD9A-E5C0F5D0EC4F~amd64~~22.2.0.140.14.cat
[2022-03-10 12:11][2022-02-09 13:56] 000011407 ____S () 9B9949F0B6E69BB5D626E8FE7807A0B3 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~BEA3ACA1-F250-4191-930F-7203B677877C~amd64~~21.09.0.167.5.cat
[2021-12-07 09:39][2021-09-28 15:02] 000010356 ____S () 0BC622475C2EC007287C8FBECB610843 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~BF73FA09-7590-4F12-9DB8-68D2482884D2~amd64~~22.2.0.140.14.cat
[2022-03-10 12:11][2022-02-09 13:56] 000011411 ____S () D3E961B0856DB8CC289317F10F8DD829 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~BFAC612D-8856-4B05-9B87-6B0306E1FCE4~amd64~~21.09.0.167.5.cat
[2021-10-20 15:01][2021-09-28 12:02] 000010363 ____S () 2DF4FE1B6D3B08D573605F168ABBB7BC [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~BFB6F03F-E51B-4866-8C91-4578B238F0A5~amd64~~21.4.0.156.5.cat
[2021-06-30 12:15][2021-05-19 10:48] 000010343 ____S () A01B076826A59F06BB769FE8B985C34E [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~C0AA72FB-85FE-4644-B807-E8D23C082F7E~amd64~~21.09.0.167.5.cat
[2022-01-06 14:10][2021-09-28 15:02] 000010367 ____S () 86AD421887B9FAD089150F4A4AAC8EE4 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~C1AA3430-1E14-431B-8050-BBA9AC214BC5~amd64~~22.2.0.140.14.cat
[2022-06-09 12:41][2022-02-09 13:56] 000011411 ____S () D3E961B0856DB8CC289317F10F8DD829 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~C1EEA0B3-7599-4EB0-A181-E2EDBAD6D2A2~amd64~~22.4.0.222.6.cat
[2022-07-14 17:42][2022-06-09 12:38] 000011380 ____S () 34C4BBCE569713845ACC9BEA0C1BF9EA [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~C21C0671-C751-4E31-AF66-518F055BA1FE~amd64~~21.4.0.156.5.cat
[2021-08-18 10:52][2021-05-19 10:48] 000010339 ____S () 74684AA896EA7751E7FA6D950D08D9CD [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~C368D6FE-6C23-463E-9B78-FB0809E1EF76~amd64~~21.09.0.167.5.cat
[2022-02-14 20:49][2021-09-28 15:02] 000010363 ____S () 2DF4FE1B6D3B08D573605F168ABBB7BC [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~C3B6E5E3-F33D-42C7-9679-DDA2B57378A1~amd64~~21.09.0.167.5.cat
[2021-12-07 09:39][2021-09-28 15:02] 000010367 ____S () 86AD421887B9FAD089150F4A4AAC8EE4 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~C3CCBC77-D5C2-47EB-B96A-8DAC45943DF1~amd64~~20.12.0.172.8.cat
[2021-04-28 20:05][2020-12-11 16:36] 000010343 ____S () 474F06FB67442E7D621D5D93B91B2FD5 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~C415D5B5-35A9-4076-90E2-B8E545ACC42F~amd64~~21.4.0.156.5.cat
[2021-08-18 10:52][2021-05-19 10:48] 000010331 ____S () 0CAC76AC58A4AE00D0622AA95E38E89F [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~C47659F0-8EC9-48B6-8AA8-397106370B81~amd64~~21.09.0.167.5.cat
[2021-12-07 09:39][2021-09-28 15:02] 000010363 ____S () 2DF4FE1B6D3B08D573605F168ABBB7BC [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~C508125D-78C6-433A-8853-1AF6B6E26CDA~amd64~~21.4.0.156.5.cat
[2021-10-06 09:41][2021-05-19 10:48] 000010335 ____S () 2762A1B9903937D906E8737EECED9787 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~C8A3D4E1-3A11-4A41-8FC4-B77DBD45A13D~amd64~~21.09.0.167.5.cat
[2022-02-14 20:49][2021-09-28 15:02] 000010356 ____S () 0BC622475C2EC007287C8FBECB610843 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~C931CED5-7419-4EBE-820A-70725DA4288B~amd64~~22.2.0.140.14.cat
[2022-03-10 12:11][2022-02-09 13:56] 000011407 ____S () EBA4CB04E063724A89C515D42A2A7F39 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~C9EE29D4-4316-4CE6-A0A4-119B37190CCE~amd64~~20.12.0.172.8.cat
[2021-04-28 20:05][2020-12-11 16:36] 000010339 ____S () 802EE487E03BA22B0F4613AC9036802D [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~CA6C53D9-5529-4D24-9E5E-9D28A50C0D6E~amd64~~21.4.0.156.5.cat
[2021-09-06 19:49][2021-05-19 10:48] 000010335 ____S () 2762A1B9903937D906E8737EECED9787 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~CAA15F34-8B05-4266-9F09-A0DF1ECDCEA5~amd64~~21.4.0.156.5.cat
[2021-10-06 09:41][2021-05-19 10:48] 000010342 ____S () 483DE13C7A4915F90CC3C8B9310D8ED1 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~CBBFE1BA-4416-4CF8-AC37-FE531D707D91~amd64~~22.2.0.140.14.cat
[2022-04-12 10:53][2022-02-09 13:56] 000011411 ____S () 2BA7BD6C855928B2FDC63732FFA4417E [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~CC5A1E75-C80E-4412-BE09-D68F67A26611~amd64~~21.4.0.156.5.cat
[2021-09-06 19:49][2021-05-19 10:48] 000010327 ____S () 8C3406F6EF6A013E67DBCA2FF8873299 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~CD82EA87-D7F0-4AD5-9A55-84408112F47E~amd64~~22.2.0.140.14.cat
[2022-04-12 10:53][2022-02-09 13:56] 000011411 ____S () D3E961B0856DB8CC289317F10F8DD829 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~CDBBFE49-32BE-46DF-A0FF-B57D7BDAF33D~amd64~~21.4.0.156.5.cat
[2021-09-06 19:49][2021-05-19 10:48] 000010331 ____S () 0CAC76AC58A4AE00D0622AA95E38E89F [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~CDEBFD9A-8946-45E8-9200-B05E6D2C97E9~amd64~~21.09.0.167.5.cat
[2021-12-07 09:39][2021-09-28 15:02] 000010363 ____S () 47EC0D787DD494A32C00912059B87DE8 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~D05C6B02-8F7C-4AF8-BF2E-EB422F800B06~amd64~~22.2.0.140.14.cat
[2022-04-12 10:53][2022-02-09 13:56] 000011415 ____S () EF95386138090933B604562469B59780 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~D065D680-AF12-462E-811E-A71B70FB8FED~amd64~~20.12.0.172.8.cat
[2021-04-28 20:05][2020-12-11 16:36] 000010343 ____S () 474F06FB67442E7D621D5D93B91B2FD5 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~D185073D-C0A5-4A15-BD86-95CACAA784BA~amd64~~21.2.0.161.8.cat
[2021-05-20 12:42][2021-03-02 14:06] 000010354 ____S () F1B1B0F3CD919791EA331C889FA8FADB [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~D5D2A526-93BF-4E40-88C4-D21D1FEF1E37~amd64~~21.4.0.156.5.cat
[2021-08-18 10:52][2021-05-19 10:48] 000010327 ____S () 8C3406F6EF6A013E67DBCA2FF8873299 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~D64B2D52-ED39-4D3C-8FE7-800CC96BD50B~amd64~~21.2.0.161.8.cat
[2021-05-20 12:42][2021-03-02 14:06] 000010354 ____S () F1B1B0F3CD919791EA331C889FA8FADB [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~D679FB7A-214F-44A8-B816-3215642F37D6~amd64~~21.4.0.156.5.cat
[2021-10-06 09:41][2021-05-19 10:48] 000010331 ____S () 0CAC76AC58A4AE00D0622AA95E38E89F [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~D67BA040-5BF3-4F6E-AAED-B2AA20E54DD9~amd64~~20.12.0.172.8.cat
[2021-04-28 20:05][2020-12-11 16:36] 000010343 ____S () 8E3052F3B28A3D0EF037A95D5DB188F3 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~D76E0025-0662-4662-BC93-5B6865612AFB~amd64~~20.12.0.172.8.cat
[2021-04-28 20:05][2020-12-11 16:36] 000010343 ____S () A86BD4A299FDF98FD2A11DEFD94CBEA8 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~D841EFE6-22FD-482A-A435-BA2A537E98DF~amd64~~20.12.0.172.8.cat
[2021-04-28 20:05][2020-12-11 16:36] 000010343 ____S () 8E3052F3B28A3D0EF037A95D5DB188F3 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~D8FE3830-C51B-4595-9508-DF0E32462274~amd64~~21.09.0.167.5.cat
[2022-02-14 20:49][2021-09-28 15:02] 000010363 ____S () CB2833EDDFB220195BB4AE42DA033D24 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~D954AAEC-623A-4474-9E4A-86D6576EA367~amd64~~21.2.0.161.8.cat
[2021-05-20 12:38][2021-03-02 14:06] 000010353 ____S () 6CA7EE40E4368F73E72361C172678AE6 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~D9BA79C2-BFD8-41BA-A849-491465B3D070~amd64~~22.2.0.140.14.cat
[2022-04-12 10:53][2022-02-09 13:56] 000011411 ____S () 2BA7BD6C855928B2FDC63732FFA4417E [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~DBA9F883-7EBB-4006-9F04-3C9CDF718F6A~amd64~~21.4.0.156.5.cat
[2021-06-30 12:15][2021-05-19 10:48] 000010331 ____S () 0CAC76AC58A4AE00D0622AA95E38E89F [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~DC90D3F3-4749-48C8-B3D4-827F1C10B874~amd64~~21.4.0.156.5.cat
[2021-10-06 09:41][2021-05-19 10:48] 000010339 ____S () 74684AA896EA7751E7FA6D950D08D9CD [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~DC937947-C19D-4CEA-B652-69380EA12A3B~amd64~~21.4.0.156.5.cat
[2021-10-06 09:41][2021-05-19 10:48] 000010331 ____S () EF712D7967BE39420C57C8F0BB8EEBB2 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~DD64B4BC-9C26-40C9-8A97-3BA7286DA424~amd64~~21.09.0.167.5.cat
[2022-02-14 20:49][2021-09-28 15:02] 000010358 ____S () 691457B3F210057214172AB6B00CB512 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~DEF95F7C-E228-4703-84FB-CB6516BC5379~amd64~~21.09.0.167.5.cat
[2021-12-07 09:39][2021-09-28 15:02] 000010367 ____S () B61D2DB4B83BF914EB1F30D1B0B21C81 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~DF647C87-7CE2-4CCF-A342-B9D0F5912D01~amd64~~21.09.0.167.5.cat
[2021-10-20 15:01][2021-09-28 12:02] 000010363 ____S () A2314D3C458577D22E0C9D1190D9956A [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~DFF5F53C-477C-4AEF-BBD2-42DFF76AF1A7~amd64~~20.12.0.172.8.cat
[2021-04-28 20:05][2020-12-11 16:36] 000010339 ____S () 802EE487E03BA22B0F4613AC9036802D [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~E31619D9-21AE-4E45-9542-772729A64BE7~amd64~~21.09.0.167.5.cat
[2022-01-06 14:10][2021-09-28 15:02] 000010363 ____S () A2314D3C458577D22E0C9D1190D9956A [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~E45DA5EE-5A38-40EE-948C-39F3F22DF77C~amd64~~21.4.0.156.5.cat
[2021-08-18 10:52][2021-05-19 10:48] 000010335 ____S () 1314F15EA7D0D64C93CEF42209344F9C [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~E4C169E4-3BE5-4D7A-9DF7-0DCA3668F556~amd64~~21.4.0.156.5.cat
[2021-10-06 09:41][2021-05-19 10:48] 000010331 ____S () EF712D7967BE39420C57C8F0BB8EEBB2 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~E5318E75-CA71-4D65-974B-460A6B7210ED~amd64~~20.12.0.172.8.cat
[2021-04-28 20:05][2020-12-11 16:36] 000010343 ____S () E75FAE5190A74354CB5CA15CC0AFACBC [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~E694AF45-B5DF-4E0D-BB64-2C4353911170~amd64~~21.09.0.167.5.cat
[2021-10-20 15:01][2021-09-28 12:02] 000010367 ____S () 86AD421887B9FAD089150F4A4AAC8EE4 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~E7515035-E0EB-40B6-8E11-86F029C3C480~amd64~~21.4.0.156.5.cat
[2021-08-18 10:52][2021-05-19 10:48] 000010331 ____S () 0CAC76AC58A4AE00D0622AA95E38E89F [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~E80635A8-22FD-461D-A998-CCFFF4399B9E~amd64~~21.4.0.156.5.cat
[2021-08-18 10:52][2021-05-19 10:48] 000010342 ____S () 483DE13C7A4915F90CC3C8B9310D8ED1 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~E980A2CB-2DF9-4C7F-A25E-353983C69202~amd64~~22.4.0.222.6.cat
[2022-07-14 17:42][2022-06-09 12:38] 000011384 ____S () 1EBA99A39C26721E4AE2DEB799C92AA3 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~EC469F65-B48B-418D-AB81-28203CABAB29~amd64~~22.4.0.222.6.cat
[2022-07-14 17:42][2022-06-09 12:38] 000011380 ____S () 34C4BBCE569713845ACC9BEA0C1BF9EA [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~EE08D93A-72CD-4295-868A-11AFAE404833~amd64~~22.2.0.140.14.cat
[2022-04-12 10:53][2022-02-09 13:56] 000011415 ____S () EF95386138090933B604562469B59780 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~EE12A45B-38B3-438F-94FF-9FA53E3FF661~amd64~~22.2.0.140.14.cat
[2022-04-12 10:53][2022-02-09 13:56] 000011411 ____S () B3F3D9A91D5D60C2765AEAE2A51BFDB9 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~EF81CFB4-FD13-47B8-8706-02F3C62196AD~amd64~~22.2.0.140.14.cat
[2022-03-10 12:11][2022-02-09 13:56] 000011415 ____S () C7395D1311E7589093235EF450208671 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~EFF27E77-8392-4AC6-89E1-25C60EDD540C~amd64~~21.2.0.161.8.cat
[2021-05-20 12:42][2021-03-02 14:06] 000010359 ____S () 6BB8FCEC37FE0B0FE40BDE3E7A72BAA2 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~F0B1AED3-DF9F-43B2-8B83-28973D0791B4~amd64~~21.4.0.156.5.cat
[2021-08-18 10:52][2021-05-19 10:48] 000010331 ____S () EF712D7967BE39420C57C8F0BB8EEBB2 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~F0E97740-D076-4395-ADCE-DAB503C3E7EA~amd64~~21.2.0.161.8.cat
[2021-05-20 12:42][2021-03-02 14:06] 000010358 ____S () DFD83717499FAE49722650473EFF1467 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~F0F19297-A474-4CE1-8F30-A722611202D2~amd64~~22.2.0.140.14.cat
[2022-04-12 10:53][2022-02-09 13:56] 000011407 ____S () 9B9949F0B6E69BB5D626E8FE7807A0B3 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~F135B9C4-AAAB-4369-847C-B7E40C1E5903~amd64~~22.2.0.140.14.cat
[2022-04-12 10:53][2022-02-09 13:56] 000011407 ____S () 9B9949F0B6E69BB5D626E8FE7807A0B3 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~F23D6178-B84F-4276-B2F5-6A464549DA07~amd64~~20.12.0.172.8.cat
[2021-04-28 20:05][2020-12-11 16:36] 000010339 ____S () 48682A6BE028FD47D9392D8C2A218D8B [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~F2DB4D3F-A72C-4718-B9AC-4E7F01861AA8~amd64~~22.2.0.140.14.cat
[2022-03-10 12:11][2022-02-09 13:56] 000011407 ____S () EBA4CB04E063724A89C515D42A2A7F39 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~F34D8469-B405-4205-9A00-0A5E8D2A12D6~amd64~~21.09.0.167.5.cat
[2021-11-04 12:12][2021-09-28 15:02] 000010363 ____S () 47EC0D787DD494A32C00912059B87DE8 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~F45DB7CC-CBF0-43A1-B491-5B11CF95D30F~amd64~~21.09.0.167.5.cat
[2022-01-06 14:10][2021-09-28 15:02] 000010367 ____S () 86AD421887B9FAD089150F4A4AAC8EE4 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~F4DEF23D-7F61-4B64-ABD1-7BBAC0B81C2C~amd64~~22.2.0.140.14.cat
[2022-03-10 12:11][2022-02-09 13:56] 000011415 ____S () EF95386138090933B604562469B59780 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~F6126593-E9B0-4DDE-AA5B-48A1167D731A~amd64~~21.09.0.167.5.cat
[2022-02-14 20:49][2021-09-28 15:02] 000010367 ____S () 86AD421887B9FAD089150F4A4AAC8EE4 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~FA20A708-5BFF-467F-BF50-46D818EDA786~amd64~~21.2.0.161.8.cat
[2021-05-20 12:42][2021-03-02 14:06] 000010352 ____S () 3A9D91B192A9B46F21559A7DC70FDACC [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~FA2F109A-CE94-4806-AC59-F318BA452B36~amd64~~22.2.0.140.14.cat
[2022-03-10 12:11][2022-02-09 13:56] 000011411 ____S () B3F3D9A91D5D60C2765AEAE2A51BFDB9 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~FA7481A0-7B35-41FD-92DF-3DA613B61906~amd64~~21.4.0.156.5.cat
[2021-06-30 12:15][2021-05-19 10:48] 000010327 ____S () 8C3406F6EF6A013E67DBCA2FF8873299 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~FC17E4EC-C198-4B31-ABE4-06856D58D3D6~amd64~~22.2.0.140.14.cat
[2022-03-10 12:11][2022-02-09 13:56] 000011411 ____S () D3E961B0856DB8CC289317F10F8DD829 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~FC226279-2F46-47C3-A6B8-D21CBDBD8370~amd64~~21.4.0.156.5.cat
[2021-08-03 10:12][2021-05-19 10:48] 000010343 ____S () A01B076826A59F06BB769FE8B985C34E [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~FC273A01-11A4-4A9E-AE49-32660E6F7EC0~amd64~~21.4.0.156.5.cat
[2021-08-03 10:12][2021-05-19 10:48] 000010331 ____S () 0CAC76AC58A4AE00D0622AA95E38E89F [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~FC969F81-67C1-4B47-8B06-33FBCA4B603D~amd64~~22.2.0.140.14.cat
[2022-03-10 12:11][2022-02-09 13:56] 000011411 ____S () D3E961B0856DB8CC289317F10F8DD829 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~FCB25B10-D22A-41BD-B61E-34C2A75B581D~amd64~~21.4.0.156.5.cat
[2021-09-06 19:49][2021-05-19 10:48] 000010343 ____S () A01B076826A59F06BB769FE8B985C34E [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~FCCAB91D-87E2-48A0-97AD-2A9DA12C69FE~amd64~~22.2.0.140.14.cat
[2022-04-12 10:53][2022-02-09 13:56] 000011415 ____S () C7395D1311E7589093235EF450208671 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~FD0F7487-AF20-4B56-8937-EF213DC3E423~amd64~~22.4.0.222.6.cat
[2022-07-14 17:42][2022-06-09 12:38] 000011379 ____S () 76855340A32A45D10BF6A6A4CF15DCE4 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~FF82877B-5BE0-4B64-92D3-A0D0C703942B~amd64~~21.09.0.167.5.cat
[2022-01-06 14:10][2021-09-28 15:02] 000010358 ____S () 691457B3F210057214172AB6B00CB512 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~FF9C9686-2F97-48BF-8D53-98528729ACAE~amd64~~22.2.0.140.14.cat
[2022-03-10 12:11][2022-02-09 13:56] 000011411 ____S () 2BA7BD6C855928B2FDC63732FFA4417E [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~FFAE0325-2FB1-4A7A-9E0B-BB61192432A5~amd64~~21.4.0.156.5.cat
[2021-08-18 10:52][2021-05-19 10:48] 000010339 ____S () 74684AA896EA7751E7FA6D950D08D9CD [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~FFC81BDA-BBA5-417A-8D75-649579AC5D48~amd64~~21.4.0.156.5.cat
[2021-09-06 19:49][2021-05-19 10:48] 000010331 ____S () EF712D7967BE39420C57C8F0BB8EEBB2 [File is digitally signed]

C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\McAfee-VSCore~FFE46A95-EEDF-4858-8A0E-12276691AD14~amd64~~21.4.0.156.5.cat
[2021-08-03 10:12][2021-05-19 10:48] 000010335 ____S () 1314F15EA7D0D64C93CEF42209344F9C [File is digitally signed]

C:\Windows\Prefetch\AUDIOTEKSERVICE.EXE-86499A03.pf
[2023-05-25 08:52][2023-05-25 08:52] 000016839 _____ () 35B029752DD2B3975480A920EF0D40EF [File not signed]

C:\Windows\Prefetch\XUSERVICE.EXE-030118CE.pf
[2023-05-24 14:53][2023-05-24 14:53] 000010230 _____ () 11F5247ABF55F5F8000FEAD04A35ACB7 [File not signed]

C:\Windows\Microsoft.NET\assembly\GAC_64\McAfee.CSP.ClientAPI\v4.0_5.1.104.0__a63667ab4267742d\McAfee.CSP.ClientAPI.dll
[2022-07-14 17:43][2022-07-14 17:43] 000035608 _____ (McAfee, LLC) 93EC63D2BB655813282A24D2AF37DD58 [File is digitally signed]

C:\Users\Andrew Tan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\XUService.exe
[2023-05-25 08:52][2023-05-25 08:53] 001242624 _____ () 5E6BD12D4FF23C0686E6A58D8001C005 [File not signed]

C:\Users\Andrew Tan\AppData\Local\AudioTekService.exe
[2023-05-25 08:52][2023-05-25 08:52] 000004608 _____ () 15A3AA40212D9564A3D3C87D8F2F422A [File not signed]

C:\Users\Andrew Tan\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\5A894077_McAfeeSecurity_wafk5atnkzcwy!App
[2023-05-20 16:24][2023-05-20 16:24] 000007894 _____ () C559BC170A0DB9A175D965FA5E126933 [File not signed]

C:\Users\Andrew Tan\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\AppIconCache\100\McAfee_McAgent
[2023-05-20 16:24][2023-05-20 16:24] 000037014 _____ () BAD093419BE1135CFE9694EA77088C78 [File not signed]

C:\Users\Andrew Tan\AppData\Local\CrashDumps\AudioTekService.exe.17172.dmp
[2023-05-23 17:15][2023-05-23 17:15] 008438367 _____ () 198B66F76323D7F8F7DAD57AA8076162 [File not signed]

C:\Users\Andrew Tan\AppData\Local\CrashDumps\AudioTekService.exe.17828.dmp
[2023-05-24 14:53][2023-05-24 14:53] 004802435 _____ () 41877E1AEEA47127343AFB9F637F67CE [File not signed]

C:\Users\Andrew Tan\AppData\Local\CrashDumps\AudioTekService.exe.18764.dmp
[2023-05-21 08:36][2023-05-21 08:36] 004825059 _____ () 65000047339EDAC186B50F12291F79C0 [File not signed]

C:\Users\Andrew Tan\AppData\Local\CrashDumps\AudioTekService.exe.18796.dmp
[2023-05-21 20:02][2023-05-21 20:02] 004807007 _____ () F4D34C213AEBB5870B976CDA89CBBE1E [File not signed]

C:\Users\Andrew Tan\AppData\Local\CrashDumps\AudioTekService.exe.18964.dmp
[2023-05-22 08:33][2023-05-22 08:33] 004808479 _____ () 0DFE7864F28F480C373F2238278FCB32 [File not signed]

C:\Users\Andrew Tan\AppData\Local\CrashDumps\AudioTekService.exe.21352.dmp
[2023-05-22 08:33][2023-05-22 08:33] 004802189 _____ () 933C18A081AF0FF7F019DF57FA7AC948 [File not signed]

C:\Users\Andrew Tan\AppData\Local\CrashDumps\AudioTekService.exe.22008.dmp
[2023-05-25 08:53][2023-05-25 08:53] 004812473 _____ () 11C799224E3E92578A0C3BA98FA4FF7E [File not signed]

C:\Users\Andrew Tan\AppData\Local\CrashDumps\AudioTekService.exe.3916.dmp
[2023-05-25 08:32][2023-05-25 08:32] 004813949 _____ () 925C71F22000F5A399B017DEFE4B26D3 [File not signed]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee\McAfee AntiVirus.lnk
[2022-08-22 20:02][2022-08-22 20:02] 000002223 _____ () 765E0497AB727B6D6AB61B45748E4CC4 [File not signed]

C:\ProgramData\Microsoft\Windows\AppRepository\5A894077.McAfeeSecurity_2.1.39.0_neutral_split.scale-100_wafk5atnkzcwy.xml
[2021-04-15 21:25][2021-04-15 21:25] 000000782 _____ () 0E882C258A9CD11B69A0A04B0E1C855B [File not signed]

C:\ProgramData\Microsoft\Windows\AppRepository\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.language-zh-hans_wafk5atnkzcwy.xml
[2021-11-13 17:10][2021-11-13 17:10] 000000790 _____ () FD68B480892E48CE5BABDFA2A584BDAC [File not signed]

C:\ProgramData\Microsoft\Windows\AppRepository\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-100_wafk5atnkzcwy.xml
[2023-03-12 06:39][2023-03-12 06:39] 000000782 _____ () 7E0CBA9D893468F465C7B80F891A27C6 [File not signed]

C:\ProgramData\Microsoft\Windows\AppRepository\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-125_wafk5atnkzcwy.xml
[2021-11-13 17:10][2021-11-13 17:10] 000000782 _____ () B99D3F98F8BE42BA0326632B335BE98F [File not signed]

C:\ProgramData\Microsoft\Windows\AppRepository\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-150_wafk5atnkzcwy.xml
[2023-03-12 06:39][2023-03-12 06:39] 000000782 _____ () B3C8FA2349193094E8DA362D65E5862C [File not signed]

C:\ProgramData\Microsoft\Windows\AppRepository\5A894077.McAfeeSecurity_2.1.68.0_neutral_~_wafk5atnkzcwy.xml
[2021-11-13 17:10][2021-11-13 17:10] 000014526 _____ () 097225EA5E3E995822B412DACA485644 [File not signed]

C:\ProgramData\Microsoft\Windows\AppRepository\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy.xml
[2021-11-13 17:10][2021-11-13 17:10] 000005506 _____ () BF4BB96C12B11AC900254BC073B27B2B [File not signed]

C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2\Data\Dell\Articles\zh-Hant\System Health\ProtectAllYourDevicesWithMcAfeeLiveSafe.htm
[2022-04-15 09:14][2022-04-15 09:15] 000003906 _____ () 468444E921A9B8CD746A63C3E6C858C0 [File not signed]

C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2\Data\Dell\Articles\zh-Hans\System Health\ProtectAllYourDevicesWithMcAfeeLiveSafe.htm
[2022-04-15 09:14][2022-04-15 09:15] 000003727 _____ () 989C95171DD695D6F69675F2962BE210 [File not signed]

C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2\Data\Dell\Articles\uk\System Health\ProtectAllYourDevicesWithMcAfeeLiveSafe.htm
[2022-04-15 09:14][2022-04-15 09:15] 000006472 _____ () DD77A8E44020FB19DCE9363C1EB47D4C [File not signed]

C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2\Data\Dell\Articles\tr\System Health\ProtectAllYourDevicesWithMcAfeeLiveSafe.htm
[2022-04-15 09:14][2022-04-15 09:15] 000004985 _____ () 5D23E4217817FA520BA702123D44C668 [File not signed]

C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2\Data\Dell\Articles\sv\System Health\ProtectAllYourDevicesWithMcAfeeLiveSafe.htm
[2022-04-15 09:14][2022-04-15 09:15] 000004604 _____ () 557D412DDDE261F4C7CC7CEE3FD1B3E8 [File not signed]

C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2\Data\Dell\Articles\sl\System Health\ProtectAllYourDevicesWithMcAfeeLiveSafe.htm
[2022-04-15 09:14][2022-04-15 09:15] 000004692 _____ () A683EA9AC0D8243ADE09A1052D40F89C [File not signed]

C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2\Data\Dell\Articles\sk\System Health\ProtectAllYourDevicesWithMcAfeeLiveSafe.htm
[2022-04-15 09:14][2022-04-15 09:15] 000005689 _____ () 878C0DD9EA8A382CEE63120500C881F3 [File not signed]

C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2\Data\Dell\Articles\ru\System Health\ProtectAllYourDevicesWithMcAfeeLiveSafe.htm
[2022-04-15 09:14][2022-04-15 09:15] 000006677 _____ () C2B2E16FBE69CD4CFE1F6623B4A3533C [File not signed]

C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2\Data\Dell\Articles\ro\System Health\ProtectAllYourDevicesWithMcAfeeLiveSafe.htm
[2022-04-15 09:14][2022-04-15 09:15] 000004884 _____ () 5B2CE4BAD4241FEFCC3EE676129E1D0D [File not signed]

C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2\Data\Dell\Articles\pt-PT\System Health\ProtectAllYourDevicesWithMcAfeeLiveSafe.htm
[2022-04-15 09:14][2022-04-15 09:15] 000004997 _____ () 2221DCD26B0707771FF932F4FF6F0446 [File not signed]

C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2\Data\Dell\Articles\pt-BR\System Health\ProtectAllYourDevicesWithMcAfeeLiveSafe.htm
[2022-04-15 09:14][2022-04-15 09:15] 000004783 _____ () 6D971BDCFEB41E95134328E9FAC1BD88 [File not signed]

C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2\Data\Dell\Articles\pl\System Health\ProtectAllYourDevicesWithMcAfeeLiveSafe.htm
[2022-04-15 09:14][2022-04-15 09:15] 000004813 _____ () 560916A3856E7DD216376E29B113F422 [File not signed]

C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2\Data\Dell\Articles\nl\System Health\ProtectAllYourDevicesWithMcAfeeLiveSafe.htm
[2022-04-15 09:14][2022-04-15 09:15] 000004185 _____ () 12179C880037C373C12885D77D765D5F [File not signed]

C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2\Data\Dell\Articles\nb\System Health\ProtectAllYourDevicesWithMcAfeeLiveSafe.htm
[2022-04-15 09:14][2022-04-15 09:15] 000004484 _____ () 0D566FE8054976BE3A42D54868AB5F03 [File not signed]

C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2\Data\Dell\Articles\ko\System Health\ProtectAllYourDevicesWithMcAfeeLiveSafe.htm
[2022-04-15 09:14][2022-04-15 09:15] 000004551 _____ () DD302A75B36ACBE17ADFDF514CCB3BE5 [File not signed]

C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2\Data\Dell\Articles\ja\System Health\ProtectAllYourDevicesWithMcAfeeLiveSafe.htm
[2022-04-15 09:14][2022-04-15 09:15] 000005412 _____ () 796EA9A2EA77B3AF976605954DB2AF2D [File not signed]

C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2\Data\Dell\Articles\it\System Health\ProtectAllYourDevicesWithMcAfeeLiveSafe.htm
[2022-04-15 09:14][2022-04-15 09:14] 000004592 _____ () 2ABB4976CFECF046AB6948A1D095F616 [File not signed]

C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2\Data\Dell\Articles\hu\System Health\ProtectAllYourDevicesWithMcAfeeLiveSafe.htm
[2022-04-15 09:14][2022-04-15 09:14] 000006730 _____ () 1C3FF3C635364E53FA050AE95D5095AE [File not signed]

C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2\Data\Dell\Articles\fr\System Health\ProtectAllYourDevicesWithMcAfeeLiveSafe.htm
[2022-04-15 09:14][2022-04-15 09:14] 000005620 _____ () 65CD4B19A8C59297983058B699DF6244 [File not signed]

C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2\Data\Dell\Articles\fi\System Health\ProtectAllYourDevicesWithMcAfeeLiveSafe.htm
[2022-04-15 09:14][2022-04-15 09:14] 000004613 _____ () 2ABA044E5C8D4B6BB494E59668F8E6E5 [File not signed]

C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2\Data\Dell\Articles\es\System Health\ProtectAllYourDevicesWithMcAfeeLiveSafe.htm
[2022-04-15 09:14][2022-04-15 09:14] 000004890 _____ () 13EC75D8C03E9B26B37BA1821F52B7F9 [File not signed]

C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2\Data\Dell\Articles\en\System Health\ProtectAllYourDevicesWithMcAfeeLiveSafe.htm
[2022-04-15 09:14][2022-04-15 09:14] 000004176 _____ () C0C35EF90D10B56BC2529D063CC363DF [File not signed]

C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2\Data\Dell\Articles\el\System Health\ProtectAllYourDevicesWithMcAfeeLiveSafe.htm
[2022-04-15 09:14][2022-04-15 09:14] 000007253 _____ () 018522EA421E07646F141A880034F660 [File not signed]

C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2\Data\Dell\Articles\de\System Health\ProtectAllYourDevicesWithMcAfeeLiveSafe.htm
[2022-04-15 09:14][2022-04-15 09:14] 000004685 _____ () 6799483444C1E370F2A77A9F4E402E5C [File not signed]

C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2\Data\Dell\Articles\da\System Health\ProtectAllYourDevicesWithMcAfeeLiveSafe.htm
[2022-04-15 09:14][2022-04-15 09:14] 000004454 _____ () 8CA4ACCB1FC216BCE9C9C3CA52044FAC [File not signed]

C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2\Data\Dell\Articles\cs\System Health\ProtectAllYourDevicesWithMcAfeeLiveSafe.htm
[2022-04-15 09:14][2022-04-15 09:14] 000005956 _____ () E666A9DF8D5B977DAFC250A42A9B0165 [File not signed]

C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2\Assets\Dell\Images\Software\Software-Mcafee-Background.png
[2021-04-15 21:30][2021-04-15 21:30] 000848919 _____ () 8B72BAB802FEE9CBACFD96760D6C1285 [File not signed]

C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2\Assets\Dell\Images\Software\Software-Mcafee-Logo.png
[2021-04-15 21:30][2021-04-15 21:30] 000017507 _____ () 9B9F3318281829D8696CBF7F92E9A494 [File not signed]

C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2\Assets\Dell\Images\Software\Software-Mcafee-Overlay.png
[2021-04-15 21:30][2021-04-15 21:30] 000008138 _____ () 447FD8716B61C2EC4D2CB676B1F55970 [File not signed]

C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.dll
[2021-11-13 17:10][2021-11-13 17:11] 016742912 _____ (McAfee LLC) EE6533041235D9490B9AD24E5B6D5F9D [File not signed]

C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
[2021-11-13 17:10][2021-11-13 17:11] 000020480 _____ (McAfee LLC) E34AE177A042D0D7239C07DE70EDAC70 [File not signed]

C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\McAfee.UWP.ResourceStreamer.winmd
[2021-11-13 17:10][2021-11-13 17:11] 000004096 _____ () 76A794F9D70CDE5C65D9272D2DB4142E [File not signed]

C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
[2021-11-13 17:10][2021-11-13 17:11] 000648704 _____ (McAfee, LLC) 6792866AB19DA7ED7D94796CD60634D6 [File not signed]

C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Assets\Offline\mcafee-logo.png
[2021-04-15 21:25][2021-04-15 21:25] 000001841 _____ () 5842DC8AC07CA0BBF672BABD03482B72 [File not signed]

C:\FRST\Quarantine\C\Users\Andrew Tan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\XUService.exe.xBAD
[2023-05-25 08:40][2023-05-24 14:52] 001242624 _____ () 5E6BD12D4FF23C0686E6A58D8001C005 [File not signed]

C:\FRST\Quarantine\C\Users\Andrew Tan\AppData\Local\AudioTekService.exe.xBAD
[2023-05-25 08:40][2023-05-22 08:33] 000004608 _____ () 15A3AA40212D9564A3D3C87D8F2F422A [File not signed]

folder:
========
2022-07-14 17:43 - 2022-07-14 17:43 _____ C:\Windows\Microsoft.NET\assembly\GAC_64\McAfee.CSP.ClientAPI
2022-07-28 09:17 - 2022-07-28 09:17 _____ C:\Users\Andrew Tan\AppData\Roaming\McAfee
2021-04-28 19:27 - 2021-04-28 19:27 _____ C:\ProgramData\Packages\5A894077.McAfeeSecurity_wafk5atnkzcwy
2023-03-20 08:43 - 2023-03-20 08:43 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._2a4aaa2bdcedf517232a013e7be9fac61aa65_b9562b8d_27b0e840-ba45-4bc8-aa29-11eeb4cdabbe
2023-03-19 10:08 - 2023-03-19 10:08 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._2a4aaa2bdcedf517232a013e7be9fac61aa65_b9562b8d_cd6d5cd2-1d12-4452-8ac1-836f2b5258f1
2023-03-12 05:51 - 2023-03-12 05:51 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_04035ea2-10fa-49ff-804a-4d57a47debc6
2023-03-31 08:34 - 2023-03-31 08:34 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_042bfc24-fc5c-4db2-96c3-5351e99af961
2023-03-22 08:36 - 2023-03-22 08:36 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_05006e8d-81d1-44f6-acb3-561aeff974c6
2023-05-11 08:42 - 2023-05-11 08:42 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_05723268-ff66-4e79-a117-7016ba887bc0
2023-03-13 15:00 - 2023-03-13 15:00 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_0a867afd-1976-4912-acdb-67f086e35c20
2023-03-27 11:04 - 2023-03-27 11:04 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_0bedfbd1-984c-4a40-aca0-736b108f9adb
2023-04-18 16:01 - 2023-04-18 16:01 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_0fd2c230-801d-4ba3-b5f8-f84953ae0da3
2023-03-11 18:44 - 2023-03-11 18:44 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_1047d200-b64e-4571-92cd-5f6c6713fa65
2023-05-01 21:41 - 2023-05-01 21:41 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_13caa781-4357-4fda-882b-ac51d337d3c3
2023-04-28 21:18 - 2023-04-28 21:18 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_13e42989-45bf-45b9-8933-d70819db7017
2023-05-25 08:32 - 2023-05-25 08:32 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_16443e92-b983-40a6-bc54-7f5aefcb91a9
2023-03-18 16:10 - 2023-03-18 16:10 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_16f61d5d-65e7-4467-a486-3591a1b46a30
2023-03-19 18:05 - 2023-03-19 18:05 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_1f49b89b-508e-434a-a169-a5d6151ce258
2023-03-07 16:03 - 2023-03-07 16:03 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_21231b16-1748-4a09-bfce-0217820d63f1
2023-04-14 21:12 - 2023-04-14 21:12 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_21647087-8980-4832-8093-c5cf4dc993f3
2023-03-21 08:40 - 2023-03-21 08:40 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_23296d89-91a9-4ad6-9dd8-f809db2ff184
2023-04-23 07:19 - 2023-04-23 07:19 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_2343d41e-364b-419e-a785-c7384ee1d4e0
2023-04-11 08:36 - 2023-04-11 08:36 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_251fd2cc-8850-48b4-9448-ed8e65412ddf
2023-04-09 07:39 - 2023-04-09 07:39 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_29fe7e17-d016-48da-9163-3467b4715d0a
2023-04-14 23:55 - 2023-04-14 23:55 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_2aa3bee4-cf1f-43b9-973b-8f070255f65a
2023-03-24 08:41 - 2023-03-24 08:41 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_2e960bb5-421c-45cd-a27f-3eabb0902982
2023-03-17 21:24 - 2023-03-17 21:24 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_317b2c2b-368b-4e2f-94cf-319f09e3a996
2023-04-01 07:53 - 2023-04-01 07:53 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_337fc4c2-5751-4266-ae75-2634c5af4b12
2023-03-11 18:44 - 2023-03-11 18:44 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_3455c942-f512-4133-b870-1ca837d3d5bd
2023-03-10 18:18 - 2023-03-10 18:18 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_36273902-8058-4608-accb-a16c50782757
2023-03-23 08:33 - 2023-03-23 08:33 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_3858da51-8559-4b82-bbb3-8f89e86850f4
2023-03-26 11:48 - 2023-03-26 11:48 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_3b0f8b40-ed38-4dac-b36b-c5a85046090e
2023-05-10 08:47 - 2023-05-10 08:47 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_3c661654-fa87-46b8-8fe6-2cbff0e028de
2023-05-02 15:10 - 2023-05-02 15:10 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_3c9fc3c9-5ae5-4831-b2ae-a2cb9d985219
2023-04-01 11:58 - 2023-04-01 11:58 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_3ed0706b-4899-4249-a917-e3ed42f69469
2023-03-12 05:51 - 2023-03-12 05:51 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_42539a5b-e2d5-4078-9277-a8bfba72b098
2023-03-31 15:18 - 2023-03-31 15:18 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_42f7ce74-f242-4222-a8ec-4a5130feee6f
2023-03-11 15:59 - 2023-03-11 15:59 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_48ea5004-cf16-4684-9b8a-440baf3f5920
2023-05-11 17:33 - 2023-05-11 17:33 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_4b662294-dbdc-42f1-bed4-ffa0fe891526
2023-04-17 08:43 - 2023-04-17 08:43 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_4c67e263-6085-479f-b9d7-665847fd101c
2023-04-23 07:18 - 2023-04-23 07:18 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_4fabde57-0ad5-4040-9a13-e76566ee9e42
2023-05-12 08:39 - 2023-05-12 08:39 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_50cbc67d-36dc-4fc5-aeda-146d431ee334
2023-03-27 08:39 - 2023-03-27 08:39 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_523ecea6-e719-4cd4-b9d1-6b4173b1c0bf
2023-03-07 21:52 - 2023-03-07 21:52 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_52704fa4-6190-4cb4-89ab-d012733168ab
2023-04-21 07:59 - 2023-04-21 07:59 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_53310d59-d265-4635-89f8-0c593eb1ddc4
2023-05-20 09:28 - 2023-05-20 09:28 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_53593b87-2ffe-4ae8-9850-f51be4fe8fd7
2023-05-24 14:53 - 2023-05-24 14:53 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_54fb829e-1ccc-4ea7-9014-a54bfc409768
2023-05-13 10:02 - 2023-05-13 10:02 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_5557f65d-6a56-4f0d-96c7-9b7a19f1beea
2023-05-25 08:53 - 2023-05-25 08:53 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_56bb4a28-7bcc-4628-87c0-af96cde2a21b
2023-04-06 08:41 - 2023-04-06 08:41 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_56ed42d7-b673-4d18-8946-78ab7e53803c
2023-03-06 18:27 - 2023-03-06 18:27 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_5ae60dd4-fa8c-4cbe-9b04-30176acbebfc
2023-05-18 08:34 - 2023-05-18 08:34 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_5c229365-7c30-455f-8601-d2d2c260bb13
2023-03-17 12:09 - 2023-03-17 12:09 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_6007c511-b60c-4158-afe5-15efb53ce1a3
2023-04-14 23:56 - 2023-04-14 23:56 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_671144f2-b520-4a2d-a8f9-6899b1bba232
2023-04-28 13:58 - 2023-04-28 13:58 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_68a5c089-1a00-4e81-99d8-d489e9fa3040
2023-04-18 08:37 - 2023-04-18 08:37 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_691b883e-7568-4132-884c-8a75fefe2210
2023-04-27 09:05 - 2023-04-27 09:05 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_6dc29f94-a576-42c7-8abc-f2d0edd21081
2023-05-21 20:02 - 2023-05-21 20:02 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_70bcf146-1f1f-4b6d-a924-34bee376f72d
2023-03-07 16:03 - 2023-03-07 16:03 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_71033697-dc2c-4729-a39b-e2ba49fc994d
2023-04-02 07:35 - 2023-04-02 07:35 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_7227a35a-0598-45c6-adef-3717fa850ccd
2023-03-06 14:50 - 2023-03-06 14:50 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_72482035-e7b8-4c9e-936a-e8b59fb91c87
2023-03-30 08:34 - 2023-03-30 08:34 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_734e630f-d5f0-4517-ab2e-9d0de0d4c241
2023-03-13 11:12 - 2023-03-13 11:12 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_7d30ae1e-88a6-4f2b-af24-6504de79bc41
2023-05-22 08:33 - 2023-05-22 08:33 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_7de8952c-2f64-4ef7-8d1e-a4a8c1699406
2023-05-01 19:38 - 2023-05-01 19:38 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_7ffbf065-315b-4947-bb48-19ce660ea0f7
2023-04-03 08:38 - 2023-04-03 08:38 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_814ea023-20c8-459f-848a-d11a7dfb71e2
2023-04-08 06:11 - 2023-04-08 06:11 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_81b28452-9d68-4d95-ba94-01a71b7042b5
2023-03-09 08:31 - 2023-03-09 08:31 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_8b2439af-2b84-41df-8c19-cc9f1a5daf8d
2023-03-24 08:41 - 2023-03-24 08:41 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_8be1ef77-6202-45c2-a875-754af3af28c1
2023-04-14 21:12 - 2023-04-14 21:12 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_8e29db2b-67d6-4c9b-8b46-d866b1fe2708
2023-03-24 13:28 - 2023-03-24 13:28 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_8fa2e036-91c7-4334-bd10-f138623d6e65
2023-04-28 13:58 - 2023-04-28 13:58 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_901f3fd4-735f-458f-ad0a-005bbfd81240
2023-03-09 15:38 - 2023-03-09 15:38 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_904a8a26-0e88-451a-8254-6506e26ce4f9
2023-04-18 20:08 - 2023-04-18 20:08 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_915c246b-3645-403a-9f04-76f27bf912a6
2023-04-10 19:12 - 2023-04-10 19:12 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_940c0b54-ef97-427c-b80e-022f1f6390c7
2023-05-20 16:03 - 2023-05-20 16:03 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_988656c0-93a7-46bb-84c4-78b3dc91c320
2023-03-20 08:43 - 2023-03-20 08:43 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_9b52f69f-b827-4f07-aeee-183afcf08bee
2023-03-19 18:04 - 2023-03-19 18:04 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_9c032d33-360b-46e1-bef4-a26213f09215
2023-05-20 09:28 - 2023-05-20 09:28 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_a38fe27f-8ba4-4886-97c1-669a444ee8f8
2023-03-16 13:37 - 2023-03-16 13:37 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_a43697bd-1526-4d6d-8f21-1fe853c0c437
2023-04-19 15:58 - 2023-04-19 15:58 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_aae642ba-424b-4b07-ab34-9e4f38c4ab33
2023-05-13 17:51 - 2023-05-13 17:51 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_ab8ae60f-f2ef-42ca-be06-8e7253845aa0
2023-04-23 22:05 - 2023-04-23 22:05 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_ad273a11-67c2-4550-83ba-1a52d72039f7
2023-03-13 11:13 - 2023-03-13 11:13 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_ae6cfcb2-25c5-437f-9668-7f2957657f28
2023-05-21 08:36 - 2023-05-21 08:36 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_b0550605-2912-4aed-9306-1fc057f2d004
2023-04-15 16:12 - 2023-04-15 16:12 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_b2a8ca66-63d5-42cc-887d-f33c8ad4b70f
2023-04-04 08:34 - 2023-04-04 08:34 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_b75e7424-8e6b-4952-913d-b4f2db195dcb
2023-05-20 16:03 - 2023-05-20 16:03 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_bc563240-88a2-4778-82cc-be49daecba0b
2023-05-11 16:59 - 2023-05-11 16:59 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_bdb200be-6817-454a-a99e-4bc813cacf1e
2023-03-28 08:37 - 2023-03-28 08:37 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_bf80aab1-27d4-4102-806f-5535644262d9
2023-05-05 08:36 - 2023-05-05 08:36 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_c0a4be66-8319-43d7-a333-65afeca40f43
2023-05-16 08:39 - 2023-05-16 08:39 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_c17d83d6-55af-45ae-8c77-dad5d17e2e61
2023-03-08 16:08 - 2023-03-08 16:08 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_c211409d-cec7-428e-9bcb-1e2a5224e5c5
2023-04-22 15:04 - 2023-04-22 15:04 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_c32960d3-5d9d-4d96-9dea-74d49ee0dfc2
2023-03-23 08:33 - 2023-03-23 08:33 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_c634d832-a98c-4cad-b609-43632c5244c2
2023-04-15 19:29 - 2023-04-15 19:29 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_c6eec781-a1c1-4d49-924a-f25a8e70e5e8
2023-04-04 08:34 - 2023-04-04 08:34 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_c90fbecb-8c3b-4d56-a50f-7ee98577c058
2023-03-06 16:06 - 2023-03-06 16:06 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_c922ebcf-ae3e-4b43-a836-8875471fd92d
2023-03-08 16:08 - 2023-03-08 16:08 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_caf55f80-fa0f-4a17-97c6-4d13b99a7743
2023-04-15 16:12 - 2023-04-15 16:12 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_cdb94906-98f9-45c8-a1ee-f8f21d2cdd04
2023-03-15 03:24 - 2023-03-15 03:24 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_d5359549-ccc7-4b03-83d6-949735843414
2023-04-28 10:22 - 2023-04-28 10:22 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_db3bb8ac-d7dc-4d79-a859-158089ccd757
2023-05-22 08:33 - 2023-05-22 08:33 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_de58d318-9280-45fd-a6cd-dbad1abeda0a
2023-05-16 08:40 - 2023-05-16 08:40 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_e57a176b-2ba4-4406-bc6b-d0280c2bfec9
2023-05-12 08:40 - 2023-05-12 08:40 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_e728e7b0-f271-44e5-bfae-eae5c27b4e81
2023-03-15 03:24 - 2023-03-15 03:24 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_eabaec20-519b-4d38-b345-1971cca23a59
2023-03-21 08:40 - 2023-03-21 08:40 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_f3c6cb3f-e74f-4116-b442-a9f89e9d1d4f
2023-04-22 15:04 - 2023-04-22 15:04 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_f480a663-4257-4b7c-94a0-7e65798eba09
2023-04-28 21:18 - 2023-04-28 21:18 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_f56d8cf7-2d21-4cec-9bf2-edf395f799a6
2023-03-25 09:40 - 2023-03-25 09:40 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_f5f4da03-1231-4026-81a9-65e4c74d8633
2023-05-02 22:00 - 2023-05-02 22:00 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_f7ef402a-fd7c-452b-89e4-b05e72dad48c
2023-05-02 15:10 - 2023-05-02 15:10 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_f9a4487c-4c21-4a91-b9fa-cc8a6d722c75
2023-04-14 14:05 - 2023-04-14 14:05 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_fbde3205-bf83-4bfa-952d-6db2230243f0
2023-03-11 15:59 - 2023-03-11 15:59 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_fbdf8431-7269-4df5-9af3-62c5ea55a316
2023-03-10 14:00 - 2023-03-10 14:00 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._32b61e80e22a4b7e536a29bc4b5b96712e3e6_b9562b8d_fe16d1ef-7a4c-4eb3-8f3b-3f2c741b0563
2023-05-23 17:15 - 2023-05-23 17:15 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._37bf207f3fb5cfea7e92b7cf8f55eec881f9010_b9562b8d_22ef3d97-2c48-4824-9efe-b48c159b9b0c
2023-03-04 12:54 - 2023-03-04 12:54 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._a4f42e831585d51e5646dcd2336b765117822bbf_b9562b8d_49042ff2-a346-4cf0-9efb-5c47f6a7f489
2023-03-06 14:50 - 2023-03-06 14:50 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._a4f42e831585d51e5646dcd2336b765117822bbf_b9562b8d_c0194dd1-d704-4a56-b403-4b17651897d8
2023-03-09 15:37 - 2023-03-09 15:37 ____C C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_AudioTekService._b46c1a32c8eee8793c3262e4f577c85dbf95a3_b9562b8d_7c916c77-f62a-4d04-84c7-c6c2adbbc530
2022-08-22 20:02 - 2022-08-22 20:02 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2021-04-15 21:25 - 2021-04-15 21:25 _____ C:\ProgramData\Microsoft\Windows\AppRepository\Packages\5A894077.McAfeeSecurity_2.1.39.0_neutral_split.scale-100_wafk5atnkzcwy
2021-11-13 17:11 - 2023-05-25 08:40 _____ C:\ProgramData\Microsoft\Windows\AppRepository\Packages\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.language-zh-hans_wafk5atnkzcwy
2023-03-12 06:39 - 2023-05-25 08:40 _____ C:\ProgramData\Microsoft\Windows\AppRepository\Packages\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-100_wafk5atnkzcwy
2021-11-13 17:11 - 2023-05-25 08:40 _____ C:\ProgramData\Microsoft\Windows\AppRepository\Packages\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-125_wafk5atnkzcwy
2023-03-12 06:39 - 2023-05-25 08:40 _____ C:\ProgramData\Microsoft\Windows\AppRepository\Packages\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-150_wafk5atnkzcwy
2021-11-13 17:10 - 2021-11-13 17:10 _____ C:\ProgramData\Microsoft\Windows\AppRepository\Packages\5A894077.McAfeeSecurity_2.1.68.0_neutral_~_wafk5atnkzcwy
2021-11-13 17:11 - 2023-05-25 08:40 _____ C:\ProgramData\Microsoft\Windows\AppRepository\Packages\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy
2021-11-13 17:10 - 2023-03-12 06:39 _____ C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.language-zh-hans_wafk5atnkzcwy
2023-03-12 06:39 - 2023-03-12 06:39 _____ C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-100_wafk5atnkzcwy
2021-11-13 17:10 - 2023-03-12 06:39 _____ C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-125_wafk5atnkzcwy
2023-03-12 06:39 - 2023-03-12 06:39 _____ C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-150_wafk5atnkzcwy
2021-11-13 17:10 - 2023-03-12 06:39 _____ C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_neutral_~_wafk5atnkzcwy
2021-11-13 17:10 - 2023-03-12 06:39 _____ C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy
2021-04-15 21:25 - 2021-04-15 21:25 _____ C:\Program Files\WindowsApps\DeletedAllUserPackages\5A894077.McAfeeSecurity_2.1.39.0_neutral_split.scale-100_wafk5atnkzcwy
2023-04-28 10:21 - 2023-05-25 08:40 _____ C:\FRST\Quarantine\C\Windows\System32\Tasks\McAfee
2021-04-15 21:22 - 2023-04-28 10:21 _____ C:\FRST\Quarantine\C\Windows\System32\Tasks\McAfee\McAfee

Registry:
========

===================== Search result for "McAfee" ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{6be14203-35ad-4380-a10e-e7cb19471e44}]
""="McAfee LAM Repair Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\appsync\shell\open\command]
""=""C:\Program Files\McAfee\MSC\mcurl.exe" %1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{05652642-6E8B-462D-81CD-52DB0B9F5AEA}]
""="McAfee Quarantine Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{05652642-6E8B-462D-81CD-52DB0B9F5AEA}\McLocalServer32]
""="\\?\C:\Program Files\McAfee\MfeAV\MFEAvSvc.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{117151a5-951b-477e-91a4-699c7d9d66a2}\InprocServer32]
""="C:\Program Files\McAfee\WebAdvisor\x64\DownloadScan.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{405ddd4a-082d-4c5c-9c64-34e073489cdd}]
""="McAfee LAM Repair Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{405ddd4a-082d-4c5c-9c64-34e073489cdd}\McLocalServer32]
""="\\?\C:\Program Files\McAfee\MfeAV\MFEAvSvc.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5408837F-F829-4B66-BE90-6965B71093E0}\InprocServer32]
""="C:\Program Files\Common Files\McAfee\ModuleCore\McDspBridge.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{55581CED-BB93-4A74-9620-A47C1DB83A8A}]
""="McAfee McShield Reference Counting Class"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{55581CED-BB93-4A74-9620-A47C1DB83A8A}\McLocalServer32]
""="\\?\C:\Program Files\McAfee\MfeAV\MFEAvSvc.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{599A2E47-16D2-468B-ABF6-4E6642EFC460}\InprocServer32]
""="C:\Program Files\McAfee\PCB\PCBApplicationInfo.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5BB20805-B52F-4F73-8518-FD71C4F4E364}\InProcServer32]
""="C:\Program Files\McAfee\MSC\mcsubmgr\19,17,148,0\mcsubmgr.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB7B327F-017C-44BF-892F-229C39F9D514}\InprocServer32]
""="C:\Program Files\McAfee\MSC\mcsubmgr\19,17,148,0\mcsubmgr.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6CF50BC-485D-41DE-A703-14D3E95C0146}\InprocServer32]
""=""C:\Program Files\McAfee\MfeAV\AMSIExt.dll""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E782BE15-9936-4A7F-8DF9-9AB95D229DF1}\InprocServer32]
""="C:\Program Files\Common Files\McAfee\ClientAnalytics\ComAPIProxy.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PackageRepository\Packages\5A894077.McAfeeSecurity_2.1.39.0_neutral_split.scale-100_wafk5atnkzcwy]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PackageRepository\Packages\5A894077.McAfeeSecurity_2.1.39.0_neutral_split.scale-100_wafk5atnkzcwy]
"Path"="C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.39.0_neutral_split.scale-100_wafk5atnkzcwy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PackageRepository\Packages\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.language-zh-hans_wafk5atnkzcwy]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PackageRepository\Packages\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.language-zh-hans_wafk5atnkzcwy]
"Path"="C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.language-zh-hans_wafk5atnkzcwy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PackageRepository\Packages\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-100_wafk5atnkzcwy]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PackageRepository\Packages\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-100_wafk5atnkzcwy]
"Path"="C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-100_wafk5atnkzcwy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PackageRepository\Packages\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-125_wafk5atnkzcwy]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PackageRepository\Packages\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-125_wafk5atnkzcwy]
"Path"="C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-125_wafk5atnkzcwy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PackageRepository\Packages\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-150_wafk5atnkzcwy]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PackageRepository\Packages\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-150_wafk5atnkzcwy]
"Path"="C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-150_wafk5atnkzcwy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PackageRepository\Packages\5A894077.McAfeeSecurity_2.1.68.0_neutral_~_wafk5atnkzcwy]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PackageRepository\Packages\5A894077.McAfeeSecurity_2.1.68.0_neutral_~_wafk5atnkzcwy]
"Path"="C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_neutral_~_wafk5atnkzcwy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PackageRepository\Packages\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PackageRepository\Packages\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy]
"Path"="C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{117151a5-951b-477e-91a4-699c7d9d66a2}\InprocServer32]
""="C:\Program Files\McAfee\WebAdvisor\win32\DownloadScan.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{599A2E47-16D2-468B-ABF6-4E6642EFC460}\InprocServer32]
""="C:\Program Files (x86)\Common Files\McAfee\Platform\mcbr3264.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{5BB20805-B52F-4F73-8518-FD71C4F4E364}\InProcServer32]
""="C:\Program Files (x86)\Common Files\McAfee\Platform\submgr.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{AB7B327F-017C-44BF-892F-229C39F9D514}\InprocServer32]
""="C:\Program Files (x86)\Common Files\McAfee\Platform\submgr.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E6CF50BC-485D-41DE-A703-14D3E95C0146}\InprocServer32]
""=""C:\Program Files\McAfee\MfeAV\AMSIExt_x86.dll""

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{E782BE15-9936-4A7F-8DF9-9AB95D229DF1}\InprocServer32]
""="C:\Program Files\Common Files\McAfee\ClientAnalytics\win32\ComAPIProxy.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\wss-app\shell\open\command]
""=""C:\Program Files\McAfee\MSC\mcurl.exe" %1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]
""="C:\Program Files\McAfee\WebAdvisor\webadvisor_v2.mcafee.chrome.extension.json"

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\NativeMessagingHosts\wss.mcafee.chrome.extension]

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\NativeMessagingHosts\wss.mcafee.chrome.extension]
""="C:\Program Files\McAfee\MSC\wss.mcafee.chrome.extension.json"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]
""="C:\Program Files\McAfee\WebAdvisor\edge.com.mcafee.webadvisor.json"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]
""="C:\Program Files\McAfee\WebAdvisor\edge.com.mcafee.webadvisor_v2.json"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\wss.mcafee.chrome.extension]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\wss.mcafee.chrome.extension]
""="C:\Program Files\McAfee\MSC\wss.mcafee.edge.extension.json"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Fusion\GACChangeNotification\Default]
"McAfee.CSP.ClientAPI,5.1.104.0,,a63667ab4267742d,AMD64"="0xDE9829286697D801"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{FE987762-0FB6-6BB6-1BF1-73F8ED8566FA}]
"DISPLAYNAME"="McAfee VirusScan"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{FE987762-0FB6-6BB6-1BF1-73F8ED8566FA}]
"PRODUCTEXE"="C:\Program Files\McAfee.com\Agent\mcupdate.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{FE987762-0FB6-6BB6-1BF1-73F8ED8566FA}]
"REPORTINGEXE"="C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{C6A3F647-45D9-6AEE-30AE-DACD13562181}]
"DISPLAYNAME"="McAfee Firewall"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{C6A3F647-45D9-6AEE-30AE-DACD13562181}]
"PRODUCTEXE"="C:\Program Files\McAfee.com\Agent\mcupdate.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw\{C6A3F647-45D9-6AEE-30AE-DACD13562181}]
"REPORTINGEXE"="C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Activation\Data\eb]
"Executable"="mcafee-security.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Activation\Data\eb]
"Entrypoint"="mcafee_security.App"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Activation\Data\ec]
"Executable"="mcafee-security.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Activation\Data\ed]
"Executable"="mcafee-security.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Application\Data\1db]
"ApplicationUserModelId"="5A894077.McAfeeSecurity_wafk5atnkzcwy!App"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Application\Data\1db]
"Executable"="mcafee-security.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Application\Data\1db]
"Entrypoint"="mcafee_security.App"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\ApplicationUser\Data\ac]
"ApplicationUserModelId"="5A894077.McAfeeSecurity_wafk5atnkzcwy!App"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\ApplicationUser\Data\ac]
"_IndexKeys"="Application\1db\ac
UserAndApplication\1^1db
UserAndApplicationUserModelId\1^5A894077.McAfeeSecurity_wafk5atnkzcwy!App\ac"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\ApplicationUser\Index\UserAndApplicationUserModelId\1^5A894077.McAfeeSecurity_wafk5atnkzcwy!App]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\461]
"PackageFullName"="5A894077.McAfeeSecurity_2.1.68.0_neutral_~_wafk5atnkzcwy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\461]
"InstalledLocation"="C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_neutral_~_wafk5atnkzcwy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\461]
"_IndexKeys"="PackageFamily\68\461
PackageFullName\5A894077.McAfeeSecurity_2.1.68.0_neutral_~_wafk5atnkzcwy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\462]
"PackageFullName"="5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\462]
"InstalledLocation"="C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\462]
"_IndexKeys"="PackageFamily\68\462
PackageFullName\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\463]
"PackageFullName"="5A894077.McAfeeSecurity_2.1.68.0_neutral_split.language-zh-hans_wafk5atnkzcwy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\463]
"InstalledLocation"="C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.language-zh-hans_wafk5atnkzcwy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\463]
"_IndexKeys"="PackageFamily\68\463
PackageFullName\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.language-zh-hans_wafk5atnkzcwy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\464]
"PackageFullName"="5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-125_wafk5atnkzcwy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\464]
"InstalledLocation"="C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-125_wafk5atnkzcwy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\464]
"_IndexKeys"="PackageFamily\68\464
PackageFullName\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-125_wafk5atnkzcwy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\9fc]
"PackageFullName"="5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-150_wafk5atnkzcwy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\9fc]
"InstalledLocation"="C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-150_wafk5atnkzcwy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\9fc]
"_IndexKeys"="PackageFamily\68\9fc
PackageFullName\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-150_wafk5atnkzcwy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\9fd]
"PackageFullName"="5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-100_wafk5atnkzcwy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\9fd]
"InstalledLocation"="C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-100_wafk5atnkzcwy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Data\9fd]
"_IndexKeys"="PackageFamily\68\9fd
PackageFullName\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-100_wafk5atnkzcwy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Index\PackageFullName\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.language-zh-hans_wafk5atnkzcwy]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Index\PackageFullName\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-100_wafk5atnkzcwy]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Index\PackageFullName\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-125_wafk5atnkzcwy]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Index\PackageFullName\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-150_wafk5atnkzcwy]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Index\PackageFullName\5A894077.McAfeeSecurity_2.1.68.0_neutral_~_wafk5atnkzcwy]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\Package\Index\PackageFullName\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\PackageFamily\Data\68]
"PackageFamilyName"="5A894077.McAfeeSecurity_wafk5atnkzcwy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\PackageFamily\Data\68]
"_IndexKeys"="PackageFamilyName\5A894077.McAfeeSecurity_wafk5atnkzcwy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AppModel\StateRepository\Cache\PackageFamily\Index\PackageFamilyName\5A894077.McAfeeSecurity_wafk5atnkzcwy]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Applications\5A894077.McAfeeSecurity_2.1.68.0_neutral_~_wafk5atnkzcwy]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Applications\5A894077.McAfeeSecurity_2.1.68.0_neutral_~_wafk5atnkzcwy]
"Path"="C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_neutral_~_wafk5atnkzcwy\AppxMetadata\AppxBundleManifest.xml"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deleted\Upgrade\S-1-5-21-1953523510-4150578024-2247769738-1001\5A894077.McAfeeSecurity_wafk5atnkzcwy]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deleted\Upgrade\S-1-5-21-1953523510-4150578024-2247769738-1001\5A894077.McAfeeSecurity_wafk5atnkzcwy\5A894077.McAfeeSecurity_2.1.68.0_neutral_~_wafk5atnkzcwy]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\S-1-5-18\5A894077.McAfeeSecurity_2.1.68.0_neutral_~_wafk5atnkzcwy]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\S-1-5-18\5A894077.McAfeeSecurity_2.1.68.0_neutral_~_wafk5atnkzcwy]
"Path"="C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_neutral_~_wafk5atnkzcwy\AppxMetadata\AppxBundleManifest.xml"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\S-1-5-21-1953523510-4150578024-2247769738-1001\5A894077.McAfeeSecurity_2.1.68.0_neutral_~_wafk5atnkzcwy]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\S-1-5-21-1953523510-4150578024-2247769738-1001\5A894077.McAfeeSecurity_2.1.68.0_neutral_~_wafk5atnkzcwy]
"Path"="C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_neutral_~_wafk5atnkzcwy\AppxMetadata\AppxBundleManifest.xml"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\InstallService\State\CategoryCache]
"50784a52-089b-eb35-112c-8c567a3bb960MY"="{"FulfillmentData":"{\"ProductId\":\"9N1SQW2NKPDS\",\"SkuId\":\"0010\",\"PackageFamilyName\":\"5A894077.McAfeeSecurity_wafk5atnkzcwy\",\"WuCategoryId\":\"b092a787-b751-4617-a0c6-ccdf6c614a00\"}"}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform]
"McAfee"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\RuntimeExceptionHelperModules]
"C:\Program Files\Common Files\McAfee\Sustainability\LamRepair.dll"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\WicaAvPathsExpiredTemp]
"0"="C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]
""="C:\Program Files\McAfee\WebAdvisor\webadvisor.mcafee.firefox.extension.json"

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]
""="C:\Program Files\McAfee\WebAdvisor\webadvisor_v2.mcafee.firefox.extension.json"

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\NativeMessagingHosts\wss.mcafee.chrome.extension]

[HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\NativeMessagingHosts\wss.mcafee.chrome.extension]
""="C:\Program Files\McAfee\MSC\wss.mcafee.firefox.extension.json"

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Chrome\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Chrome\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]
""="C:\Program Files\McAfee\WebAdvisor\webadvisor_v2.mcafee.chrome.extension.json"

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Chrome\NativeMessagingHosts\wss.mcafee.chrome.extension]

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Chrome\NativeMessagingHosts\wss.mcafee.chrome.extension]
""="C:\Program Files\McAfee\MSC\wss.mcafee.chrome.extension.json"

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Edge\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Edge\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]
""="C:\Program Files\McAfee\WebAdvisor\edge.com.mcafee.webadvisor.json"

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Edge\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Edge\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]
""="C:\Program Files\McAfee\WebAdvisor\edge.com.mcafee.webadvisor_v2.json"

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Edge\NativeMessagingHosts\wss.mcafee.chrome.extension]

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Edge\NativeMessagingHosts\wss.mcafee.chrome.extension]
""="C:\Program Files\McAfee\MSC\wss.mcafee.edge.extension.json"

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform]
"McAfee"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Mozilla\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Mozilla\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension]
""="C:\Program Files\McAfee\WebAdvisor\webadvisor.mcafee.firefox.extension.json"

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Mozilla\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Mozilla\NativeMessagingHosts\webadvisor.mcafee.chrome.extension]
""="C:\Program Files\McAfee\WebAdvisor\webadvisor_v2.mcafee.firefox.extension.json"

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Mozilla\NativeMessagingHosts\wss.mcafee.chrome.extension]

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Mozilla\NativeMessagingHosts\wss.mcafee.chrome.extension]
""="C:\Program Files\McAfee\MSC\wss.mcafee.firefox.extension.json"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-1953523510-4150578024-2247769738-1001]
"5A894077.McAfeeSecurity_wafk5atnkzcwy"="0x7680F14B2C71D90100000000000000000100000002000000"

[HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MrtCache\C:%5CProgram Files%5CWindowsApps%5C5A894077.McAfeeSecurity_2.1.39.0_x64__wafk5atnkzcwy%5Cresources.pri]

[HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MrtCache\C:%5CProgram Files%5CWindowsApps%5C5A894077.McAfeeSecurity_2.1.39.0_x64__wafk5atnkzcwy%5Cresources.pri\1d731fade6b50a5\bdcd4f7b]
"@{C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.39.0_x64__wafk5atnkzcwy\resources.pri? ms-resource:///resources/DisplayName}"="McAfee® Personal Security"

[HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MrtCache\C:%5CProgram Files%5CWindowsApps%5C5A894077.McAfeeSecurity_2.1.60.0_x64__wafk5atnkzcwy%5Cresources.pri]

[HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MrtCache\C:%5CProgram Files%5CWindowsApps%5C5A894077.McAfeeSecurity_2.1.60.0_x64__wafk5atnkzcwy%5Cresources.pri\1d73e735899e896\bdcd4f7b]
"@{C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.60.0_x64__wafk5atnkzcwy\resources.pri? ms-resource:///resources/DisplayName}"="McAfee® Personal Security"

[HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MrtCache\C:%5CProgram Files%5CWindowsApps%5C5A894077.McAfeeSecurity_2.1.60.0_x64__wafk5atnkzcwy%5Cresources.pri\1d73e735899e896\e3b6e6f6]
"@{C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.60.0_x64__wafk5atnkzcwy\resources.pri? ms-resource:///resources/DisplayName}"="McAfee® Personal Security"

[HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MrtCache\C:%5CProgram Files%5CWindowsApps%5C5A894077.McAfeeSecurity_2.1.67.0_x64__wafk5atnkzcwy%5Cresources.pri]

[HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MrtCache\C:%5CProgram Files%5CWindowsApps%5C5A894077.McAfeeSecurity_2.1.67.0_x64__wafk5atnkzcwy%5Cresources.pri\1d7abb74e4767cb\e3b6e6f6]
"@{C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.67.0_x64__wafk5atnkzcwy\resources.pri? ms-resource:///resources/DisplayName}"="McAfee® Personal Security"

[HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MrtCache\C:%5CProgram Files%5CWindowsApps%5C5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy%5Cresources.pri]

[HKEY_USERS\.DEFAULT\Software\Classes\Local Settings\MrtCache\C:%5CProgram Files%5CWindowsApps%5C5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy%5Cresources.pri\1d7d86e738a14ec\e3b6e6f6]
"@{C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\resources.pri? ms-resource:///resources/DisplayName}"="McAfee® Personal Security"

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Microsoft\0cd3c5ed]
"AV"="McAfee VirusScan"

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\mcafee.com]

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\messages.mcafee.com]

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Microsoft\Phone\ShellUI\WindowSizing\5A894077.McAfeeSecurity_wafk5atnkzcwy!App]

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Microsoft\UserData\UninstallTimes]
"5A894077.McAfeeSecurity_wafk5atnkzcwy"="0xBC17DF74A18ED901"

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"McAfee.McAgent"="844"

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"{6D809377-6AF0-444B-8957-A3773F02200E}\McAfee\WebAdvisor\uihost.exe"="13"

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\ShowJumpView]
"McAfee.McAgent"="35"

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\ShowJumpView]
"{6D809377-6AF0-444B-8957-A3773F02200E}\McAfee\WebAdvisor\uihost.exe"="8"

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\ShowJumpView]
"5A894077.McAfeeSecurity_wafk5atnkzcwy!App"="1"

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Namespace\packagestate\5a894077.mcafeesecurity_wafk5atnkzcwy-0]

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\SyncData\Namespace\packagestate\5a894077.mcafeesecurity_wafk5atnkzcwy-0]

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Telemetry\SaveKnowledgeLastSuccess]
"packagestate-5a894077.mcafeesecurity_wafk5atnkzcwy-0"="0xBE17AD4DAC4AD701"

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HostActivityManager\CommitHistory\5A894077.McAfeeSecurity_wafk5atnkzcwy!App]

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Classes\Local Settings\MrtCache\C:%5CProgram Files%5CWindowsApps%5C5A894077.McAfeeSecurity_2.1.67.0_x64__wafk5atnkzcwy%5Cmicrosoft.system.package.metadata%5CS-1-5-21-1953523510-4150578024-2247769738-1001-MergedResources-6.pri]

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Classes\Local Settings\MrtCache\C:%5CProgram Files%5CWindowsApps%5C5A894077.McAfeeSecurity_2.1.67.0_x64__wafk5atnkzcwy%5Cmicrosoft.system.package.metadata%5CS-1-5-21-1953523510-4150578024-2247769738-1001-MergedResources-6.pri\1d7abb74f8cd70b\955de0de]
"@{5A894077.McAfeeSecurity_2.1.67.0_x64__wafk5atnkzcwy?ms-resource://5A894077.McAfeeSecurity/Resources/DisplayName}"="McAfee® Personal Security"

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Classes\Local Settings\MrtCache\C:%5CProgram Files%5CWindowsApps%5C5A894077.McAfeeSecurity_2.1.67.0_x64__wafk5atnkzcwy%5Cmicrosoft.system.package.metadata%5CS-1-5-21-1953523510-4150578024-2247769738-1001-MergedResources-6.pri\1d7abb74f8cd70b\955de0de]
"@{5A894077.McAfeeSecurity_2.1.67.0_x64__wafk5atnkzcwy?ms-resource://5A894077.McAfeeSecurity/Files/Assets/SplashScreens/SplashScreen.png}"="C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.67.0_neutral_split.scale-125_wafk5atnkzcwy\Assets\SplashScreens\SplashScreen.scale-125.png"

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Classes\Local Settings\MrtCache\C:%5CProgram Files%5CWindowsApps%5C5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy%5Cmicrosoft.system.package.metadata%5CS-1-5-21-1953523510-4150578024-2247769738-1001-MergedResources-7.pri]

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Classes\Local Settings\MrtCache\C:%5CProgram Files%5CWindowsApps%5C5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy%5Cmicrosoft.system.package.metadata%5CS-1-5-21-1953523510-4150578024-2247769738-1001-MergedResources-7.pri\1d7d87e7373d29b\955de0de]
"@{5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy?ms-resource://5A894077.McAfeeSecurity/Resources/DisplayName}"="McAfee® Personal Security"

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Classes\Local Settings\MrtCache\C:%5CProgram Files%5CWindowsApps%5C5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy%5Cmicrosoft.system.package.metadata%5CS-1-5-21-1953523510-4150578024-2247769738-1001-MergedResources-8.pri]

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Classes\Local Settings\MrtCache\C:%5CProgram Files%5CWindowsApps%5C5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy%5Cmicrosoft.system.package.metadata%5CS-1-5-21-1953523510-4150578024-2247769738-1001-MergedResources-8.pri\1d7d87e7373d29b\955de0de]
"@{5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy?ms-resource://5A894077.McAfeeSecurity/Resources/DisplayName}"="McAfee® Personal Security"

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Classes\Local Settings\MrtCache\C:%5CProgram Files%5CWindowsApps%5C5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy%5Cmicrosoft.system.package.metadata%5CS-1-5-21-1953523510-4150578024-2247769738-1001-MergedResources-8.pri\1d7d87e7373d29b\955de0de]
"@{5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy?ms-resource://5A894077.McAfeeSecurity/Files/Assets/SplashScreens/SplashScreen.png}"="C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-125_wafk5atnkzcwy\Assets\SplashScreens\SplashScreen.scale-125.png"

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Classes\Local Settings\MrtCache\C:%5CProgram Files%5CWindowsApps%5C5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy%5Cmicrosoft.system.package.metadata%5CS-1-5-21-1953523510-4150578024-2247769738-1001-MergedResources-8.pri\1d7d87e7373d29b\955de0de]
"@{5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy?ms-resource://5A894077.McAfeeSecurity/Files/Assets/Logos/AppList/Square44x44Logo.png}"="C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_neutral_split.scale-125_wafk5atnkzcwy\Assets\Logos\AppList\Square44x44Logo.scale-125.png"

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Classes\Local Settings\MrtCache\C:%5CProgram Files%5CWindowsApps%5C5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy%5Cmicrosoft.system.package.metadata%5CS-1-5-21-1953523510-4150578024-2247769738-1001-MergedResources-8.pri\1d7d87e7373d29b\e8460e12]
"@{5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy?ms-resource://5A894077.McAfeeSecurity/Resources/DisplayName}"="McAfee® Personal Security"

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\PolicyCache\5A894077.McAfeeSecurity_wafk5atnkzcwy]

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files\McAfee.com\Agent\McUpdate.exe.FriendlyAppName"="McAfee Update Launcher"

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files\McAfee.com\Agent\McUpdate.exe.ApplicationCompany"="McAfee, LLC"

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files\McAfee\WebAdvisor\uihost.exe.FriendlyAppName"="McAfee WebAdvisor"

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files\McAfee\WebAdvisor\uihost.exe.ApplicationCompany"="McAfee, LLC"

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\Andrew Tan\Downloads\MCPR.exe.FriendlyAppName"="McAfee ESD Package"

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\Andrew Tan\Downloads\MCPR.exe.ApplicationCompany"="McAfee, LLC"

===================== Search result for "XUService" ==========

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]
"XUService.exe"="0x020000000000000000000000"

===================== Search result for "AudioTekService" ==========

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]
"AudioTekService"="0x020000000000000000000000"

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AudioTekService"="C:\Users\Andrew Tan\AppData\Local\AudioTekService.exe"

[HKEY_USERS\S-1-5-21-1953523510-4150578024-2247769738-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\Andrew Tan\AppData\Local\AudioTekService.exe"="0x5341435001000000000000000700000028000000001200000000000001000000000000000000000A6522000050BB64EDDDACD50100000000000000000200000028000000000000000000004010000000000000000000000000000000E4980000000000007400000074000000"

====== End of Search ======

Attached Files

Fixlog.txt 23.54KB 2 downloads
Search.txt 291.75KB 2 downloads
AdwCleanerS49.txt 6.54KB 2 downloads

Edited by Oh My!, 24 May 2023 - 08:48 PM.

#5 Oh My!

Adware and Spyware and Malware

Malware Response Instructor
62,344 posts
ONLINE

Gender:Male
Location:California
Local time:06:19 PM

Posted 24 May 2023 - 09:05 PM

Greetings.

Please do this now.

===================================================

Farbar Recovery Scan Tool - Run Fix in Safe Mode Using Attached File

--------------------

Please download and save it in the same location as FRST.exe (example, Desktop, USB device) <<< Important
Boot into Safe Mode using the From the sign-in screen instructions
Right click on FRST and select Run as administrator
Click Fix and once completed your computer will reboot.
The tool will create a log on the desktop called Fixlog.txt
Attach the report to your reply

Fixlog

#6 wilsontanaeeee

Topic Starter

Members
107 posts
OFFLINE

Local time:09:19 AM

Posted 25 May 2023 - 07:22 PM

Sorry for the late reply!
Here you go!

Attached Files

Fixlog.txt 212.18KB 3 downloads

#7 Oh My!

Adware and Spyware and Malware

Malware Response Instructor
62,344 posts
ONLINE

Gender:Male
Location:California
Local time:06:19 PM

Posted 25 May 2023 - 08:18 PM

Thank you.

Can you update me on your computer performance?

#8 wilsontanaeeee

Topic Starter

Members
107 posts
OFFLINE

Local time:09:19 AM

Posted 25 May 2023 - 10:25 PM

It is much better and smoother, no more insane GPU Usage or XMRig Miner popping up in task manager.
Thank you.

#9 Oh My!

Adware and Spyware and Malware

Malware Response Instructor
62,344 posts
ONLINE

Gender:Male
Location:California
Local time:06:19 PM

Posted 26 May 2023 - 07:44 AM

Very good.

I would like us to run an online scan. Please do this.

===================================================

ESET Online Scanner

--------------------

Note: You can expect this process to take a long time, up to several hours or more.

Download ESET Free Online Scanner and save it to your Desktop
Right click on esetonlinescanner_enu.exe and select Run as administrator
NOTE: If the program immediately crashes rename esetonlinescanner_enu.exe to ESET.exe and attempt it again
Click Computer Scan
Click Full scan
Select Enable ESET to detect and quarantine potentially unwanted applications
Click Start scan
Once completed click Save scan log and save it to your Desktop as ESETScan.txt
Click Continue then finally click Close
Copy and paste the ESETScan.txt file contents in your reply

ESET report

#10 wilsontanaeeee

Topic Starter

Members
107 posts
OFFLINE

Local time:09:19 AM

Posted 27 May 2023 - 06:47 AM

I am sorry if it's taking a while.
It's taking quite a mediocre time.

#11 wilsontanaeeee

Topic Starter

Members
107 posts
OFFLINE

Local time:09:19 AM

Posted 27 May 2023 - 06:55 AM

Here it is, and lately XMRig Miner started popping up in task manager.
It was much more swift at hiding too.

27/5/2023 19:51:25 PM
Files scanned: 819850
Detected files: 7
Cleaned files: 7
Total scan time 03:03:12
Scan status: Finished
C:\Users\Andrew Tan\AppData\Local\Temp\XR.exe a variant of Win64/CoinMiner.IZ potentially unwanted application cleaned by deleting (after the next restart)

C:\Users\Andrew Tan\AppData\Roaming\Krnl\KrnlUI.exe a variant of MSIL/DllInject.BAE potentially unsafe application cleaned by deleting

C:\Users\Andrew Tan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OBEBroker.exe a variant of Generik.HXYYDHB trojan cleaned by deleting

C:\Users\Andrew Tan\Documents\Desktop\windows backup\old krnl\krnl\krnlss.exe a variant of MSIL/DllInject.AFV potentially unsafe application cleaned by deleting

C:\Users\Andrew Tan\Documents\Desktop\windows backup\old krnl\krnl_bootstrapper.exe a variant of MSIL/GameTool.EE potentially unsafe application cleaned by deleting

C:\Users\Andrew Tan\Downloads\Human Fall Flat v1075942 by Blue GAMING MASTER\Human_Data\Plugins\steam_api64.dll Win64/HackTool.Crack.AH potentially unsafe application cleaned by deleting

Autostart locations multiple detections,a variant of Win64/CoinMiner.IZ potentially unwanted application,a variant of Generik.HXYYDHB trojan cleaned by deleting

Attached Files

ESETScan.txt 2.48KB 2 downloads

Edited by Oh My!, 27 May 2023 - 01:54 PM.

#12 Oh My!

Adware and Spyware and Malware

Malware Response Instructor
62,344 posts
ONLINE

Gender:Male
Location:California
Local time:06:19 PM

Posted 27 May 2023 - 01:55 PM

Thank you for the report.

ESET detected additional CoinMiner entries. Have you seen evidence of XMRig Miner after the ESET Scan completed?

#13 wilsontanaeeee

Topic Starter

Members
107 posts
OFFLINE

Local time:09:19 AM

Posted 27 May 2023 - 08:58 PM

Yes, it was downloaded again itself in %temp%.

I restarted my computer whilst looking at the ESETScan.txt

Attached Files

image.png 5.32KB 0 downloads

#14 Oh My!

Adware and Spyware and Malware

Malware Response Instructor
62,344 posts
ONLINE

Gender:Male
Location:California
Local time:06:19 PM

Posted 27 May 2023 - 09:08 PM

OK, please run another FRST Scan and copy and paste the reports in your reply.

#15 wilsontanaeeee

Topic Starter

Members
107 posts
OFFLINE

Local time:09:19 AM

Posted 27 May 2023 - 10:14 PM

Here you go

Attached Files

FRST.txt 51.42KB 0 downloads
Addition.txt 47.35KB 0 downloads

Back to Virus, Trojan, Spyware, and Malware Removal Help

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

XMRig Miner

#1 wilsontanaeeee

Attached Files

BC AdBot (Login to Remove)

#2 Oh My!

#3 Oh My!

#4 wilsontanaeeee

Attached Files

#5 Oh My!

#6 wilsontanaeeee

Attached Files

#7 Oh My!

#8 wilsontanaeeee

#9 Oh My!

#10 wilsontanaeeee

#11 wilsontanaeeee

Attached Files

#12 Oh My!

#13 wilsontanaeeee

Attached Files

#14 Oh My!

#15 wilsontanaeeee

Attached Files

1 user(s) are reading this topic

Sign In