level1.exe malware appears on reboot

PC was sluggish so decided to do a malwarebytes scan.  Found quite a few pieces of malware which were quarantined.  Also ran SuperAntiSpyware which got leftovers.  I then did a reboot.  

I noticed when Windows first starts, there's two Admin Cmd prompt windows that appeared quickly and then went away.  I then got an error saying WinXBlueRay.exe cannot start.

I went into the msconfig startup folder and changed this exe to disabled.

I ran malwarebytes through again and it again found the same malware it previously removed so something is occurring upon startup.  It's placing the level1.exe here: C:\Users\Phil\AppData\Local\Desktop_inni

I've deleted this exe from the folder for now and have not rebooted again.  

Seems like a persistent infection and would like some help getting it fully removed as well as ensure nothing else is leftover.

Thanks

Greetings and to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

===================================================

Ground Rules:

• First, please keep in mind most of us at BleepingComputer volunteer our assistance for your benefit in your time of need. Please try to match our commitment to you with your patience toward us.
• It is important to not run any tools or take any steps other than those I will provide for you.
• Please perform all steps in the order they are listed. If things are not clear or you experience problems be sure to stop and let me know.
• Please copy and paste all logs into your post unless otherwise requested.
• When your computer is clean I will let you know, provide instructions to remove tools and reports, and offer you information about how you can combat future infections.
• If you do not reply to your topic after 5 days I will assume it has been abandoned and I will close it.

===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and let me know.

Unfortunately there is evidence of unauthorized/illegal software on your computer. I am going to request you completely uninstall all Microsoft, Adobe and all other products requiring proper activation for which you do not have a valid Product Key, including all "cracked" software. If you prefer to leave the program(s) on your computer let me know that and I will be closing the Topic.

If you are willing to remove all cracked software please complete the following after removal.

===================================================

ESET Online Scanner

--------------------

Note: You can expect this process to take a long time, up to several hours or more.

• Download ESET Free Online Scanner and save it to your Desktop
• Right click on esetonlinescanner_enu.exe and select Run as administrator
• Click Computer Scan
• Click Full scan
• Select Enable ESET to detect and quarantine potentially unwanted applications
• Click Start scan
• Once completed click Save scan log and save it to your Desktop as ESETScan.txt
• Click Continue then finally click Close
• Copy and paste the ESETScan.txt file contents in your reply

===================================================

Run a new FRST scan and copy/paste both reports in your reply.

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.

• ESET report
• FRST reports

Edited by Oh My!, 21 March 2024 - 09:34 AM.

Hi Gary

Please bare with me as this is a family shared PC and have accumulated so much stuff on it over the years.  I believe I uninstalled all Microsoft/ Adobe products.  Can you let me know if there's anything else that needs removing that you see in the logs?

I did run the ESET tool .  And then re-run FRST, let me know if this is what you need.  Thanks

I tried posting Addition.txt here but it keeps saying the post is too long - so instead have attached it.  Thanks

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.03.2024
Ran by Phil (21-03-2024 13:23:39)
Running from C:\Users\Phil\Downloads
Microsoft Windows 10 Home Version 22H2 19045.4170 (X64) (2020-08-30 10:18:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1483475722-1219764467-3277934236-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1483475722-1219764467-3277934236-503 - Limited - Disabled)
Guest (S-1-5-21-1483475722-1219764467-3277934236-501 - Limited - Enabled)
Phil (S-1-5-21-1483475722-1219764467-3277934236-1001 - Administrator - Enabled) => C:\Users\Phil
WDAGUtilityAccount (S-1-5-21-1483475722-1219764467-3277934236-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Active Directory Authentication Library for SQL Server (HKLM\...\{4EE99065-01C6-49DD-9EC6-E08AA5B13491}) (Version: 14.0.1000.169 - Microsoft Corporation)
Add or Remove Adobe Creative Suite 3 Master Collection (HKLM-x32\...\Adobe_4dcfd9b7e901b57f81f667144603236) (Version: 1.0 - Adobe Systems Incorporated)
adobe (HKLM\...\{20FD3B0E-D450-488F-AB68-7DA0EC0E4913}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS3 Presets (HKLM-x32\...\{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}) (Version: 8 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS3 (HKLM-x32\...\{90176341-0A8B-4CCC-A78D-F862228A6B95}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (HKLM-x32\...\{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}) (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Audition CC 2017 (HKLM-x32\...\AUDT_10_1_1) (Version: 10.1.1 - Adobe Systems Incorporated)
Adobe Bridge CS3 (HKLM-x32\...\{9C9824D9-9000-4373-A6A5-D0E5D4831394}) (Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (HKLM-x32\...\{08B32819-6EEF-4057-AEDA-5AB681A36A23}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe BridgeTalk Plugin CS3 (HKLM-x32\...\{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (HKLM-x32\...\{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}) (Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (HKLM-x32\...\{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific (HKLM-x32\...\{A2D81E70-2A98-4A08-A628-94388B063C5E}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (HKLM-x32\...\{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Extra Settings (HKLM-x32\...\{51846830-E7B2-4218-8968-B77F0FF475B8}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (HKLM-x32\...\{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Recommended Settings (HKLM-x32\...\{95655ED4-7CA5-46DF-907F-7144877A32E5}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 3 Master Collection (HKLM-x32\...\{8718DC03-D066-4957-94E5-50C3C5042E8E}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS3 (HKLM-x32\...\{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (HKLM-x32\...\{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit 2 (HKLM-x32\...\{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS3 (HKLM-x32\...\{BE5F3842-8309-4754-92D5-83E02E6077A3}) (Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 9 ActiveX (HKLM-x32\...\{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}) (Version: 9.0.45.0 - Adobe Systems, Inc.)
Adobe Flash Player 9 Plugin (HKLM-x32\...\{88D422DB-E9C7-4E16-9D80-2999F4FD6AD9}) (Version: 9.0.45.0 - Adobe Systems, Inc.)
Adobe Fonts All (HKLM-x32\...\{6ABE0BEE-D572-4FE8-B434-9E72A289431B}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (HKLM-x32\...\{7ACFB90E-8FD0-4397-AD3A-5195412623A3}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS3 Icon Handler (HKLM-x32\...\{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (HKLM-x32\...\{54793AA1-5001-42F4-ABB6-C364617C6078}) (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe MotionPicture Color Files (HKLM-x32\...\{6B708481-748A-4EB4-97C1-CD386244FF77}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (HKLM-x32\...\{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}) (Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (HKLM-x32\...\{4458C442-7376-4CF9-AF58-E8CEA6722363}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe SING CS3 (HKLM-x32\...\{B671CBFD-4109-4D35-9252-3062D3CCB7B2}) (Version: 0.1 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos CS3 (HKLM-x32\...\{29E5EA97-5F74-4A57-B8B2-D4F169117183}) (Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (HKLM-x32\...\{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (HKLM-x32\...\{E69AE897-9E0B-485C-8552-7841F48D42D8}) (Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (HKLM-x32\...\{D0DFF92A-492E-4C40-B862-A74A173C25C5}) (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Video Profiles (HKLM-x32\...\{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe WAS CS3 (HKLM-x32\...\{C5BD220A-EFE8-48A5-B70E-9503D535FACE}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (HKLM-x32\...\{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP DVA Panels CS3 (HKLM-x32\...\{0224CACC-994D-45F8-B973-D65056EA9C2F}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (HKLM-x32\...\{D5A31AB1-345D-47C7-A87B-036A669F6DF1}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
AHV content for Acrobat and Flash (HKLM-x32\...\{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}) (Version: 1 - Adobe Systems Incorporated) Hidden
Amazon.com Fire_Devices (HKLM\...\Fire_Devices Drivers) (Version: 2 - Amazon.com)
ANT Drivers Installer x64 (HKLM\...\{CBEE7F70-D77E-46DB-BB02-B64147DD6453}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Batch Configuration (HKLM-x32\...\{F9F88CAE-A8BB-493A-BC71-B19A8BA38613}) (Version: 3.0.2.6 - hikvision)
BEHRINGER USB AUDIO DRIVER (HKLM\...\USB_AUDIO_DEusb-audio.deBehringer2902) (Version:  - )
Browser for SQL Server 2017 (HKLM-x32\...\{CF8EEB96-E7E7-4EF7-A0A1-559F09953156}) (Version: 14.0.1000.169 - Microsoft Corporation)
Bruteforce Save Data (HKLM-x32\...\Bruteforce Save Data) (Version:  - )
Calibration Update Wizard (HKLM-x32\...\{5A03CEC0-8805-11D4-ADFB-00000EFB3A77}) (Version: 8.20.1 - Toyota Diagnostics)
Celemony Melodyne 5 (HKLM\...\Celemony Melodyne 5_is1) (Version: 5.3.1.018 - Celemony)
Charter TV Player (HKLM-x32\...\{076af162-8f4c-4e36-9013-1673e5cf4d24}) (Version: 6.6 - Charter)
Chrome Remote Desktop Host (HKLM-x32\...\{00B18403-87DD-4C4E-AEB5-045B05B96F35}) (Version: 123.0.6312.16 - Google LLC)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.4.03034 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{EB629A98-5E69-40E8-BA9E-C393899F959D}) (Version: 4.4.03034 - Cisco Systems, Inc.) Hidden
Cisco VideoGuard Player (HKLM-x32\...\{dfc759fd-a56f-4d04-8306-d1480137a065}) (Version: 6.6 - Cisco Systems, Inc)
Cisco Webex Meetings (HKU\S-1-5-21-1483475722-1219764467-3277934236-1001\...\ActiveTouchMeetingClient) (Version: 40.8.5 - Cisco Webex LLC)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Dell Customer Connect (HKLM-x32\...\{99E581C6-471C-46CA-989E-3B17EB7E3F27}) (Version: 1.3.2.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{AB7F2792-2ED1-4C5C-9F28-680E5110BF72}) (Version: 3.1.1018.0 - Dell Products, LP)
Dell Foundation Services (HKLM\...\{AE5E3C86-2633-4DAF-A7F4-C43D1E738BAE}) (Version: 3.1.3300.0 - Dell Inc.)
Dell Help & Support (HKLM\...\{9ACDDC24-55FE-4E7A-B4BD-DD9761F2F8AB}) (Version: 2.0.360.0 - Dell Inc.) Hidden
Dell Help & Support (HKLM-x32\...\InstallShield_{9ACDDC24-55FE-4E7A-B4BD-DD9761F2F8AB}) (Version: 2.0.360.0 - Dell Inc.)
Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.)
Documentation Manager (HKLM\...\{E904139A-DC55-420D-94C7-5D6297F3C385}) (Version: 23.30.0.6 - Intel Corporation) Hidden
Elevated Installer (HKLM-x32\...\{0F6C59A2-5F1D-4D7C-BC90-A0A1A75F4EE9}) (Version: 7.7.1.0 - Garmin Ltd or its subsidiaries) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.1.4.1208 - Foxit Software Inc.)
Fresco Logic USB Display Driver (HKLM\...\{FC11E022-A625-48EA-85EB-AF2AFEF05B06}) (Version: 2.1.34054.0 - Fresco Logic)
Garmin Express (HKLM-x32\...\{50DF005C-1D2C-467A-A39E-10ADEFA83A96}) (Version: 7.7.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{9e0ef45d-b10c-42da-9aab-16200df39d95}) (Version: 7.7.1.0 - Garmin Ltd or its subsidiaries)
GDR 2002 for SQL Server 2017 (KB4293803) (64-bit) (HKLM\...\KB4293803) (Version: 14.0.2002.14 - Microsoft Corporation)
GDR 2014 for SQL Server 2017 (KB4494351) (64-bit) (HKLM\...\KB4494351) (Version: 14.0.2014.14 - Microsoft Corporation)
GDR 2027 for SQL Server 2017 (KB4505224) (64-bit) (HKLM\...\KB4505224) (Version: 14.0.2027.2 - Microsoft Corporation)
GDR 2037 for SQL Server 2017 (KB4583456) (64-bit) (HKLM\...\KB4583456) (Version: 14.0.2037.2 - Microsoft Corporation)
GDR 2042 for SQL Server 2017 (KB5014354) (64-bit) (HKLM\...\KB5014354) (Version: 14.0.2042.3 - Microsoft Corporation)
GDR 2047 for SQL Server 2017 (KB5021127) (64-bit) (HKLM\...\KB5021127) (Version: 14.0.2047.8 - Microsoft Corporation)
GDR 2052 for SQL Server 2017 (KB5029375) (64-bit) (HKLM\...\KB5029375) (Version: 14.0.2052.1 - Microsoft Corporation)
Get Good Drums One Kit Wonder - Architects (HKLM-x32\...\Get Good Drums One Kit Wonder - Architects) (Version: 1.0.0.4 - Get Good Drums)
GetGood Drums Smash and Grab 2 (HKLM\...\Smash and Grab 2_is1) (Version: 2.0.0 - GetGood Drums)
Google Chrome (HKLM-x32\...\{93EB1D27-3378-36DD-ACEC-380FEDB2297B}) (Version: 123.0.6312.58 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Earth Pro (HKLM\...\{3470AD08-85F2-4B1D-8487-FC4750732087}) (Version: 7.3.6.9796 - Google)
H&R Block Massachusetts 2021 (HKLM-x32\...\{482A887B-D7E3-473D-80E2-48FA6F695194}) (Version: 1.21.4201 - H&R Block, Inc.)
H&R Block Massachusetts 2022 (HKLM-x32\...\{4E5723A6-0AA2-4415-AF75-7E2CE63713F7}) (Version: 1.22.6201 - H&R Block, Inc.)
H&R Block Massachusetts 2023 (HKLM-x32\...\{F5FBEE1C-A0E1-4B44-86EE-0BABE29D668C}) (Version: 1.23.8701 - HRB Digital, LLC.)
H&R Block Premium + Efile + State 2021 (HKLM-x32\...\{EDB7F331-6C76-4B85-A8EC-764B213E2E51}) (Version: 21.07.6002 - HRB Technology, LLC.)
H&R Block Premium + Efile + State 2022 (HKLM-x32\...\{69654063-D165-4494-A83B-C09105247E97}) (Version: 22.07.7601 - HRB Technology, LLC.)
H&R Block Premium + Efile + State 2023 (HKLM-x32\...\{B0E2C9A7-F1FC-4376-9E0F-065DC3FAC392}) (Version: 23.07.8301 - HRB Technology, LLC.)
HandBrake 1.0.1 (HKLM-x32\...\HandBrake) (Version: 1.0.1 - )
Intel Driver && Support Assistant (HKLM-x32\...\{63B67EA4-4AE1-4A45-A67D-21318B4345EF}) (Version: 23.4.39.9 - Intel) Hidden
Intel Driver && Support Assistant (HKLM-x32\...\{7D392FB7-64D5-4813-B7F7-8AA462D3968D}) (Version: 23.4.39.9 - Intel) Hidden
Intel Extreme Tuning Utility (HKLM-x32\...\{7afa48c7-9901-40fa-8f9b-f0707e2bc5b6}) (Version: 6.2.0.24 - Intel Corporation)
Intel® Chipset Device Software (HKLM\...\{8C91A5EB-2C62-4A6D-8802-CC79FD2ED390}) (Version: 10.1.1.7 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel® Corporation) Hidden
Intel® Computing Improvement Program (HKLM\...\{15E71D2B-4046-4B9D-A8BB-EBFC5CC12D86}) (Version: 2.4.10717 - Intel Corporation)
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.10900.330 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{5BD7E621-9791-4D9F-A620-1BA51153B749}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{EC465D35-92DC-4DAE-9EA8-01215688F709}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Driver (HKLM\...\{AC411813-5A0B-4960-882D-481BEEDC24E0}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.6859 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.16.1063 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{9503AD68-6198-4081-9F57-1F346D7B58D4}) (Version: 14.8.16.1063 - Intel Corporation) Hidden
Intel® Serial IO (HKLM\...\{51788BA4-D93F-4E7B-BA13-ACC88E7803DB}) (Version: 30.100.1519.07 - Intel Corporation) Hidden
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® WiDi (HKLM\...\{C7CD6D54-26AF-4D93-B06F-D81ACE8624CB}) (Version: 6.0.40.0 - Intel Corporation)
Intel® WiDi Software Asset Manager (HKLM-x32\...\{5B5CD20C-29F0-4857-A4FA-A4F4C716B019}) (Version: 1.1.347 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000030-0230-1033-84C8-B8D95FA3C8C3}) (Version: 23.30.0.3 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{b82e9573-04fb-4a9d-819f-6c358a1cf31a}) (Version: 23.4.39.9 - Intel)
Intel® Driver & Support Assistant (HKLM-x32\...\{ecbee3cf-26b3-4f27-854c-e2e16b3f7fa9}) (Version: 23.4.39.9 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{5a64c890-83f9-4399-b0c9-5e9a80890fdd}) (Version: 21.40.1 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{68A981A0-ED59-41E0-B45E-7A78F643120D}) (Version: 21.40.1.3406 - Intel Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{ae13aa25-496e-45dc-86f8-939f17f479f4}) (Version: 23.30.0.6 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (HKLM\...\{7D84E343-A23D-451C-B123-0195B2D903A6}) (Version: 1.42.17.0 - Intel Corporation) Hidden
IPCWebComponents 3.3.0.31 (HKLM-x32\...\{4740E1B2-51CF-4083-8976-D6B3B5A5064F}_is1) (Version: 3.3.0.31 - )
Java 8 Update 73 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Kontakt 7 PORTABLE (HKLM\...\{770F4942-15B1-41AA-9E3E-C77B2CFB1366}_is1) (Version: 7.7.1 - Native Instruments)
LatencyMon 7.31 (HKLM\...\LatencyMon_is1) (Version: 7.31 - Resplendence Software Projects Sp.)
Ledger Live 2.77.2 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.77.2 - Ledger Live Team)
Macrium Reflect Free (HKLM\...\{0D4965D1-6B46-4F0A-B42D-B17056612AE0}) (Version: 8.0.7279 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Free (HKLM\...\MacriumReflect) (Version: v8.0.7279 - Paramount Software (UK) Ltd.)
Malwarebytes version 4.6.6.294 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.6.294 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden
Mazda Toolbox (HKLM-x32\...\Mazda Toolbox) (Version:  - )
Mazda Update Toolbox (HKLM-x32\...\Mazda Update Toolbox) (Version:  - )
MetaTrader 5 (HKLM\...\MetaTrader 5) (Version: 5.00 - MetaQuotes Ltd.)
Microsoft .NET Core Host - 3.1.32 (x64) (HKLM\...\{8A8E3A04-83BC-4CDE-9259-893B666C1AB1}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.32 (x64) (HKLM\...\{ABC6B3C2-1A8D-4C5E-AC16-C2AE44F02743}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM\...\{A741B803-3F0E-4684-81EF-FC128D15A92C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM-x32\...\{784973c8-d618-4ac8-97ed-1fd52c5bdf2f}) (Version: 3.1.32.31915 - Microsoft Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Analysis Services OLE DB Provider (HKLM\...\{0DAD8F2F-38F2-404F-BB26-3DC89F0B53C5}) (Version: 14.0.1000.397 - Microsoft Corporation) Hidden
Microsoft Analysis Services OLE DB Provider (HKLM-x32\...\{CBB32D14-5E5A-4E4A-8EDF-26586322C9E7}) (Version: 14.0.1000.397 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Build Tools 14.0 (amd64) (HKLM\...\{8C918E5B-E238-401F-9F6E-4FB84B024CA2}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Microsoft Build Tools 14.0 (x86) (HKLM-x32\...\{D1437F51-786A-4F57-A99C-F8E94FBA1BD8}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Microsoft Build Tools Language Resources 14.0 (amd64) (HKLM\...\{4B7958F6-4943-4903-B379-9180DC8C2105}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Microsoft Build Tools Language Resources 14.0 (x86) (HKLM-x32\...\{A7E88B38-6886-4474-9D85-A8ABE5FCD80E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\{5730588A-33CA-373C-9D70-F716605B57D2}) (Version: 2.2.23107 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft MPI (7.0.12437.8) (HKLM\...\{8499ACD3-C1E3-45AB-BF96-DA491727EBE1}) (Version: 7.0.12437.8 - Microsoft Corporation)
Microsoft ODBC Driver 13 for SQL Server (HKLM\...\{436C9D0B-5AD2-4E54-83F0-10B7584A971E}) (Version: 14.0.2052.1 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{4D2C56FF-7F36-4B49-A97A-24F0522D41D7}) (Version: 11.3.6540.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2017 (64-bit) (HKLM\...\Microsoft SQL Server SQL2017) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2017 (HKLM-x32\...\Microsoft SQL Server SQL2017) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2017 Policies  (HKLM-x32\...\{256EDCB9-A64D-433C-A1DC-C76F02475915}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft SQL Server 2017 RsFx Driver (HKLM\...\{D5826833-5FD8-4586-BC42-22E38B15DFA4}) (Version: 14.0.2052.1 - Microsoft Corporation) Hidden
Microsoft SQL Server 2017 Setup (English) (HKLM\...\{2E1F5473-30FC-4D5B-B7F0-8EA51CC3EE81}) (Version: 14.0.2052.1 - Microsoft Corporation)
Microsoft SQL Server 2017 T-SQL Language Service  (HKLM\...\{BC247FE3-C61A-4678-86C6-15408F272D57}) (Version: 14.0.17213.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Data-Tier Application Framework (x86) (HKLM-x32\...\{F45421F6-76C3-47EE-8823-7D064A77E1F0}) (Version: 14.0.3881.1 - Microsoft Corporation)
Microsoft SQL Server Management Studio - 17.4 (HKLM-x32\...\{ac84c935-8f13-4f73-b541-7b09a11bdea8}) (Version: 14.0.17213.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2017 (HKLM\...\{9D78F5D4-79D2-4FC6-AC56-F364A0ABC54F}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (HKLM\...\{C596D608-3E74-3232-8CA5-DF1DCB9F10DE}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (HKLM-x32\...\{E5CAE8D2-9F9F-3BEA-AA0F-B5B40611C704}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Debug Runtime - 14.0.23026 (HKLM\...\{B8E14C55-53F6-3693-A74A-77A3C6B96041}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Debug Runtime - 14.0.23026 (HKLM-x32\...\{3CB4E2E8-04EB-371A-9433-4CA0D934B260}) (Version: 14.0.23026 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31931 (HKLM-x32\...\{6ba9fb5e-8366-4cc4-bf65-25fe9819b2fc}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31931 (HKLM-x32\...\{C2662EFF-06E6-4FD1-9D6D-FDCA91025757}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31931 (HKLM-x32\...\{AB1BDF73-7393-42CE-812D-9A90918814D5}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2015 Shell (Isolated) (HKLM-x32\...\{6CFDA13E-A348-315B-820A-603BBCBD7684}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2015 Shell (Isolated) (HKLM-x32\...\{d2981c27-a434-4c9a-96c7-0209e97c4eac}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Visual Studio 2015 Shell (Isolated) Resources (HKLM-x32\...\{446D0B70-F98E-39DA-9CB5-4201D05A91C6}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2015 Shell (Minimum) (HKLM-x32\...\{030A6785-C3A9-37DA-8530-444C320629FA}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2015 Shell (Minimum) Interop Assemblies (HKLM-x32\...\{4443D3F4-A231-35CC-8471-CB60F8A3FE3B}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2015 Shell (Minimum) Resources (HKLM-x32\...\{7FF53256-7BAF-3EFA-91B4-DB65F37EB5E9}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Microsoft Visual Studio Services Hub (HKLM-x32\...\{93CC1063-02A1-4F25-A13A-C351A10D84DD}) (Version: 1.0.23107.00 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{ab213ab7-4792-4c6f-a3fa-8485d06c3475}) (Version: 14.0.23829 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 Finalizer (HKLM-x32\...\{F93E37BD-4053-37CA-A7BB-A5B74508006C}) (Version: 14.0.23829 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2015 Language Support - ENU Language Pack (HKLM-x32\...\{0343F10B-C31B-3A2F-B2C1-C42E84CCAF5E}) (Version: 14.0.23107.20 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2015 Language Support (HKLM-x32\...\{85CEB20F-C2D6-3FDC-9A9D-5957CD88E9E5}) (Version: 14.0.23107.20 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2015 Language Support (HKLM-x32\...\{bd4ef7af-dfb1-472e-8fa4-1b97f360a3e7}) (Version: 14.0.23107.20 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 Language Support Finalizer (HKLM-x32\...\{BF6E6B74-88F5-358F-AB6D-0A42C18F2824}) (Version: 14.0.23107.20 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2015 x64 Hosting Support (HKLM\...\{A8C30947-7C1B-3A31-8FD8-CEC6D3357D34}) (Version: 14.0.23829 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2015 x86 Hosting Support (HKLM-x32\...\{11A9EF3E-6616-31B1-82BC-1080366FA34D}) (Version: 14.0.23829 - Microsoft Corporation) Hidden
Microsoft VSS Writer for SQL Server 2017 (HKLM\...\{20B328C9-C6BB-434A-928A-00F05CD820B8}) (Version: 14.0.1000.169 - Microsoft Corporation)
MotionPro (HKLM\...\MotionPro VPN Client) (Version: 9.4.0.0 - Array Networks)
Mozilla Firefox (x64 en-US) (HKU\S-1-5-21-1483475722-1219764467-3277934236-1001\...\Mozilla Firefox 123.0.1 (x64 en-US)) (Version: 123.0.1 - Mozilla)
MyHarmony (HKLM-x32\...\{2AD8F8A1-ECE5-4890-BCC2-B4396370A0D4}) (Version: 1.0.308 - Logitech)
NVIDIA Graphics Driver 546.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 546.17 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OSCAR (HKLM\...\{FC6F08E6-69BF-4469-ADE3-78199288D305}_is1) (Version: 1.5.1-Win64-dd495e23 - The OSCAR Team)
Paragon Hard Disk Manager™ 15 Suite (HKLM\...\{29258311-EA49-11DE-967C-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PdaNet+ for Android 4.18 (HKLM-x32\...\PdaNet_is1) (Version:  - June Fabrics Technology Inc)
PDF Settings (HKLM-x32\...\{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Player Location Check (HKLM-x32\...\{F0753064-8D66-41A7-9F23-7691290387BF}) (Version: 4.0.0.7 - GeoComply)
PreSonus Studio One 6 (HKLM\...\Studio One 6_is1) (Version: 6.5.0 - PreSonus)
Private Internet Access (HKLM\...\{33023371-7761-4F81-BBB1-0E0D0D175ACF}) (Version: 3.5.5+08091 - Private Internet Access, Inc.)
Private Internet Access WinTUN Driver (HKLM\...\{0419A0C0-4CC8-459E-9BAE-F3BF5D2E2CCB}) (Version: 1.0 - Private Internet Access, Inc.) Hidden
Product Registration (HKLM\...\{C1600AC7-74E3-4BB5-8B42-B13653792252}) (Version: 2.2.38.0 - Dell Inc.) Hidden
Product Registration (HKLM-x32\...\InstallShield_{C1600AC7-74E3-4BB5-8B42-B13653792252}) (Version: 2.2.38.0 - Dell Inc.)
Python 3.12.1 (64-bit) (HKU\S-1-5-21-1483475722-1219764467-3277934236-1001\...\{86e52725-ef45-452f-ac4c-b8958718bfea}) (Version: 3.12.1150.0 - Python Software Foundation)
Python 3.12.1 Core Interpreter (64-bit) (HKLM\...\{AC82C1A3-9597-40F2-893D-F02F778FBA4D}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 Development Libraries (64-bit) (HKLM\...\{8C53CBDD-4DAF-426F-9478-6C7C2920CDDA}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 Documentation (64-bit) (HKLM\...\{62667662-A580-409C-8044-55B06F774AE2}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 Executables (64-bit) (HKLM\...\{44BC9F9C-15C2-46C1-B88D-3135A9DA555F}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 pip Bootstrap (64-bit) (HKLM\...\{1662F43B-2337-4FD8-8CE6-BEA38FC94DD4}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 Standard Library (64-bit) (HKLM\...\{47957EE3-0E23-4075-B825-F202E913670F}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 Tcl/Tk Support (64-bit) (HKLM\...\{926CDC62-3AE2-422B-9858-D6EC3BAD473F}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python 3.12.1 Test Suite (64-bit) (HKLM\...\{E309AE00-4FB1-4817-9172-7E198668375D}) (Version: 3.12.1150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{4C8D4EC3-F620-4CEE-8BAD-B59A3C6815F3}) (Version: 3.12.1150.0 - Python Software Foundation)
qBittorrent 4.3.9 (HKLM-x32\...\qBittorrent) (Version: 4.3.9 - The qBittorrent project)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.5.02 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21289 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8578 - Realtek Semiconductor Corp.)
Roblox Player for Phil (HKU\S-1-5-21-1483475722-1219764467-3277934236-1001\...\roblox-player) (Version:  - Roblox Corporation)
Roslyn Language Services - x86 (HKLM-x32\...\{5B47029B-1E62-30FF-906E-694851C22782}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
SketchUp 2016 (HKLM\...\{E2B66CF6-ABA0-4E5F-B426-7478B18301AE}) (Version: 16.1.1449 - Trimble Navigation Limited)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
SQL Server 2017 Batch Parser (HKLM\...\{2C6E8311-28BD-4615-9545-6E39E8E83A4B}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools Extensions (HKLM\...\{06324A5D-66BB-4FAC-8D0B-9FEC1B230FFF}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools Extensions (HKLM\...\{200F38B2-1492-4576-B08C-78F2C2C953FC}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM\...\{9D1C0509-D490-4E9E-ACF5-A73E5C53742D}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM\...\{B777C4C0-A1CD-4AB9-99B1-AD5FBED6F8E5}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM-x32\...\{6CE9A8AA-C478-4706-BD28-95993D52B5A1}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM-x32\...\{D17B5D3D-3BC7-4AFA-AD90-600B5453826E}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{89A7644F-E056-4EC1-BFDE-9D1A531D6855}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{A9A443F5-56E1-4FC6-937C-5F481345A843}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{28EEF6BA-A23A-42D2-86BA-A6BEE723B969}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{DED314CA-0EFE-4593-9D66-EF75E5289A4C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Shared (HKLM\...\{0E22DBB4-691B-400C-B52D-8DFE8EC421AA}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Shared (HKLM\...\{793F1C1E-5C83-4E33-A29B-6EAA7C1E791C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{B9998A13-5563-496C-B95E-597FFC70B670}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{D7D28BBF-3B0E-43F0-A457-331F1CD9E9EB}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Integration Services Scale Out Management Portal (HKLM\...\{6BD8D100-B16C-409E-B0EA-BF508D7874EC}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Integration Services Scale Out Management Portal (HKLM\...\{91C5EE43-29D1-4720-AB65-5E2E0FE25990}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Management Studio Extensions (HKLM-x32\...\{6492E746-1C5D-48C2-A92A-97D431F74664}) (Version: 14.0.3006.16 - Microsoft Corporation) Hidden
SQL Server 2017 Management Studio Extensions (HKLM-x32\...\{70C24F35-7E36-45FC-B289-3D2849E5556B}) (Version: 14.0.3006.16 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{10855B1A-F7F2-4D8A-A725-9287C73BED5A}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{6CBBF624-696C-499E-948D-ADBAFFA2F548}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{8C515C22-BE07-4908-985C-0AA9349E1ED4}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{C6D92730-3EC0-47B1-8F6C-6F5635D1EFAC}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 SQL Diagnostics (HKLM\...\{DFA6A906-3024-49DE-87AD-750EAED2FA49}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 XEvent (HKLM\...\{12D2DB8D-80FF-4152-8F51-EDB3BD3C6976}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 XEvent (HKLM\...\{AA2A015C-C210-413B-95F6-BF9D3CDD6E0D}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server Management Studio (HKLM\...\{1B8CFC46-1F08-4DA7-9FEA-E1F523FBD67F}) (Version: 14.0.17213.0 - Microsoft Corporation) Hidden
SQL Server Management Studio (HKLM\...\{F8ADD24D-F2F2-465C-A675-F12FDB70DB82}) (Version: 14.0.17213.0 - Microsoft Corporation) Hidden
SQL Server Management Studio for Analysis Services (HKLM\...\{CC6997A7-1638-4E38-B6CF-E776997036B0}) (Version: 14.0.17213.0 - Microsoft Corporation) Hidden
SQL Server Management Studio for Reporting Services (HKLM\...\{4DDEB555-26D2-4E68-98AF-8F96232C13F2}) (Version: 14.0.17213.0 - Microsoft Corporation) Hidden
SSD Sampler (HKLM-x32\...\SSD4) (Version: 1.1 - Yellow Matter Entertainment)
SSMS Post Install Tasks (HKLM\...\{CFCC9F40-E234-499E-B3DA-BEF6CC724C35}) (Version: 14.0.17213.0 - Microsoft Corporation) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 10.0.1256 - SUPERAntiSpyware.com)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.51.5 - TeamViewer)
Techstream Software (HKLM-x32\...\{937CA58A-0212-431C-8F0B-0D8305225476}) (Version: 10.30.029 - DENSO CORPORATION)
Tools for .Net 3.5 (HKLM-x32\...\{1690CE56-2231-4E59-9006-A0876D949EA8}) (Version: 3.11.50727 - Microsoft Corporation) Hidden
Toontrack EZmix 2.2.4 (HKLM\...\EZmix_is1) (Version: 2.2.4 - Toontrack & Team V.R)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.24-Update7 - IDRIX)
Visual C++ 2008 Runtime (x64) (HKLM-x32\...\{73E80655-FB3C-46F4-BE00-62D248BC490A}) (Version: 1.0.1 - Highresolution Enterprises) Hidden
Visual Studio 2015 Prerequisites - ENU Language Pack (HKLM\...\{83B181F2-20B8-4F00-8E71-C66E951A8D4F}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
Visual Studio 2015 Prerequisites (HKLM\...\{DF32E41C-24AD-4A87-B43A-B38553B1806E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.14 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-3) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Waves Central (HKLM\...\{ab507e17-892b-5203-838d-d58d8d09c50f}) (Version: 14.4.3 - Waves Audio Ltd)
Windows Driver Package - Amazon.com (WinUSB) FireDevicesUsbDeviceClass  (10/27/2014 1.4.0000.00000) (HKLM\...\70D74CAD18BB165614511A2A67DB9EBF036D06A9) (Version: 10/27/2014 1.4.0000.00000 - Amazon.com)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Fresco Logic (fl2000) AVClass  (11/13/2017 2.1.34054.0) (HKLM\...\02B94313A3DAF5BA27BCC4FAEA0716A0F660086C) (Version: 11/13/2017 2.1.34054.0 - Fresco Logic)
Windows Driver Package - Fresco Logic (lci_proxykmd) System  (11/13/2017 2.1.34054.0) (HKLM\...\7C22E1F94C4AE5334C0BEE70551B20BEE3C293FA) (Version: 11/13/2017 2.1.34054.0 - Fresco Logic)
Windows Driver Package - Fresco Logic (WUDFRd) Display  (11/13/2017 2.1.34054.0) (HKLM\...\9328342CF3E5994E24BB0C09FBD875141BEF3984) (Version: 11/13/2017 2.1.34054.0 - Fresco Logic)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
XLN Online Installer (HKLM\...\XLN Online Installer Inno Setup ID_is1) (Version:  - )
X-Mouse Button Control 2.10.2 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.10.2 - Highresolution Enterprises)
Yamaha Steinberg USB Driver (HKLM\...\{E2AEA639-BFC7-4A6E-A9F3-EB11B60C2F33}) (Version: 2.1.5 - Yamaha Corporation) Hidden
Yamaha Steinberg USB Driver (HKLM-x32\...\yUninstall_{2938B185-2D57-47B0-9FC8-C90A67BA9277}) (Version: 2.1.5 - Yamaha Corporation)
YubiKey Manager (HKLM-x32\...\yubikey-manager) (Version: 1.1.5 - Yubico AB)
Zoom (HKU\S-1-5-21-1483475722-1219764467-3277934236-1001\...\ZoomUMX) (Version: 5.15.7 (20303) - Zoom Video Communications, Inc.)

Packages:
=========

Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.263.400.0_x64__kgqvnymyfvs32 [2024-03-13] (king.com)
Dell Shop -> C:\Program Files\WindowsApps\DellInc.DellShop_2.2.1.0_neutral__htrsf667h5kn2 [2021-04-17] (Dell Inc)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_152.1.1099.0_x64__v10z8vjag6ke6 [2024-03-10] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Movie Maker - Video Editor -> C:\Program Files\WindowsApps\21336V3TApps.MovieMaker-FREE_3.6.46.0_x64__bzg06mxvgh4fa [2024-03-10] (V3TApps)
MyIPTV Player -> C:\Program Files\WindowsApps\41879VbfnetApps.MyIPTVPlayer_4.8.2.0_x64__7casf8sqhfy78 [2023-11-02] (Vbfnet Apps) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-11-18] (NVIDIA Corp.)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-05-08] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-08] (Microsoft Studios) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-10] (Twitter Inc.)
WinDbg -> C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2402.24001.0_x64__8wekyb3d8bbwe [2024-03-08] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1483475722-1219764467-3277934236-1001_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\Phil\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-1483475722-1219764467-3277934236-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Phil\AppData\Local\Microsoft\OneDrive\19.232.1124.0008\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1483475722-1219764467-3277934236-1001_Classes\CLSID\{227C9E8F-71A1-4B23-9076-682A1A8EAAED}\localserver32 -> c:\program files\macrium\common\reflectmonitor.exe (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
CustomCLSID: HKU\S-1-5-21-1483475722-1219764467-3277934236-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Phil\AppData\Local\Microsoft\OneDrive\19.232.1124.0008\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1483475722-1219764467-3277934236-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Phil\AppData\Local\Microsoft\OneDrive\19.232.1124.0008\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1483475722-1219764467-3277934236-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\Phil\AppData\Local\Microsoft\OneDrive\19.232.1124.0008\FileCoAuth.exe => No File
CustomCLSID: HKU\S-1-5-21-1483475722-1219764467-3277934236-1001_Classes\CLSID\{BEA218D2-6950-497B-9434-61683EC065FE}\InprocServer32 -> C:\Users\Phil\AppData\Local\Programs\Python\Launcher\pyshellext.amd64.dll (Python Software Foundation -> Python Software Foundation)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-18] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-18] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-18] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-18] (Adobe Inc. -> )
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2016-11-14] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2023-01-10] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2023-01-10] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-04-12] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki132538.inf_amd64_a34b1de6c28c3534\igfxDTCM.dll [2019-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvdmig.inf_amd64_75c152d756d851ed\nvshext.dll [2023-11-10] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-11-18] (Adobe Inc. -> )
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2016-11-14] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-04-12] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Amcrest Web View.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory="Profile 1" --app-id=oddndbjhpcpopbebhonolceinkbnheih
ShortcutWithArgument: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory="Profile 1" --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory="Profile 1" --app-id=cnciopoikihiagdjbjpnocolokfelagl
ShortcutWithArgument: C:\Users\Phil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e895024b613704\MetaMask.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=nkbihfbeogaeaoehlefnkodbefgpgknn
ShortcutWithArgument: C:\Users\Phil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\72dad8f9fb5925df\Data Scraper - Easy Web Scraping.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=nndknepjnldbdbepjfgmncbggmopgden
ShortcutWithArgument: C:\Users\Phil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

0000-00-00 00:00 - 0000-00-00 00:00 - 000000000 _____ () [Access Denied] C:\ProgramData\TractTent\PersolAczoknt\irmeqlf9Engin281.dll
2024-02-16 10:48 - 2023-07-10 02:34 - 000039936 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesLocalServer\WavesLocalServer.bundle\Contents\Win64\aiohttp\_helpers.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000215552 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesLocalServer\WavesLocalServer.bundle\Contents\Win64\aiohttp\_http_parser.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000035840 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesLocalServer\WavesLocalServer.bundle\Contents\Win64\aiohttp\_http_writer.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000024064 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesLocalServer\WavesLocalServer.bundle\Contents\Win64\aiohttp\_websocket.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000053760 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesLocalServer\WavesLocalServer.bundle\Contents\Win64\frozenlist\_frozenlist.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000046592 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesLocalServer\WavesLocalServer.bundle\Contents\Win64\multidict\_multidict.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000066048 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesLocalServer\WavesLocalServer.bundle\Contents\Win64\psutil\_psutil_windows.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000039936 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesLocalServer\WavesLocalServer.bundle\Contents\Win64\tinyaes.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000012288 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesLocalServer\WavesLocalServer.bundle\Contents\Win64\websockets\speedups.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000132096 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesLocalServer\WavesLocalServer.bundle\Contents\Win64\win32api.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000249856 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesLocalServer\WavesLocalServer.bundle\Contents\Win64\yaml\_yaml.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000068608 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesLocalServer\WavesLocalServer.bundle\Contents\Win64\yarl\_quoting_c.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000183296 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\_cffi_backend.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 193385472 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\_pywrap_tensorflow_internal.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000018944 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\cpufeature\extension.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000100864 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\google\protobuf\internal\_api_implementation.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 001601536 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\google\protobuf\pyext\_message.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000175616 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\h5py\_conv.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000045568 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\h5py\_errors.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000110080 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\h5py\_objects.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000044032 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\h5py\_proxy.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000132608 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\h5py\_selector.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000219648 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\h5py\defs.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000089600 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\h5py\h5.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000117760 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\h5py\h5a.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000058368 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\h5py\h5ac.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000122368 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\h5py\h5d.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000072192 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\h5py\h5ds.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000116736 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\h5py\h5f.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000156672 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\h5py\h5fd.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000136192 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\h5py\h5g.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000051712 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\h5py\h5i.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000096256 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\h5py\h5l.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000106496 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\h5py\h5o.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000311296 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\h5py\h5p.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000036352 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\h5py\h5pl.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000061952 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\h5py\h5r.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000093696 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\h5py\h5s.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000320512 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\h5py\h5t.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000044032 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\h5py\h5z.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000052736 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\h5py\utils.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000011264 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\numba\_devicearray.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000045056 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\numba\_dispatcher.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000016384 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\numba\_dynfunc.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000238592 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\numba\_helperlib.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000027136 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\numba\core\runtime\_nrt_python.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000019968 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\numba\core\typeconv\_typeconv.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000024576 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\numba\np\ufunc\_internal.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000114176 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\numpy\core\_multiarray_tests.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 002906112 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\numpy\core\_multiarray_umath.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000116736 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\numpy\fft\_pocketfft_internal.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000154624 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\numpy\linalg\_umath_linalg.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000022016 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\numpy\linalg\lapack_lite.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000254464 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\numpy\random\_bounded_integers.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000182272 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\numpy\random\_common.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000685056 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\numpy\random\_generator.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000080896 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\numpy\random\_mt19937.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000085504 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\numpy\random\_pcg64.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000072192 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\numpy\random\_philox.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000053760 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\numpy\random\_sfc64.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000158208 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\numpy\random\bit_generator.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000588800 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\numpy\random\mtrand.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 001278976 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\algos.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000078336 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\arrays.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000916480 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\groupby.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000154624 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\hashing.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 001230848 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\hashtable.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000454656 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\index.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000046080 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\indexing.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000256000 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\internals.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 001038336 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\interval.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 001893376 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\join.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000067072 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\json.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000465408 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\lib.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000162816 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\missing.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000186880 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\ops.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000051200 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\ops_dispatch.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000373760 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\parsers.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000059904 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\properties.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000247808 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\reduction.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000227328 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\reshape.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000801280 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\sparse.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000069632 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\testing.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000133632 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\tslib.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000041984 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\tslibs\base.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000052224 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\tslibs\ccalendar.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000224768 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\tslibs\conversion.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000101888 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\tslibs\dtypes.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000241664 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\tslibs\fields.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000181760 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\tslibs\nattype.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000043520 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\tslibs\np_datetime.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000776704 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\tslibs\offsets.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000318464 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\tslibs\parsing.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000346624 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\tslibs\period.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000292864 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\tslibs\strptime.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000371712 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\tslibs\timedeltas.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000401920 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\tslibs\timestamps.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000192512 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\tslibs\timezones.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000216064 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\tslibs\tzconversion.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000190464 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\tslibs\vectorized.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000288256 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\window\aggregations.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000145408 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\window\indexers.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000180736 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\pandas\_libs\writers.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000076288 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\psutil\_psutil_windows.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000061440 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\_lib\_ccallback_c.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000049664 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\_lib\_uarray\_uarray.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000042496 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\_lib\messagestream.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000582144 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\fft\_pocketfft\pypocketfft.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000169984 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\fftpack\convolve.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000046080 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\integrate\_dop.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000022528 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\integrate\_odepack.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000032768 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\integrate\_quadpack.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000039936 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\integrate\lsoda.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000050176 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\integrate\vode.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000225280 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\interpolate\_bspl.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000035328 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\interpolate\_fitpack.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000286720 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\interpolate\_ppoly.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000385536 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\interpolate\_rbfinterp_pythran.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000148480 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\interpolate\dfitpack.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000281600 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\interpolate\interpnd.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000238592 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\linalg\_decomp_update.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000587264 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\linalg\_fblas.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 001931264 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\linalg\_flapack.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000052224 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\linalg\_flinalg.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000229376 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\linalg\_interpolative.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000171008 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\linalg\_matfuncs_sqrtm_triu.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000193536 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\linalg\_solve_toeplitz.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000226816 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\linalg\cython_blas.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000626688 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\linalg\cython_lapack.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000124928 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\ndimage\_nd_image.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000267264 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\ndimage\_ni_label.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000030720 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\optimize\__nnls.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000231936 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\optimize\_bglu_dense.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000034816 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\optimize\_cobyla.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000062464 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\optimize\_group_columns.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000027136 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\optimize\_highs\_highs_constants.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 001470464 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\optimize\_highs\_highs_wrapper.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000038400 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\optimize\_lbfgsb.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000025600 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\optimize\_lsap_module.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000142336 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\optimize\_lsq\givens_elimination.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000029184 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\optimize\_minpack.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000038912 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\optimize\_slsqp.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000251904 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\optimize\_trlib\_trlib.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000016384 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\optimize\_zeros.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000034304 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\optimize\minpack2.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000051200 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\optimize\moduleTNC.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000038400 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\signal\_max_len_seq_inner.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000188928 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\signal\_peak_finding_utils.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000212992 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\signal\_sosfilt.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000048128 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\signal\_spectral.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000244224 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\signal\_upfirdn_apply.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000096768 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\signal\sigtools.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000038912 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\signal\spline.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000471552 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\sparse\_csparsetools.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 002177024 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\sparse\_sparsetools.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000201728 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\sparse\csgraph\_flow.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000224768 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\sparse\csgraph\_matching.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000158208 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\sparse\csgraph\_min_spanning_tree.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000209408 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\sparse\csgraph\_reordering.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000321536 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\sparse\csgraph\_shortest_path.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000124928 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\sparse\csgraph\_tools.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000118784 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\sparse\csgraph\_traversal.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000282624 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\sparse\linalg\dsolve\_superlu.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000143872 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\sparse\linalg\eigen\arpack\_arpack.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000117248 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\sparse\linalg\isolve\_iterative.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000244736 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\spatial\_distance_pybind.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000123904 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\spatial\_distance_wrap.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000150528 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\spatial\_hausdorff.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000148992 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\spatial\_voronoi.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000518656 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\spatial\ckdtree.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000833024 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\spatial\qhull.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000481280 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\spatial\transform\rotation.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000031744 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\special\_comb.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000065024 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\special\_ellip_harm_2.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000789504 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\special\_ufuncs.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000107008 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\special\_ufuncs_cxx.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 001348608 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\special\cython_special.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000077824 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\special\specfun.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000266240 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\stats\_boost\beta_ufunc.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000232448 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\stats\_boost\binom_ufunc.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000236032 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\stats\_boost\nbinom_ufunc.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000175104 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\stats\_qmc_cy.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000177664 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\stats\_sobol.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000416768 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\stats\_stats.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000167424 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\stats\biasedurn.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000036864 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\stats\mvn.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000032256 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\scipy\stats\statlib.cp39-win_amd64.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 003867648 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\compiler\tf2tensorrt\_pywrap_py_utils.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000342016 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\lite\experimental\microfrontend\python\ops\_audio_microfrontend_op.so
2024-02-16 10:48 - 2023-07-10 02:34 - 000235008 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\lite\python\analyzer_wrapper\_pywrap_analyzer_wrapper.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 003292160 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\lite\python\interpreter_wrapper\_pywrap_tensorflow_interpreter_wrapper.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000990208 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\lite\python\metrics\_pywrap_tensorflow_lite_metrics_wrapper.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 002726400 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\_pywrap_dtensor_device.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 003403776 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\_pywrap_mlir.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 003933184 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\_pywrap_parallel_device.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 002702848 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\_pywrap_py_exception_registry.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 003389440 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\_pywrap_quantize_training.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000109568 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\_pywrap_sanitizers.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 006100480 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\_pywrap_tfe.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 000124416 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\_pywrap_toco_api.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 003408896 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\client\_pywrap_debug_events_writer.pyd
2024-02-16 10:48 - 2023-07-10 02:34 - 003390976 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\client\_pywrap_device_lib.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 003414528 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\client\_pywrap_events_writer.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 006047744 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\client\_pywrap_tf_session.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 003436544 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\data\experimental\service\_pywrap_server_lib.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 005432320 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\data\experimental\service\_pywrap_utils.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 002874368 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\flags_pybind.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 002728960 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\framework\_dtypes.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 003445248 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\framework\_op_def_library_pybind.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 003389440 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\framework\_op_def_registry.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 003933184 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\framework\_proto_comparators.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 000213504 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\framework\_pywrap_python_api_dispatcher.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 002696704 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\framework\_pywrap_python_op_gen.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 003867136 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\framework\_test_metrics_util.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 003973120 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\grappler\_pywrap_tf_cluster.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 003897856 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\grappler\_pywrap_tf_optimizer.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 000108544 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\lib\core\_pywrap_bfloat16.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 000108544 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\lib\core\_pywrap_py_func.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 003473920 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\lib\io\_pywrap_file_io.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 003534336 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\lib\io\_pywrap_record_io.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 000108544 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\platform\_pywrap_stacktrace_handler.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 003389952 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\platform\_pywrap_tf2.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 007490048 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\profiler\internal\_pywrap_profiler.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 003409408 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\profiler\internal\_pywrap_traceme.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 003419648 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\saved_model\pywrap_saved_model.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 003894784 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\util\_pywrap_checkpoint_reader.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 000109568 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\util\_pywrap_determinism.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 000109568 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\util\_pywrap_nest.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 000109568 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\util\_pywrap_tensor_float_32_execution.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 003874304 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\util\_pywrap_tfprof.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 000108544 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\util\_pywrap_util_port.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 000163328 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\util\_pywrap_utils.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 002455040 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\util\_tf_stack.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 000119296 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tensorflow\python\util\fast_module_type.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 000040448 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\tinyaes.cp39-win_amd64.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 000011776 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\websockets\speedups.cp39-win_amd64.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 000134656 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\win32api.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 000527872 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\win32com\shell\shell.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 000042496 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\wrapt\_wrappers.cp39-win_amd64.pyd
2024-02-16 10:49 - 2023-07-10 02:34 - 000249856 _____ () [File not signed] C:\ProgramData\Waves Audio\WavesPluginServer\WavesPluginServerV14.2.bundle\Contents\Win64\yaml\_yaml.cp39-win_amd64.pyd
0000-00-00 00:00 - 0000-00-00 00:00 - 000000000 _____ () <==== ATTENTION [zero byte File/Folder] \\?\C:\Users\Phil\AppData\Roaming\Java\jre8\bin\java.exe:jll
2024-01-30 23:32 - 2023-03-12 01:00 - 088202240 _____ (Celemony Software GmbH) [File not signed] C:\Program Files\Common Files\Celemony\Bundles\MelodyneCore-5.3.1.018.dll
2024-01-30 23:32 - 2023-03-12 01:00 - 001353216 _____ (Celemony Software GmbH) [File not signed] C:\Program Files\Common Files\VST3\Celemony\Melodyne\Melodyne.vst3
2016-03-04 12:42 - 2019-02-21 12:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2017-08-13 09:49 - 2017-08-13 09:49 - 003664184 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2017-08-13 09:49 - 2017-08-13 09:49 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\WINDOWS\System32\StartMenuHelper64.dll
2023-10-12 08:06 - 2023-09-29 00:00 - 003544064 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Studio One 6\Extensions\presonusstore\plugins\win_x64\presonusstore.dll
2023-10-12 08:06 - 2023-09-29 00:00 - 002217472 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Studio One 6\Extensions\soundcloud\plugins\win_x64\soundcloud.dll
2023-10-12 08:06 - 2023-09-29 00:00 - 000695296 _____ (PreSonus) [File not signed] C:\Program Files\PreSonus\Studio One 6\Extensions\soundsetbuilder\plugins\win_x64\soundsetbuilder.dll
2023-10-12 08:06 - 2023-09-29 00:00 - 000856576 _____ (Propellerhead Software AB) [File not signed] C:\Program Files\PreSonus\Studio One 6\3rd party\REX Shared Library.dll
2024-01-05 18:19 - 2024-01-05 18:19 - 002973696 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2024-02-02 21:42 - 2023-02-07 17:40 - 042261040 _____ (Toontrack Music AB -> Toontrack Music AB) [File not signed] C:\Program Files\Common Files\VST3\Toontrack\EZdrummer 3.vst3
2024-01-28 18:31 - 2023-01-11 12:26 - 022139424 _____ (Toontrack Music AB -> Toontrack Music AB) [File not signed] C:\Program Files\Steinberg\Vstplugins\Toontrack\EZmix.dll
2024-02-16 10:51 - 2021-08-10 21:44 - 001792000 _____ (Waves Audio Ltd.) [File not signed] C:\ProgramData\Waves Audio\Modules\WavesLicenseEngine.bundle\Contents\Win64\WavesLicenseEngine.dll
2015-08-01 22:19 - 2015-08-01 22:19 - 000541448 ____R (Waves Inc -> Waves Audio) [File not signed] C:\WINDOWS\SYSTEM32\MaxxAudioIntelSkylake64.dll
2023-01-31 14:22 - 2023-01-31 14:22 - 000180224 _____ (Yamaha Corporation) [File not signed] C:\Program Files (x86)\Yamaha\Yamaha Steinberg USB Driver\ysusb_asio64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1483475722-1219764467-3277934236-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell15.msn.com/?pc=DCTE
HKU\S-1-5-21-1483475722-1219764467-3277934236-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://192.168.1.90:1829/
HKU\S-1-5-21-1483475722-1219764467-3277934236-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://192.168.1.85:85/
SearchScopes: HKU\S-1-5-21-1483475722-1219764467-3277934236-1001 -> {A79BE33D-4EB3-40E2-B354-BB99B3501D8A} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-03-04] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-04] (Oracle America, Inc. -> Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2023-11-18 23:11 - 2023-11-18 23:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2019-10-23 10:26 - 2020-03-13 23:45 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Microsoft MPI\Bin\;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Microsoft SQL Server\Client SDK\ODBC\130\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\140\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\140\DTS\Binn\;C:\Program Files (x86)\Microsoft SQL Server\140\Tools\Binn\ManagementStudio\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\130\Tools\Binn\;C:\Program Files\Microsoft SQL Server\140\Tools\Binn\;C:\Program Files\Microsoft SQL Server\140\DTS\Binn\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\dotnet\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%AppData%\Programs\Python\Python311;%AppData%\Programs\Python\Python311\Scripts;
HKU\S-1-5-21-1483475722-1219764467-3277934236-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Phil\Pictures\20201114_122903.jpg
HKU\S-1-5-80-2652535364-2169709536-2857650723-2622804123-1107741775\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: 0008811457109852mcinstcleanup => 2
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: Dell Customer Connect => 2
MSCONFIG\Services: Dell Foundation Services => 2
MSCONFIG\Services: Dell Hardware Support => 2
MSCONFIG\Services: Dell Help & Support => 2
MSCONFIG\Services: Dell Product Registration => 2
MSCONFIG\Services: DellDigitalDelivery => 2
MSCONFIG\Services: DellUpdate => 2
MSCONFIG\Services: MacriumService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SupportAssistAgent => 2
MSCONFIG\Services: WavesSysSvc => 2
MSCONFIG\Services: XTU3SERVICE => 2
HKLM\...\StartupApproved\StartupFolder: => "WavesLocalServer.lnk"
HKLM\...\StartupApproved\StartupFolder: => "WavesPluginServer.lnk"
HKLM\...\StartupApproved\Run: => "WavesSvc"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "LaunchMhttpd"
HKLM\...\StartupApproved\Run: => "Reflect UI"
HKLM\...\StartupApproved\Run32: => "LaunchMhttpd"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Cisconet"
HKU\S-1-5-21-1483475722-1219764467-3277934236-1001\...\StartupApproved\StartupFolder: => "Gqreader.lnk"
HKU\S-1-5-21-1483475722-1219764467-3277934236-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1483475722-1219764467-3277934236-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1483475722-1219764467-3277934236-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"
HKU\S-1-5-21-1483475722-1219764467-3277934236-1001\...\StartupApproved\Run: => "VideoGuardMonitor"
HKU\S-1-5-21-1483475722-1219764467-3277934236-1001\...\StartupApproved\Run: => "GarminExpress"
HKU\S-1-5-21-1483475722-1219764467-3277934236-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-1483475722-1219764467-3277934236-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-1483475722-1219764467-3277934236-1001\...\StartupApproved\Run: => "Trio.WakeNet"
HKU\S-1-5-21-1483475722-1219764467-3277934236-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_0848959D30B7A075789B21F3CF73AE30"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{8722BC63-D006-4454-A7FA-B546C2194CEA}C:\program files (x86)\batch configuration\batch configuration.exe] => (Allow) C:\program files (x86)\batch configuration\batch configuration.exe (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [TCP Query User{2DB79FC2-EEA8-419E-90BE-400EC47D0F71}C:\program files (x86)\batch configuration\batch configuration.exe] => (Allow) C:\program files (x86)\batch configuration\batch configuration.exe (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [UDP Query User{0A6C2044-7019-4EDE-BEAD-2A3D33AD18A3}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{E8D1E310-7E92-4616-96DE-DCA4A63256A4}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{57E1D170-9843-4965-8C4A-2AD53CC33047}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{6C435228-635C-443E-A6F1-2E57ED33DF7C}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{23C79370-8FC2-4078-8755-4CCC15243350}] => (Allow) C:\Users\Phil\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{309DBB71-8038-46F9-B979-087D23E6F2C6}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{F1F8667A-4F3B-4D8B-94E1-91642F57D977}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7D83116A-F056-470B-9225-C83298E82CDA}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel® Wireless Display -> Intel)
FirewallRules: [{6AB0400C-53A7-438B-9113-E38C0C3573B8}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel® Wireless Display -> Intel)
FirewallRules: [{AF34D3A7-5EDD-4DC6-A959-F791BAE4E444}] => (Allow) LPort=1689
FirewallRules: [{A5585E6B-687C-4830-9182-ACCD5AD46580}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel® Wireless Display -> Intel)
FirewallRules: [{E4F687D8-9AC8-4B3F-81C4-6898D3CEDEBD}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel® Wireless Display -> Intel)
FirewallRules: [TCP Query User{82FE00D9-E6F0-4CB8-9B60-816AAD742BDB}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{FDE46CCA-AAFC-4479-B2E2-D11D85E783A8}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5BF291DD-BF7B-435B-A828-C60013BC36C5}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe => No File
FirewallRules: [{8DBECFBA-ECD9-4018-B4AF-87F78802E809}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe => No File
FirewallRules: [{6F508BE4-55D4-4E00-BB96-A12A44734859}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe => No File
FirewallRules: [{61F7D853-8049-4EDA-A9AD-0F321926F991}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe => No File
FirewallRules: [TCP Query User{DE8BB403-0E89-4C68-9D0B-994C01F0D883}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{68171860-2395-48E9-BFE6-772CE1BFB97E}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{37F848E4-8D94-4014-9CBF-EF41A41BB9A6}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel® Wireless Display -> Intel)
FirewallRules: [{12C09576-213D-4A9B-8544-303D68DBCEED}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe => No File
FirewallRules: [{C065805A-2D52-40DD-B6CE-E9FE6B23C7BE}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe => No File
FirewallRules: [{7AAC6AED-1E16-4AB9-BB94-F970F1549FB6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe => No File
FirewallRules: [{5048B123-5188-4CFE-80FA-D151E4F9C479}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe => No File
FirewallRules: [{A4D6288B-17E6-426E-9FA2-4E0FDC6D705D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe => No File
FirewallRules: [{84588CA5-B711-4486-AAFD-6E6FDB871569}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe => No File
FirewallRules: [{939443F9-4C65-4E82-A297-101AB5E299FA}] => (Allow) C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe () [File not signed]
FirewallRules: [{E79003BA-6CF8-4A77-9D7B-488283EFD351}] => (Allow) C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe () [File not signed]
FirewallRules: [{8E3BE494-ABAA-4F0B-A58F-461483AEF7FC}] => (Allow) C:\Program Files\Microsoft MPI\Bin\mpiexec.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{747E94E0-55DB-48A4-892B-B64D8063D537}] => (Allow) C:\Program Files\Microsoft MPI\Bin\mpiexec.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8DE7F132-6EF4-48F3-A1AC-FC129C7CAC93}] => (Allow) C:\Program Files\Microsoft MPI\Bin\smpd.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E919378E-4501-4564-9190-DC9D94972AEC}] => (Allow) C:\Program Files\Microsoft MPI\Bin\smpd.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{FDBC39CA-FECB-4B2E-AE67-D39D966664AF}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe => No File
FirewallRules: [UDP Query User{D482D82D-B617-466D-8BCE-E397D2CC700E}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe => No File
FirewallRules: [{231FF233-3159-4F9B-A3A6-BAE2DB0366E9}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel® Wireless Display -> Intel)
FirewallRules: [{CA724562-B662-46B1-95DD-F6E904B4C439}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe => No File
FirewallRules: [{DA23A761-502C-45EC-8119-F071C3291BC8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe => No File
FirewallRules: [{E59703F2-EF65-4BA6-8655-981E991DDBDF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{0AFA2E89-C542-48BD-B424-072E6EE9E491}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe => No File
FirewallRules: [{A4146D8E-D51E-4C30-8B77-6FC0499EAEF1}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel® Wireless Display -> Intel)
FirewallRules: [{A1667356-3898-4277-9D6F-D326CA4AE3B2}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel® Wireless Display -> Intel)
FirewallRules: [TCP Query User{F6FE67C7-37F3-4A95-A9F0-54D0ED909095}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{F07579D5-5EB7-4B0A-A790-855B3B84AA9E}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{0252A464-A105-434F-A606-B763FC1A7F10}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe => No File
FirewallRules: [{78D0BADE-0885-4621-B436-9172922F3226}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe => No File
FirewallRules: [TCP Query User{B592A5E8-BF72-43DE-BBCC-46E867957D23}C:\users\phil\appdata\roaming\zoom\bin_00\zoom.exe] => (Allow) C:\users\phil\appdata\roaming\zoom\bin_00\zoom.exe => No File
FirewallRules: [UDP Query User{57EC246B-FE28-4849-B067-ABD24190F601}C:\users\phil\appdata\roaming\zoom\bin_00\zoom.exe] => (Allow) C:\users\phil\appdata\roaming\zoom\bin_00\zoom.exe => No File
FirewallRules: [{BEA2890A-C0DC-4220-99A2-7C7C61852716}] => (Allow) C:\Users\Phil\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{20059C52-C50A-4EEB-9E23-AE28EA983F7A}] => (Allow) C:\Users\Phil\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C7652C63-47AC-4FB3-9B0F-B37BBF65C06B}] => (Allow) C:\Users\Phil\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{768AEA1F-F731-4803-841C-64FB7BD314D6}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{AFEE8BB0-3FD4-494B-BFF7-9F0631EF435E}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{90B2A1E2-DE71-4232-8685-15A1AE4D709F}] => (Allow) C:\Program Files\MetaTrader 5\metatester64.exe (MetaQuotes Ltd. -> MetaQuotes Ltd.)
FirewallRules: [{E1B7C67C-3222-433A-91BC-6971560A4376}] => (Block) %ProgramFiles%\Adobe\Adobe Premiere Pro CC 2015\Adobe Premiere Pro.exe => No File
FirewallRules: [{174B8CAF-E4B2-4705-AE06-7C01A6855DD4}] => (Block) %ProgramFiles%\Adobe\Adobe Premiere Pro CC 2015\Adobe Premiere Pro.exe => No File
FirewallRules: [TCP Query User{EA3A04E1-B828-4464-91A7-1520C2B6F27F}C:\users\phil\appdata\local\mozilla firefox\firefox.exe] => (Allow) C:\users\phil\appdata\local\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{D5BC456E-2CEC-4AA1-A453-B8AC5DCBC864}C:\users\phil\appdata\local\mozilla firefox\firefox.exe] => (Allow) C:\users\phil\appdata\local\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{25E1A602-B411-4D8C-AA38-787C6509904F}C:\programdata\regid.1993-06.com.microsoft\wmiprvse.exe] => (Block) C:\programdata\regid.1993-06.com.microsoft\wmiprvse.exe => No File
FirewallRules: [UDP Query User{D70EDB31-B0DB-4037-8799-6D61480F5F9B}C:\programdata\regid.1993-06.com.microsoft\wmiprvse.exe] => (Block) C:\programdata\regid.1993-06.com.microsoft\wmiprvse.exe => No File
FirewallRules: [{C557DE62-65C1-410D-9AF9-18260D567AFB}] => (Allow) C:\Users\Phil\AppData\Local\Programs\Opera GX\102.0.4880.82\opera.exe => No File
FirewallRules: [TCP Query User{8955C64B-937F-4DFE-9DEA-C78FB77CD2E1}C:\users\phil\appdata\local\trionet\resources\triocore.exe] => (Block) C:\users\phil\appdata\local\trionet\resources\triocore.exe => No File
FirewallRules: [UDP Query User{C1BC0028-CDF2-4C1C-9CEF-975DDECB4A9E}C:\users\phil\appdata\local\trionet\resources\triocore.exe] => (Block) C:\users\phil\appdata\local\trionet\resources\triocore.exe => No File
FirewallRules: [TCP Query User{492E9C29-9880-4871-9295-67B6C13C7A37}C:\program files\presonus\studio one 6\studio one.exe] => (Allow) C:\program files\presonus\studio one 6\studio one.exe (PreSonus) [File not signed]
FirewallRules: [UDP Query User{C8317AC5-F3AD-40EE-BC6F-C2D1B9AA5580}C:\program files\presonus\studio one 6\studio one.exe] => (Allow) C:\program files\presonus\studio one 6\studio one.exe (PreSonus) [File not signed]
FirewallRules: [TCP Query User{BC5C7851-879E-4667-90A5-B0DD41E060B6}C:\program files\presonus\studio one 6\pluginscanner.exe] => (Allow) C:\program files\presonus\studio one 6\pluginscanner.exe (PreSonus Audio Electronics, Inc. -> PreSonus)
FirewallRules: [UDP Query User{FB0D57E9-C86C-4AF0-B427-9D8DE7329588}C:\program files\presonus\studio one 6\pluginscanner.exe] => (Allow) C:\program files\presonus\studio one 6\pluginscanner.exe (PreSonus Audio Electronics, Inc. -> PreSonus)
FirewallRules: [TCP Query User{777ADD0F-6C62-4341-B6BA-C99F7CAE6FD4}C:\program files\presonus\studio one 6\studio one.exe] => (Block) C:\program files\presonus\studio one 6\studio one.exe (PreSonus) [File not signed]
FirewallRules: [UDP Query User{2DAAAB2F-1781-47A7-B69A-19C70323BE89}C:\program files\presonus\studio one 6\studio one.exe] => (Block) C:\program files\presonus\studio one 6\studio one.exe (PreSonus) [File not signed]
FirewallRules: [{8EA52CB9-47A3-4256-A337-16B8CDD7E9DF}] => (Allow) C:\Program Files (x86)\Waves\Plug-Ins V14\TRACT.bundle\Contents\Win64\TRACT.dll (Waves Inc -> Waves Audio Ltd.)
FirewallRules: [{7EA42B83-9523-453C-99EC-D6020573D9EB}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{20517F2C-C6E0-4E95-A7AC-F1A016A271D5}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6809A1FF-66B3-4EBB-9C4A-7C1BA8C5B686}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5361CA3F-8EB0-4384-9756-A5419E36CC0D}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FA438F34-15B7-4CAB-9B1F-C78624C04B74}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\123.0.6312.16\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [{8E2B2FEB-0F75-41C7-9833-EA08351455A3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2402.24001.0_x64__8wekyb3d8bbwe\x86\EngHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1260ABA7-6E4B-4897-8758-608A572657F7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2402.24001.0_x64__8wekyb3d8bbwe\x86\EngHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ABC7BC46-CA96-4AE5-A33C-3A1A1A91ED24}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2402.24001.0_x64__8wekyb3d8bbwe\amd64\EngHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6221E678-65CC-481C-8607-4B9F133DB975}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2402.24001.0_x64__8wekyb3d8bbwe\amd64\EngHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5687C4A5-F907-43D4-BB1D-AF85F855E121}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2402.24001.0_x64__8wekyb3d8bbwe\arm64\EngHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{21E11996-A798-4742-9088-8DE25E3486AA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2402.24001.0_x64__8wekyb3d8bbwe\arm64\EngHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B84F0F20-C060-4CD2-9E9D-86B1DD0605A7}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{263E6080-DBA2-4EA3-B4E8-E47FEBB4C0EB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (03/21/2024 10:55:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ESETOnlineScanner.exe, version: 10.34.8.0, time stamp: 0x65f09154
Faulting module name: ntdll.dll, version: 10.0.19041.3996, time stamp: 0x9b4c0fa6
Exception code: 0xc0000005
Fault offset: 0x0005f5f3
Faulting process id: 0x381c
Faulting application start time: 0x01da7b9f72209290
Faulting application path: C:\Users\Phil\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 117d4e06-de22-4eab-8757-1603d6446510
Faulting package full name:
Faulting package-relative application ID:

Error: (03/21/2024 10:51:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ESETOnlineScanner.exe, version: 10.34.8.0, time stamp: 0x65f09154
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00004000
Faulting process id: 0x15dc
Faulting application start time: 0x01da7b9f2f0aabbb
Faulting application path: C:\Users\Phil\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Faulting module path: unknown
Report Id: f6934369-d703-4c97-b222-ebd70ce1bbaf
Faulting package full name:
Faulting package-relative application ID:

Error: (03/21/2024 10:42:44 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\WINDOWS\system32\msiexec.exe /V; Description = Removed Adobe Acrobat XI Pro.; Error = 0x80070422).

Error: (03/21/2024 10:42:26 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\WINDOWS\system32\msiexec.exe /V; Description = Removed Adobe Acrobat XI Pro.; Error = 0x80070422).

Error: (03/21/2024 10:40:06 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\WINDOWS\system32\msiexec.exe /V; Description = Installed PROPLUSR; Error = 0x80070422).

Error: (03/21/2024 10:39:32 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\WINDOWS\system32\msiexec.exe /V; Description = Installed PROPLUSR; Error = 0x80070422).

Error: (03/21/2024 10:39:31 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\WINDOWS\system32\msiexec.exe /V; Description = Installed PROPLUSR; Error = 0x80070422).

Error: (03/21/2024 10:39:30 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\WINDOWS\system32\msiexec.exe /V; Description = Installed PROPLUSR; Error = 0x80070422).


System errors:
=============
Error: (03/21/2024 12:10:48 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: The mutual authentication between the local Bluetooth adapter and a device with Bluetooth adapter address (8c:bf:a6:31:25:1c) failed.

Error: (03/20/2024 09:08:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Intel® PROSet/Wireless Zero Configuration Service service terminated with the following error:
%%2147770990

Error: (03/20/2024 09:07:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The FoxitReaderService service failed to start due to the following error:
The system cannot find the file specified.

Error: (03/20/2024 09:07:20 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Energy Server Service queencreek service did not shut down properly after receiving a preshutdown control.

Error: (03/20/2024 09:07:04 PM) (Source: DCOM) (EventID: 10010) (User: DELL-LAPTOP)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.

Error: (03/20/2024 05:49:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Intel® PROSet/Wireless Zero Configuration Service service terminated with the following error:
%%2147770990

Error: (03/20/2024 05:49:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The FoxitReaderService service failed to start due to the following error:
The system cannot find the file specified.

Error: (03/20/2024 05:48:33 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Energy Server Service queencreek service did not shut down properly after receiving a preshutdown control.


Windows Defender:
================
Date: 2024-02-16 09:55:47
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen!pz&threatid=2147890630&enterprise=0
Name: HackTool:Win32/Keygen!pz
Severity: High
Category: Tool
Path: file:_D:\Installs\Studio One\3ehse3y-pso6p\PreSonus.Studio.One.6.Professional.v6.5.0.Incl.Patched.and.Keygen-R2R\r2r12854\R2R\StudioOne_Keygen.exe; file:_D:\Installs\Studio One\StudioOne\3ehse3y-pso6p\PreSonus.Studio.One.6.Professional.v6.5.0.Incl.Patched.and.Keygen-R2R\r2r12854\R2R\StudioOne_Keygen.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.405.71.0, AS: 1.405.71.0, NIS: 1.405.71.0
Engine Version: AM: 1.1.24010.10, NIS: 1.1.24010.10

Date: 2024-02-16 09:55:47
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen!pz&threatid=2147890630&enterprise=0
Name: HackTool:Win32/Keygen!pz
Severity: High
Category: Tool
Path: file:_D:\Installs\Studio One\StudioOne\3ehse3y-pso6p\PreSonus.Studio.One.6.Professional.v6.5.0.Incl.Patched.and.Keygen-R2R\r2r12854\R2R\StudioOne_Keygen.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: Unknown
Security intelligence Version: AV: 1.405.71.0, AS: 1.405.71.0, NIS: 1.405.71.0
Engine Version: AM: 1.1.24010.10, NIS: 1.1.24010.10

Date: 2024-02-16 09:55:47
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen!pz&threatid=2147890630&enterprise=0
Name: HackTool:Win32/Keygen!pz
Severity: High
Category: Tool
Path: file:_D:\Installs\Studio One\StudioOne\3ehse3y-pso6p\PreSonus.Studio.One.6.Professional.v6.5.0.Incl.Patched.and.Keygen-R2R\r2r12854\R2R\StudioOne_Keygen.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.405.71.0, AS: 1.405.71.0, NIS: 1.405.71.0
Engine Version: AM: 1.1.24010.10, NIS: 1.1.24010.10

Date: 2024-02-01 21:40:41
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen!pz&threatid=2147890630&enterprise=0
Name: HackTool:Win32/Keygen!pz
Severity: High
Category: Tool
Path: file:_D:\Installs\Studio One\StudioOne\3ehse3y-pso6p\PreSonus.Studio.One.6.Professional.v6.5.0.Incl.Patched.and.Keygen-R2R\r2r12854\R2R\StudioOne_Keygen.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: Unknown
Security intelligence Version: AV: 1.403.3067.0, AS: 1.403.3067.0, NIS: 1.403.3067.0
Engine Version: AM: 1.1.23110.2, NIS: 1.1.23110.2

Date: 2024-01-31 22:38:24
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen!pz&threatid=2147890630&enterprise=0
Name: HackTool:Win32/Keygen!pz
Severity: High
Category: Tool
Path: file:_D:\Installs\Studio One\StudioOne\3ehse3y-pso6p\PreSonus.Studio.One.6.Professional.v6.5.0.Incl.Patched.and.Keygen-R2R\r2r12854\R2R\StudioOne_Keygen.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.403.3022.0, AS: 1.403.3022.0, NIS: 1.403.3022.0
Engine Version: AM: 1.1.23110.2, NIS: 1.1.23110.2
Event[0]:

Date: 2024-02-05 11:19:06
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.403.3263.0
Previous security intelligence Version: 1.403.3218.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.23110.2
Previous Engine Version: 1.1.23110.2
Error code: 0x80070241
Error description: Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2024-02-05 11:19:06
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.403.3263.0
Previous security intelligence Version: 1.403.3218.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.23110.2
Previous Engine Version: 1.1.23110.2
Error code: 0x80070241
Error description: Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2023-11-16 21:53:14
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Current
Error Code: 0x80070003
Error description: The system cannot find the path specified.
Security intelligence Version: 0.0.0.0;0.0.0.0
Engine Version: 0.0.0.0

Date: 2023-06-06 02:56:46
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.391.576.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23050.3
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

CodeIntegrity:
===============
Date: 2024-03-21 13:25:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\ki132538.inf_amd64_a34b1de6c28c3534\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. 1.2.7 12/13/2017
Motherboard: Dell Inc. 0H87XC
Processor: Intel® Core™ i5-6300HQ CPU @ 2.30GHz
Percentage of memory in use: 58%
Total physical RAM: 16250.84 MB
Available physical RAM: 6779.24 MB
Total Virtual: 21626.84 MB
Available Virtual: 7382.63 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:953.25 GB) (Free:618.43 GB) (Model: TEAM TM8PS7001T) NTFS
Drive d: (1TB) (Fixed) (Total:931.5 GB) (Free:708.91 GB) (Model: PNY CS900 1TB SSD) NTFS

\\?\Volume{09964035-891e-49f6-bab9-1af2dfe5e75a}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.43 GB) FAT32

==================== MBR & Partition Table ====================

==================== End of Addition.txt =======================

Edited by Oh My!, 21 March 2024 - 08:23 PM.

HKU\S-1-5-21-1483475722-1219764467-3277934236-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://192.168.1.90:1829/
HKU\S-1-5-21-1483475722-1219764467-3277934236-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://192.168.1.85:85/

• Download Revo Uninstaller Free Portable and save it to your Desktop
• Right click on the folder and select Extract All..., then click Extract
• Double click on the RevoUninstaller-Portable folder
• Right click on RevoUPort and select Run as administrator
• Click OK on the License Agreement
• From the list of programs double click on the listed program(s), or anything similar, to remove it (if it exists)

PreSonus Studio One 6 

• If the program's uninstaller appears work through the steps to remove the program(s)
• Be sure the Advanced option is selected then click Scan
• For each window that may appear identifying leftover items click Select All, Delete, then confirm the deletion
• Once done click Finish
• Reboot your computer

• Right click on the FRST64 icon and select Run as administrator
• Highlight the below information then hit the Ctrl + C keys at the same time and the text will be copied
• There is no need to paste the information anywhere, FRST64 will do it for you

Start::
SystemRestore: On
CreateRestorePoint:
End::

• Click Fix
• When completed the tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.

• Recognize entries?
• Program uninstalled?
• Fixlog

Hi Gary

Those two IP address I created about 10 years ago for IP cameras.  I've uninstalled Presonus with Revo uninstaller.  To note: upon reboot this time I did not get the cmd prompt windows that ran nor the level1.exe generated into the appdata folder. 

Here's the log for FRST

• Right click on the FRST64 icon and select Run as administrator
• Highlight the below information then hit the Ctrl + C keys at the same time and the text will be copied
• There is no need to paste the information anywhere, FRST64 will do it for you

Start::
SystemRestore: On
CreateRestorePoint:
CloseProcesses:
Unlock: C:\ProgramData\TractTent
Folder: C:\ProgramData\{97BAC61B-4997-4F27-8567-391BD82F596A}
File: C:\ProgramData\TractTent\PersolAczoknt\irmeqlf9Engin281.dll
cmd: type "C:\ProgramData\remover.bat"
cmd: type "C:\Users\Phil\AppData\Roaming\Microsoft\Windows NT\rasapi32.js"
C:\Users\Phil\AppData\Roaming\Java\jre8\bin\java.exe:jll 
C:\ProgramData\TractTent\PersolAczoknt\irmeqlf9Engin281.dll
C:\ProgramData\remover.bat
C:\Users\Phil\AppData\Roaming\strt.cmd
C:\Users\Phil\AppData\Roaming\msftedit
C:\Users\Phil\AppData\Roaming\Microsoft\Windows NT\rasapi32.js
C:\Users\Phil\AppData\Local\wle.log
C:\Users\Phil\AppData\Roaming\winsQ
C:\Users\Phil\AppData\Roaming\msftedit
C:\Users\Phil\AppData\Roaming\comcomZmr
C:\ProgramData\{97BAC61B-4997-4F27-8567-391BD82F596A}
C:\Users\Phil\AppData\Local\Desktop_inni
C:\ProgramData\{3FCE7907-AA6B-470A-BFB2-C042375EDBDF}
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION 
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION 
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION 
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION 
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION 
HKU\S-1-5-21-1483475722-1219764467-3277934236-1001\...\StartupApproved\StartupFolder: => "Gqreader.lnk"
HKU\S-1-5-21-1483475722-1219764467-3277934236-1001\...\Run: [rasapi32] => wscript.exe "C:\Users\Phil\AppData\Roaming\Microsoft\Windows NT\rasapi32.js" [178 2023-09-30] () [File not signed] <==== ATTENTION 
HKU\S-1-5-21-1483475722-1219764467-3277934236-1001\...\RunOnce: [removerbat] => C:\ProgramData\remover.bat [307 2024-03-20] () [File not signed] <==== ATTENTION 
HKLM-x32\...\Run: [Adobe Creative Cloud] => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true (No File) 
HKLM-x32\...\Run: [Cisconet] => "%AppData%\msftedit\WinXBlueRay.exe" (No File) 
HKU\S-1-5-21-1483475722-1219764467-3277934236-1001\...\Run: [Lync] => "C:\Program Files\Microsoft Office\Office15\lync.exe" /fromrunkey (No File) 
HKU\S-1-5-21-1483475722-1219764467-3277934236-1001\...\Run: [Trio.WakeNet] => C:\Users\Phil\AppData\Local\TrioNet\Trio.Net.exe (No File) 
S2 FoxitReaderService; "C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\FoxitConnectedPDFService.exe" [X] 
S2 IAStorDataMgrSvc; "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" [X] 
S3 DrvSnSht; \??\C:\Users\Phil\AppData\Local\Temp\RarSFX0\DrvSnSht64.sys [X] <==== ATTENTION 
S3 R-ImageDisk; \??\C:\Users\Phil\AppData\Local\Temp\RarSFX0\R-ImageDisk64.sys [X] <==== ATTENTION 
Startup: C:\Users\Phil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Gqreader.lnk [2023-11-28]
ShortcutTarget: Gqreader.lnk -> C:\Users\Phil\AppData\Roaming\msftedit\WinXBluRay.exe (No File)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File 
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0] 
Task: {D65748B1-D097-42BA-9B41-B4BD003B5160} - System32\Tasks\OneNote 5797 => C:\Users\Phil\AppData\Roaming\strt.cmd  -> 
Task: {08CAD4CF-9FEA-4DB1-83B7-D9935729BC84} - System32\Tasks\OneNote 89688 => C:\Users\Phil\AppData\Roaming\strt.cmd  -> 
Task: {3D46B100-7552-4143-B86A-F2B9970703F6} - System32\Tasks\Intel\System.Windows.Presentatio00_clr0400 => C:\Windows\system32\rundll32.exe [71680 2023-11-14] (Microsoft Windows -> Microsoft Corporation) -> C:\ProgramData\TractTent\PersolAczoknt\irmeqlf9Engin281.dll SHEiflowfdqaa
Task: {D0AF27D6-8368-4DA9-926B-288A91E56430} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION 
Task: {3D13762D-057E-43AA-AC86-ADA65FB62FDF} - System32\Tasks\UninstallDDS-C960901F-CE14-4DE1-9729-1305F719A337 => C:\Windows\TEMP\DeleteFolderTask.exe  (No File) <==== ATTENTION 
Task: {B232ECA6-D3D1-4EC4-A32D-E08E86763ED0} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe  -mode=scheduled (No File) 
Task: {7B4E0C68-BE5A-4442-A2BD-993BA50AA038} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe  --automatic (No File) 
Task: {63C0817E-7830-4189-BC23-F9E568C905D4} - System32\Tasks\Opera GX scheduled Autoupdate 1696112022 => C:\Users\Phil\AppData\Local\Programs\Opera GX\launcher.exe  --scheduledautoupdate $(Arg0) (No File) 
Task: {44369712-8FE0-4ADE-93B5-90A17714898E} - System32\Tasks\Private Internet Access Startup => "C:\Program Files\pia_manager\pia_manager.exe"  --startup (No File) 
CustomCLSID: HKU\S-1-5-21-1483475722-1219764467-3277934236-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Phil\AppData\Local\Microsoft\OneDrive\19.232.1124.0008\amd64\FileSyncShell64.dll => No File 
CustomCLSID: HKU\S-1-5-21-1483475722-1219764467-3277934236-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Phil\AppData\Local\Microsoft\OneDrive\19.232.1124.0008\amd64\FileSyncShell64.dll => No File 
CustomCLSID: HKU\S-1-5-21-1483475722-1219764467-3277934236-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Phil\AppData\Local\Microsoft\OneDrive\19.232.1124.0008\amd64\FileSyncShell64.dll => No File 
CustomCLSID: HKU\S-1-5-21-1483475722-1219764467-3277934236-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\Phil\AppData\Local\Microsoft\OneDrive\19.232.1124.0008\FileCoAuth.exe
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File 
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File 
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File 
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File 
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File 
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File 
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File 
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File 
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File 
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File 
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File 
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File 
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File 
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File 
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL => No File 
SearchScopes: HKU\S-1-5-21-1483475722-1219764467-3277934236-1001 -> {A79BE33D-4EB3-40E2-B354-BB99B3501D8A} URL =
cmd: netsh winsock reset catalog
cmd: netsh int ip reset resetlog.txt
Reg: reg export HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules C:\Firewall.reg
C:\Firewall.reg
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state ON
cmd: bitsadmin /reset /allusers
cmd: ipconfig /flushdns
Removeproxy:
hosts:
cmd: sfc /scannow
cmd: DISM /Online /Cleanup-Image /CheckHealth
Emptytemp:
End::

• Click Fix
• When completed the tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
• Note: This step resets your Firewall settings and you may be asked later to grant permission for legitimate programs to pass through the Firewall. If you recognize the program agree to the request.
• Note: The Emptytemp: command will remove cookies and may result in some websites (like banking) indicating they do not recognize your computer. It may be necessary to receive and apply a verification code.

• Fixlog

• Right click on the FRST64 icon and select Run as administrator
• Highlight the below information then hit the Ctrl + C keys at the same time and the text will be copied
• There is no need to paste the information anywhere, FRST64 will do it for you

Start::
CloseProcesses:
cmd: DISM /Online /Cleanup-Image /RestoreHealth
End::

• Click Fix
• When completed the tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
• How is your computer running?

• Fixlog
• How is your computer running?
• FRST scan reports

thanks Gary, running much better!

Hi Gary,

No indication I can see of malware today.  How do the logs look?  All set here?

Thanks

No questions. thank you for your help Gary