There doesn't appear to be an obvious virus as the computer works well except is very slow. I don't have any popups or anything like that. I was organizing some files and videos and copying files from one drive to another and often when I select the files I want to copy and then select the target drive and select paste nothing happens. I'll select past a few times and then three or four minutes later I have it trying to copy 4 or 5 times, or however many times I pressed place. It is also terrible slow booting up, and very often in Windows Mail I will select an email or select create email and then screen goes lighter and says not responding. Often after two or three minutes it will finally work again.
Below please find the logs from FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22.05.2024 01
Ran by DW (administrator) on SAMSUNG (SAMSUNG ELECTRONICS CO., LTD. 550P5C/550P7C) (29-05-2024 11:59:17)
Running from C:\1-VIRUS PROGRAMS\FRST64.exe
Loaded Profiles: DW
Platform: Microsoft Windows 10 Home Version 22H2 19045.4412 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Anvsoft\Syncios\adb.exe
(5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Anvsoft Inc. -> ) C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe
(C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe ->) (Anvsoft Inc. -> ) C:\Program Files (x86)\Anvsoft\Syncios\androidnotifier.exe
(C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe ->) (NETGEAR TAIWAN CO., LTD -> ) C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
(C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsCmdServer.exe
(C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsEventHandler.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Users\DW\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\DW\AppData\Local\PowerToys\PowerToys.AlwaysOnTop.exe
(C:\Users\DW\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\DW\AppData\Local\PowerToys\PowerToys.Awake.exe
(C:\Users\DW\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\DW\AppData\Local\PowerToys\PowerToys.ColorPickerUI.exe
(C:\Users\DW\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\DW\AppData\Local\PowerToys\PowerToys.CropAndLock.exe
(C:\Users\DW\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\DW\AppData\Local\PowerToys\PowerToys.FancyZones.exe
(C:\Users\DW\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\DW\AppData\Local\PowerToys\PowerToys.PowerLauncher.exe
(C:\Users\DW\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\DW\AppData\Local\PowerToys\PowerToys.PowerOCR.exe
(C:\Users\DW\AppData\Local\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\DW\AppData\Local\PowerToys\WinUI3Apps\PowerToys.Peek.UI.exe
(C:\Users\DW\AppData\Local\WonderShare\Wondershare NativePush\WsNativePushService.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\DW\AppData\Local\WonderShare\Wondershare NativePush\WsToastNotification.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(explorer.exe ->) () [File not signed] C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc) C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\iCloudHome.exe
(explorer.exe ->) (NETGEAR TAIWAN CO., LTD -> NETGEAR Inc.) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
(explorer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(explorer.exe ->) (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(explorer.exe ->) (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Newsoft Technology Company -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (GuinpinSoft inc) [File not signed] C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.2.0_x64.exe
(services.exe ->) (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel® Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\NisSrv.exe
(services.exe ->) (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(services.exe ->) (Newyu) [File not signed] C:\Program Files (x86)\LibreView Device Drivers\LibreViewMASMonitor.exe
(services.exe ->) (NortonLifeLock Inc. -> ) C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(services.exe ->) (Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(services.exe ->) (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(services.exe ->) (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(services.exe ->) (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(services.exe ->) (Sony Imaging Products & Solutions Inc. -> Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(services.exe ->) (SOURCENEXT) [File not signed] C:\Windows\SysWOW64\bgsvcgen.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (TransAction Software, D 81737 Munich) [File not signed] C:\Program Files (x86)\GM SPO\eSI\Transbase\tbmux32.exe
(services.exe ->) (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\DW\AppData\Local\WonderShare\Wondershare NativePush\WsNativePushService.exe
(Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft) C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
(spool\drivers\x64\3\WrtMon.exe ->) () [File not signed] C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple, Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxext.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\DW\AppData\Local\PowerToys\PowerToys.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(svchost.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MFNetworkScanUtility] => C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE [486552 2012-09-26] (CANON INC. -> CANON INC.)
HKLM\...\Run: [WrtMon.exe] => C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe [20480 2006-09-20] () [File not signed]
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1795912 2015-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" (No File)
HKLM\...\Run: [Seagate Scheduler2 Service] => C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe [826296 2021-12-05] (Acronis International GmbH -> Acronis International GmbH)
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [7580488 2021-11-17] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
HKLM\...\Run: [UniConverterUpdateHelper] => C:\Program Files\Wondershare\UniConverter 15\WSVCUUpdateHelper.exe [7680 2023-08-25] () [File not signed]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (Newsoft Technology Company -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe [1925136 2016-07-14] (Anvsoft Inc. -> )
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [3029480 2018-05-09] (Sony Imaging Products & Solutions Inc. -> Sony Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5314096 2020-03-06] (Adobe Inc. -> Adobe Systems Inc.) [File not signed]
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2311840 2020-03-11] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1562304 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
HKLM-x32\...\Run: [DiscWizardMonitor.exe] => C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe [5043712 2021-12-05] (Acronis International GmbH -> )
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [447520 2021-02-11] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (Canon Inc. -> CANON INC.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\Run: [Artisan 710(Network)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFSA.EXE [223232 2009-02-23] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) <==== ATTENTION
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\Run: [EPSON5F1574 (Artisan 837)] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHOA.EXE [232448 2011-01-20] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) <==== ATTENTION
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\Run: [Google Photos Backup] => C:\Users\DW\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-08] (Google Inc -> Google, Inc)
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\Run: [EPSONF80F55] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFSA.EXE [223232 2009-02-23] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) <==== ATTENTION
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\Run: [Avanquest Message] => C:\Users\DW\AppData\Local\Avanquest\Avanquest Message\AQNotif.exe [602264 2022-09-15] (Avanquest Software SAS -> Avanquest Software)
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [610904 2018-07-22] (NETGEAR TAIWAN CO., LTD -> NETGEAR Inc.)
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31300376 2023-03-08] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\Run: [EPSON Artisan 837 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHOA.EXE [232448 2011-01-20] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) <==== ATTENTION
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [142568 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\Run: [611dd93a9b5c578be68b17d997792402] => "C:\Program Files\DVDFab\DVDFab 12\LiveUpdate.exe" --run_mode=background_check (No File)
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\Run: [MicrosoftEdgeAutoLaunch_1B5F805D403297572B66377A3AD5970A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4136912 2024-05-24] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45430176 2024-05-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-18\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31300376 2023-03-08] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\...\Windows x64\Print Processors\Canon MG7100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBR.DLL [30208 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\JournalPrint: C:\Windows\System32\spool\prtprocs\x64\jnwppr.dll [27648 2015-10-30] (Microsoft Corporation) [File not signed]
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65488 2020-03-06] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG7100 series: C:\WINDOWS\system32\CNMLMBR.DLL [391168 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG7100 series XPS: C:\WINDOWS\system32\CNMXLMBR.DLL [393728 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [359936 2013-01-24] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon MFNP Port: C:\WINDOWS\system32\CNCENPM6.dll [152064 2012-09-25] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon WSD Language Monitor: C:\WINDOWS\system32\cnnx0_flm.dll [1420800 2013-02-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\CPCA Language Monitor3b: C:\WINDOWS\system32\CNAS0MOK.DLL [1006080 2012-08-09] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\EPSON Artisan 710 Series 64MonitorBA: C:\WINDOWS\system32\E_ILMFSA.DLL [118784 2008-11-12] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [558592 2010-09-13] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{401C381F-E0DE-4B85-8BD8-4F3F14FBDA57}] -> C:\Program Files (x86)\Microsoft\Edge Dev\Application\126.0.2592.11\Installer\setup.exe [2024-05-22] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\125.0.6422.78\Installer\chrmstp.exe [2024-05-23] (Google LLC -> Google LLC)
Startup: C:\Users\DW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2016-04-24]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1716179C-0E32-4041-8E58-02C624AF5627} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {277673F2-84CF-462C-914B-E3924939C30B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {4632CB03-804E-45AD-87C2-7E857AF67225} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {60348F3B-DD60-4B55-B545-2FD1306BB4C7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {B68423E7-5871-48C2-84A1-400B2B09ADB4} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {EE5EC57F-7067-4C86-A943-0DA616E869C0} - System32\Tasks\{382206AF-3B40-4179-A5AB-6282A401826A} => C:\Users\DW\AppData\Local\Temp\BFA44C5D-9663-4283-A550-9288F26E4F7F\ga_service.exe /uninstall (No File) <==== ATTENTION
Task: {17D34192-98B4-44CD-A944-DC4473DE6FE4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (No File)
Task: {CED67199-130F-4CBF-96BC-BF33C3A98ED5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-02] (Adobe Inc. -> Adobe)
Task: {61E5BE20-6F50-4353-8BFD-AA23A101FF6F} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4096992 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {90BD6014-5FBC-4F91-AE13-464D867F0F9F} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [4434400 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {42353198-F744-4A38-8AD4-E1CEFA085FA6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task (No File)
Task: {434426E4-8FA4-4F42-BA63-8B49CD877194} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-05-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {68391D25-35A4-4802-BF4E-DDAD0EB17F68} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-05-20] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "00b9b2b7-f2cc-40f1-8cc8-99aca83dfac7" --version "6.24.11060" --silent
Task: {DCBF82B5-98A6-41AE-8D61-BEDD1EF096CB} - System32\Tasks\CCleanerSkipUAC - DW => C:\Program Files\CCleaner\CCleaner.exe [39169952 2024-05-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {17CE0499-0EFB-4C81-9D2A-D7C6B0D36574} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [29464 2023-03-08] (Garmin International, Inc. -> )
Task: {E9E489CA-1CBB-495E-B1E9-1ED738C5078C} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem127.0.6490.0{E5D936B7-76BC-4144-9455-C87BA4C1C255} => C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
Task: {EBF56357-34F8-47A7-A878-2EE8100D5145} - System32\Tasks\LaunchSettings => C:\Program Files (x86)\Samsung\Settings\Settings.exe [2180416 2015-06-24] (Samsung Electronics CO., LTD. -> )
Task: {5B58FE00-0DEA-44A7-8504-6CD31056CA17} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {9E24E4B6-4067-482A-B25B-15EF5D1D2C4E} - System32\Tasks\Microsoft\Windows\rempl\shell => %ProgramFiles%\rempl\sedlauncher.exe (No File)
Task: {DFF2716A-9978-4791-98AE-2BF5C363692A} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {9401A8E8-3D4C-4619-B411-B1E22F037E12} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A4E3215E-4C43-4AE9-8AE8-DF0C50C3530B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D3DBA5FA-3E10-450F-8010-F98FD1BE91B9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B7CEDCA8-9388-459E-8660-9C89F4486FFB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe join (No File)
Task: {9C46B632-F678-4397-ACDC-9D04C60BAAEF} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2201376 2015-07-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {98B39FB2-A757-49FB-9482-A26DA14C7E24} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1568032 2015-07-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {3CF9D835-0A55-447B-A6C0-C93E840B98C3} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [6526328 2016-03-01] (Nero AG -> Nero AG)
Task: {21F281A3-9650-4E98-9BD6-12515C0A0F9B} - System32\Tasks\PowerToys\Autorun for DW => C:\Users\DW\AppData\Local\PowerToys\PowerToys.exe [1212960 2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {0C69260B-DB02-4933-8974-505D253158F8} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {7D4B3C6D-92C7-40FA-8FDC-B6706BC73893} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2975056 2014-10-29] (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.)
Task: {48C6BDE7-2F97-4F37-856C-9E52CA9CC0FC} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [1952448 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
Task: {25166472-6623-4403-BD3A-E96905E34804} - System32\Tasks\Settings => "C:\Program Files (x86)\Samsung\Settings\sSettings.exe" -> C:\Program Files (x86)\Samsung\Settings\/s
Task: {3A1AE8E4-7C30-43BB-95D5-872881AED288} - System32\Tasks\SettingsHibernateMonitor => C:\Program Files (x86)\Samsung\Settings\SettingsHibernateMonitor.exe [1721152 2015-06-24] (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4bc135d7-d744-4b2e-af03-507f7c60d846}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4bc135d7-d744-4b2e-af03-507f7c60d846}\3484546554C4C454: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4bc135d7-d744-4b2e-af03-507f7c60d846}\3686566756C6C65613: [DhcpNameServer] 64.59.135.133 64.59.128.120
Tcpip\..\Interfaces\{4bc135d7-d744-4b2e-af03-507f7c60d846}\3686566756C6C65613: [DhcpDomain] mh.shawcable.net
Tcpip\..\Interfaces\{beda85ff-0626-4cb7-b6c2-c5a543d103ca}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\DW\AppData\Local\Microsoft\Edge\User Data\Default [2024-05-28]
Edge Notifications: Default -> hxxps://113aagmtluq9lble07.kanafx.co.in; hxxps://15cefgmtlj6qd8nd34.kanafx.co.in; hxxps://cam.airlive.net; hxxps://chatnewstoday.ca; hxxps://hutters.click; hxxps://rapidgator.net; hxxps://wm-so.glb.shawcable.net; hxxps://www.airlive.net; hxxps://www.kijiji.ca
Edge HomePage: Default -> hxxp://finance.yahoo.com/market-overview/
Edge StartupUrls: Default -> "hxxp://c.finance.a1.b.yahoo.com/marketupdate/overview","hxxp://finance.yahoo.com/market-overview/"
Edge Extension: (ePub Reader) - C:\Users\DW\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aiabddoiibegjigldjkaafhmighgiaph [2024-05-12]
Edge Extension: (Google Docs Offline) - C:\Users\DW\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-27]
Edge Extension: (Edge relevant text changes) - C:\Users\DW\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-28]
StartMenuInternet: Microsoft Edge Dev - C:\Program Files (x86)\Microsoft\Edge Dev\Application\msedge.exe
FireFox:
========
FF ProfilePath: C:\Users\DW\AppData\Roaming\TomTom\HOME\Profiles\ldjufvt2.default [2021-08-13]
FF Extension: (No Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\DW\AppData\Roaming\Mozilla\Firefox\Profiles\fyt5gc2c.default [2024-05-29]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-03-05]
FF HKLM-x32\...\Firefox\Extensions: [AMVCU@Aimersoft.com] - C:\ProgramData\Aimersoft\Video Converter Ultimate\AMVCU@Aimersoft.com_xpi
FF Extension: (Aimersoft Video Converter Ultimate) - C:\ProgramData\Aimersoft\Video Converter Ultimate\AMVCU@Aimersoft.com_xpi [2018-12-27] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\Program Files (x86)\Common Files\Nero\BrowserPlugin\npBrowserPlugin.dll [2016-02-29] (Nero AG -> Nero AG)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.20 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\DW\AppData\Local\Google\Chrome\User Data\Default [2020-06-06]
CHR Extension: (Slides) - C:\Users\DW\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-04-08]
CHR Extension: (Docs) - C:\Users\DW\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-04-08]
CHR Extension: (Google Drive) - C:\Users\DW\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-10]
CHR Extension: (YouTube) - C:\Users\DW\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-10]
CHR Extension: (Google Search) - C:\Users\DW\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-10]
CHR Extension: (Adobe Acrobat) - C:\Users\DW\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-04-17]
CHR Extension: (Sheets) - C:\Users\DW\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-04-08]
CHR Extension: (Google Docs Offline) - C:\Users\DW\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-06]
CHR Extension: (Flash® Player for YouTube™) - C:\Users\DW\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajdkhdcndkniopfefocbgbkofflagpm [2018-04-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\DW\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-17]
CHR Extension: (Gmail) - C:\Users\DW\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-30]
CHR Extension: (Chrome Media Router) - C:\Users\DW\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-06]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-02] (Adobe Inc. -> Adobe)
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6388072 2021-05-08] (Acronis International GmbH -> )
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [4555744 2023-11-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 bgsvcgen; C:\Windows\SysWOW64\bgsvcgen.exe [139264 2015-06-11] (SOURCENEXT) [File not signed]
R3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1085856 2024-05-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 CdRomArbiterService; C:\Program Files\Common Files\cdarbsvc\cdarbsvc_v1.2.0_x64.exe [9728 2023-04-15] (GuinpinSoft inc) [File not signed]
R2 EPSON_EB_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [168448 2011-01-11] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [131072 2011-01-11] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
S2 GenieTimelineService; C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe [673856 2014-06-18] (GENIE9 LTD -> Genie9)
S2 GoogleUpdaterInternalService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
S2 GoogleUpdaterService127.0.6490.0; C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe [4785440 2024-05-20] (Google LLC -> Google LLC)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
R2 LibreViewMASMonitor; C:\Program Files (x86)\LibreView Device Drivers\LibreViewMASMonitor.exe [14848 2019-02-19] (Newyu) [File not signed]
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [8929608 2021-11-17] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8887264 2024-05-24] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpDefenderCoreService.exe [1489000 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 MediaMall Server; C:\Program Files (x86)\MediaMall\MediaMallServer.exe [8305248 2020-09-30] (MediaMall Technologies, Inc. -> MediaMall Technologies, Inc.)
S3 MicrosoftEdgeDevElevationService; C:\Program Files (x86)\Microsoft\Edge Dev\Application\126.0.2592.11\elevation_service.exe [1826344 2024-05-22] (Microsoft Corporation -> Microsoft Corporation)
R2 NativePushService; C:\Users\DW\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [594320 2023-06-29] (Wondershare Technology Group Co.,Ltd -> Wondershare)
S3 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [233456 2017-07-04] (Netgear Incorporated -> NETGEAR)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [498152 2018-05-09] (Sony Imaging Products & Solutions Inc. -> Sony Corporation)
S2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16120 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
S2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143560 2017-09-16] (Seagate Technology LLC -> Seagate Technology LLC)
R2 Settings Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\SettingsLauncher.exe [1594176 2015-06-24] (Samsung Electronics CO., LTD. -> Samsung Electronics CO., LTD.)
R2 SgtSch2Svc; C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe [1263608 2021-12-05] (Acronis International GmbH -> Acronis International GmbH)
S2 SITomcat; C:\Program Files (x86)\GM SPO\eSI\Apache Group\Tomcat 4.1\bin\tomcat.exe [65536 2003-10-27] (Alexandria Software Consulting) [File not signed]
R2 SITransbase; C:\Program Files (x86)\GM SPO\eSI\Transbase\tbmux32.exe [165376 2001-11-20] (TransAction Software, D 81737 Munich) [File not signed]
R2 SurfEasyVPN; C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe [2794272 2022-08-17] (NortonLifeLock Inc. -> )
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3296672 2017-06-09] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [5911456 2021-02-11] (Acronis International GmbH -> Acronis International GmbH)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [366720 2020-03-11] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\NisSrv.exe [3236840 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MsMpEng.exe [133704 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
S4 WsDrvInst; C:\Program Files (x86)\Aimersoft\Video Converter Ultimate\Transfer\DriverInstall.exe [112496 2020-04-13] (WONBO TECHNOLOGY Co.,LIMITED -> Wondershare)
S2 AcrSch2Svc; "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [39272 2023-06-27] (Apple Inc. -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [55608 2023-06-27] (Apple Inc. -> Apple Inc.)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2021-02-11] (Bitdefender SRL -> Bitdefender)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [392840 2022-07-02] (Acronis International GmbH -> Acronis International GmbH)
R0 fltsrv; C:\WINDOWS\System32\DRIVERS\fltsrv.sys [183944 2021-05-08] (Acronis International GmbH -> Acronis International GmbH)
S3 GeneStor; C:\WINDOWS\system32\DRIVERS\GeneStor.sys [115704 2015-07-09] (GENESYS LOGIC, INC. -> GenesysLogic)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-06-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-02-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 msvad_simple; C:\WINDOWS\system32\drivers\povrtdev.sys [28528 2013-12-17] (MediaMall Technologies, Inc. -> MediaMall Technologies, Inc.)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R1 ngscan; C:\WINDOWS\System32\DRIVERS\ngscan.sys [171312 2021-02-11] (Acronis International GmbH -> Acronis International GmbH)
R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35344 2019-08-15] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
R3 RadioHIDMini; C:\WINDOWS\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Samsung Electronics CO., LTD. -> Windows ® Win 7 DDK provider)
R3 SymTAP; C:\WINDOWS\System32\drivers\SymTAP.sys [52104 2019-05-07] (Symantec Corporation -> The OpenVPN Project)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [49744 2022-10-31] (nordvpn s.a. -> The OpenVPN Project)
R3 tapse01; C:\WINDOWS\System32\drivers\tapse01.sys [26624 2015-03-05] (SurfEasy Inc -> The OpenVPN Project)
S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [887032 2022-07-02] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [176248 2022-07-02] (Acronis International GmbH -> Acronis International GmbH)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [334984 2022-07-02] (Acronis International GmbH -> Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [251016 2022-07-02] (Acronis International GmbH -> Acronis International GmbH)
R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21056 2024-05-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601496 2024-05-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105880 2024-05-17] (Microsoft Windows -> Microsoft Corporation)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2023-05-11] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
R3 WsAudio_Device; C:\WINDOWS\system32\drivers\VirtualAudio.sys [31080 2015-02-27] (Wondershare Software Co., Ltd. -> Wondershare)
S3 WsAudio_Device(1); C:\WINDOWS\system32\drivers\VirtualAudio1.sys [31080 2013-01-25] (Wondershare Software Co., Ltd. -> Wondershare)
S3 MpKsl37921581; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6BB7AB1D-1786-4D87-9BBC-10BA6E1132C4}\MpKslDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-05-28 19:51 - 2024-05-28 19:51 - 000000000 ____D C:\ProgramData\Piriform
2024-05-28 19:50 - 2024-05-29 07:49 - 000000000 ____D C:\Program Files\CCleaner
2024-05-28 19:50 - 2024-05-28 20:18 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-05-28 19:50 - 2024-05-28 20:18 - 000000906 _____ C:\Users\Public\Desktop\CCleaner.lnk
2024-05-28 19:50 - 2024-05-28 19:56 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-05-28 19:50 - 2024-05-28 19:50 - 000003382 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-05-28 19:50 - 2024-05-28 19:50 - 000002876 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - DW
2024-05-28 19:50 - 2024-05-28 19:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2024-05-28 19:48 - 2024-05-29 08:26 - 000000000 ____D C:\1-VIRUS PROGRAMS
2024-05-28 19:48 - 2024-05-28 19:48 - 000000000 ____D C:\New folder (9)
2024-05-27 16:30 - 2024-05-27 16:30 - 000700475 _____ C:\Users\DW\Downloads\Unconfirmed 433652.crdownload
2024-05-27 12:49 - 2024-05-27 12:49 - 000700475 _____ C:\Users\DW\Downloads\Unconfirmed 601709.crdownload
2024-05-24 13:30 - 2024-05-25 19:54 - 000000000 ____D C:\CITY PROPERTY TAXES
2024-05-22 19:53 - 2024-05-22 19:53 - 002113167 _____ C:\Users\DW\Downloads\Unconfirmed 987153.crdownload
2024-05-22 19:53 - 2024-05-22 19:53 - 002113167 _____ C:\Users\DW\Downloads\Unconfirmed 97812.crdownload
2024-05-22 19:53 - 2024-05-22 19:53 - 002113167 _____ C:\Users\DW\Downloads\Unconfirmed 636511.crdownload
2024-05-22 19:53 - 2024-05-22 19:53 - 002113167 _____ C:\Users\DW\Downloads\Unconfirmed 462400.crdownload
2024-05-22 19:53 - 2024-05-22 19:53 - 002113167 _____ C:\Users\DW\Downloads\Unconfirmed 197147.crdownload
2024-05-21 17:59 - 2024-05-21 18:00 - 000000000 ____D C:\BRIAN-MONTREAL
2024-05-21 12:33 - 2024-05-21 12:42 - 1456488069 _____ C:\Users\DW\Downloads\Unconfirmed 397530.crdownload
2024-05-12 09:32 - 2024-05-12 09:33 - 183664833 _____ C:\Users\DW\Downloads\Unconfirmed 33289.crdownload
2024-05-11 12:53 - 2024-05-11 12:53 - 000000000 ____D C:\1-NEW DOWNLOAD MAY 2024
2024-05-02 09:11 - 2024-05-02 09:26 - 000000000 ____D C:\ROYAL BANK INVESTMENTS
2024-04-30 14:28 - 2024-04-30 14:28 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2024-04-29 12:02 - 2024-04-29 12:21 - 000000000 ____D C:\ProgramData\T2022bk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-05-29 12:00 - 2015-06-01 13:43 - 000000000 ____D C:\FRST
2024-05-29 11:35 - 2021-08-22 12:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-05-29 11:02 - 2019-12-07 03:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-05-29 08:16 - 2021-08-22 12:55 - 000840598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-05-29 08:16 - 2019-12-07 03:13 - 000000000 ____D C:\WINDOWS\INF
2024-05-29 08:13 - 2016-01-22 16:19 - 000000000 ____D C:\Users\DW\AppData\Local\NETGEARGenie
2024-05-29 07:55 - 2019-10-06 08:41 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2024-05-28 22:28 - 2021-10-11 12:17 - 000000000 ____D C:\WINDOWS\Minidump
2024-05-28 22:28 - 2021-08-17 12:07 - 000000000 ___DC C:\WINDOWS\Panther
2024-05-28 22:28 - 2017-02-12 22:30 - 000000000 ____D C:\Users\DW\AppData\Local\CrashDumps
2024-05-28 22:28 - 2015-06-05 14:19 - 000000000 ____D C:\ProgramData\Aimersoft Video Converter Ultimate
2024-05-28 20:20 - 2012-12-13 07:56 - 000000000 ____D C:\temp
2024-05-28 20:15 - 2016-05-18 03:25 - 000000000 ___RD C:\Users\DW\iCloudDrive
2024-05-28 20:11 - 2023-06-16 19:21 - 000000000 ____D C:\Users\DW\AppData\Local\Malwarebytes
2024-05-28 20:10 - 2023-12-09 20:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\PowerToys
2024-05-28 20:10 - 2015-03-26 22:08 - 000000000 __SHD C:\Users\DW\IntelGraphicsProfiles
2024-05-28 19:56 - 2021-08-22 14:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-05-28 19:56 - 2016-08-17 00:15 - 000000000 ____D C:\ProgramData\NVIDIA
2024-05-28 19:55 - 2020-10-06 07:34 - 000008192 ___SH C:\DumpStack.log.tmp
2024-05-28 19:46 - 2019-12-07 03:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-05-28 19:45 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-05-28 18:57 - 2021-08-22 14:31 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-05-28 18:57 - 2021-08-22 14:31 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-05-28 18:54 - 2015-06-04 20:46 - 000000000 ____D C:\Users\DW\AppData\Roaming\vlc
2024-05-28 12:49 - 2022-12-28 04:21 - 000000000 ____D C:\Users\DW\AppData\LocalLow\IGDump
2024-05-28 03:54 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-05-27 14:16 - 2017-12-11 02:57 - 000000000 ____D C:\Users\DW\AppData\Local\Packages
2024-05-27 13:47 - 2022-11-27 18:12 - 000000000 ____D C:\Users\DW\AppData\Local\JDownloader 2.0
2024-05-26 11:51 - 2023-05-07 08:55 - 000000000 ____D C:\1-DVD RAM DISK
2024-05-25 19:54 - 2015-05-17 19:26 - 000000000 ____D C:\Users\DW\AppData\Roaming\Microsoft\Excel
2024-05-25 07:59 - 2020-06-23 08:49 - 000002481 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-05-25 07:59 - 2020-06-23 08:49 - 000002319 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-05-24 14:16 - 2024-04-24 09:28 - 000003358 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3415231190-2578111039-3513294677-1001
2024-05-24 14:16 - 2024-02-17 10:06 - 000002423 _____ C:\Users\DW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-05-24 14:16 - 2021-12-12 13:21 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3415231190-2578111039-3513294677-1001
2024-05-23 22:49 - 2021-12-20 09:47 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-05-23 22:49 - 2016-02-10 22:41 - 000002344 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-05-23 22:49 - 2016-02-10 22:41 - 000002303 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-05-23 13:43 - 2023-10-21 19:30 - 000000000 ____D C:\1-DVD RAM DISK NEW
2024-05-23 12:19 - 2015-06-01 10:27 - 000000000 ____D C:\MICROSOFT ERRORS
2024-05-22 19:17 - 2019-04-08 20:31 - 000002404 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge Dev.lnk
2024-05-22 19:17 - 2019-04-08 20:31 - 000002363 _____ C:\Users\Public\Desktop\Microsoft Edge Dev.lnk
2024-05-18 17:08 - 2019-12-07 03:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2024-05-17 07:34 - 2018-02-21 14:49 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-05-16 15:36 - 2022-11-18 20:44 - 000000000 ____D C:\Program Files\RUXIM
2024-05-15 18:53 - 2019-12-07 03:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-05-15 17:09 - 2021-08-22 12:25 - 000527208 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-05-15 16:58 - 2019-12-07 03:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-05-15 16:58 - 2019-12-07 03:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-05-15 16:58 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-05-15 16:58 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-05-15 16:58 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-05-15 16:58 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-05-15 16:55 - 2019-12-07 03:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-05-15 16:55 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-05-15 16:55 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-05-15 16:55 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-05-15 16:55 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-05-15 16:55 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-05-15 16:54 - 2019-12-07 03:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-05-15 16:54 - 2019-12-07 03:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-05-15 16:54 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-05-15 16:54 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-05-15 16:54 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-05-15 16:54 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-05-15 16:49 - 2019-12-07 03:52 - 000000000 ____D C:\Program Files\Windows Portable Devices
2024-05-15 16:49 - 2019-12-07 03:52 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2024-05-15 16:49 - 2019-12-07 03:52 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2024-05-15 16:49 - 2019-12-07 03:52 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2024-05-15 16:49 - 2019-12-07 03:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-05-15 16:49 - 2019-12-07 03:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-05-15 16:49 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-05-15 16:49 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-05-15 16:49 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-05-15 16:49 - 2019-12-07 03:03 - 000000000 ____D C:\WINDOWS\servicing
2024-05-15 10:46 - 2021-08-22 12:29 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-05-14 17:19 - 2015-03-26 22:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-05-14 16:50 - 2015-03-26 22:06 - 196465576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-05-12 10:07 - 2015-05-17 19:26 - 000000000 ____D C:\Users\DW\AppData\Roaming\Microsoft\Word
2024-05-12 06:20 - 2021-08-22 12:34 - 000000000 ____D C:\Users\DW
2024-05-12 06:18 - 2019-12-07 03:14 - 000000000 ____D C:\WINDOWS\ServiceState
2024-05-08 09:42 - 2018-06-20 13:52 - 000000000 ____D C:\ProgramData\Packages
2024-05-03 14:30 - 2022-01-02 05:18 - 000000000 ____D C:\Aimersoft Video Converter Ultimate
2024-05-01 08:29 - 2015-06-13 20:00 - 000000000 ____D C:\Users\DW\AppData\Roaming\dvdcss
2024-04-30 14:28 - 2016-02-10 22:41 - 000000000 ____D C:\Program Files (x86)\Google
2024-04-29 12:20 - 2024-03-06 19:52 - 000000000 ____D C:\Program Files (x86)\TurboTax 2023
2024-04-29 12:02 - 2023-03-12 13:43 - 000000000 ____D C:\Program Files (x86)\TurboTax 2022
==================== Files in the root of some directories ========
2021-03-11 22:06 - 2021-03-12 15:54 - 016515464 _____ (Intuit Canada) C:\Users\DW\Intuit.Ctg.Ttd.Views.dll
2019-05-20 10:29 - 2014-12-18 11:59 - 003311104 _____ () C:\Program Files (x86)\GLI2012.exe
2019-05-20 10:29 - 2015-07-22 15:00 - 000912380 _____ () C:\Program Files (x86)\GLI2012_Help.pdf
2019-09-27 08:43 - 2019-09-27 08:43 - 012666880 _____ () C:\Program Files (x86)\GUTE84E.tmp
2019-05-20 10:29 - 2019-05-20 10:29 - 000001066 _____ () C:\Program Files (x86)\INSTALL.LOG
2019-05-20 10:29 - 1999-02-22 18:46 - 000148992 _____ () C:\Program Files (x86)\UNWISE.EXE
2023-04-15 17:50 - 2023-04-15 17:50 - 000000171 _____ () C:\Users\DW\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2016-12-08 10:19 - 2016-12-08 10:32 - 000000750 _____ () C:\Users\DW\AppData\Roaming\PPTConverter.log
2023-07-11 20:15 - 2023-07-12 13:53 - 000000128 _____ () C:\Users\DW\AppData\Roaming\winscp.rnd
2022-10-19 15:08 - 2022-10-19 15:08 - 000000036 _____ () C:\Users\DW\AppData\Local\.__explain_this_is_writeable_not_delete__
2015-04-25 23:42 - 2015-04-25 23:42 - 000000064 _____ () C:\Users\DW\AppData\Local\4aa95e7945fc9b93b3a68a7f59a6d801
2017-09-17 17:20 - 2017-09-17 17:20 - 000004096 ____H () C:\Users\DW\AppData\Local\keyfile3.drm
2018-09-28 09:05 - 2018-09-28 09:05 - 000000000 _____ () C:\Users\DW\AppData\Local\oobelibMkey.log
2015-09-10 16:04 - 2023-12-09 22:18 - 000007625 _____ () C:\Users\DW\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22.05.2024 01
Ran by DW (29-05-2024 12:07:04)
Running from C:\1-VIRUS PROGRAMS
Microsoft Windows 10 Home Version 22H2 19045.4412 (X64) (2021-08-22 20:42:17)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3415231190-2578111039-3513294677-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3415231190-2578111039-3513294677-503 - Limited - Disabled)
DW (S-1-5-21-3415231190-2578111039-3513294677-1001 - Administrator - Enabled) => C:\Users\DW
Guest (S-1-5-21-3415231190-2578111039-3513294677-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3415231190-2578111039-3513294677-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-3415231190-2578111039-3513294677-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\{F2E04A40-3EA7-42F8-B7CC-B6E7A39DC150}) (Version: 22.0.0.153 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.293 - Adobe)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.4.0.63 - Adobe Inc.)
Aimersoft DRM Media Converter(Build 1.5.5.0) (HKLM-x32\...\Aimersoft DRM Media Converter_is1) (Version: - Aimersoft Software)
Aimersoft Helper Compact 2.5.2 (HKLM-x32\...\{405147F7-FCC5-499B-A27E-EA6BD4A80435}_is1) (Version: 2.5.2 - Aimersoft)
Aimersoft Video Converter Ultimate(Build 11.7.4.3) (HKLM-x32\...\Aimersoft Video Converter Ultimate_is1) (Version: 11.7.4.3 - Aimersoft Software)
Aimersoft Video Editor(Build 3.6.2) (HKLM-x32\...\Aimersoft Video Editor_is1) (Version: - Aimersoft Software)
ANT Drivers Installer x64 (HKLM\...\{CE6AF3A9-4B51-4894-B609-92FE69E08996}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{C3A282C9-4C8B-4A63-B449-3A064FB378D7}) (Version: 8.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{CC046FB9-E84E-4092-B924-DBE33DA2BE75}) (Version: 8.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 0.0.-218103565.9185360 - Audible, Inc.)
Avanquest Message (HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\{20573C69-4A68-4BEF-A23D-365CB66924CE}) (Version: 2.16.0 - Avanquest Software)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.18.170105 - )
Avidemux VC++ 64bits (HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\{318d37cf-dfb5-4154-bae5-ec3b6b431640}) (Version: 2.8.1 - Mean)
Avidemux VC++ 64bits (HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\{639c0751-b2d8-40ac-905c-24cea9f448e4}) (Version: 2.7.3 - Mean)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
calibre (HKLM-x32\...\{C1ABA225-DEC3-4F06-B7E7-7EA785BDC120}) (Version: 3.23.0 - Kovid Goyal)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MF Toolbox 4.9.1.1.mf17 (HKLM-x32\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf17 - CANON INC.)
Canon MF4100 Series (HKLM\...\{239A8D60-270B-42e8-82D3-60D70A2942E0}) (Version: - )
Canon MF4800 Series (HKLM\...\{444085BE-389B-4330-A291-3FC258B846EC}) (Version: 4.1.0.1 - CANON INC.)
Canon MG7100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG7100_series) (Version: 1.00 - Canon Inc.)
Canon MG7100 series On-screen Manual (HKLM-x32\...\Canon MG7100 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.24 - Piriform)
CopyTrans Control Center Uninstall Only (HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\CopyTrans Suite) (Version: 5.003 - WindSolutions)
CopyTrans HEIC for Windows (HKLM\...\CopyTrans HEIC for Windows_is1) (Version: 2.0.0.0 - Ursa Minor Ltd)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
DVDVob2Mpg 3.0 (HKLM-x32\...\DVDVob2Mpg_is1) (Version: 3.0 - Smart Projects)
EaseUS MobiMover 5.6.11 (HKLM-x32\...\EaseUS MobiMover_is1) (Version: - EaseUS)
Elevated Installer (HKLM-x32\...\{68AB1C40-97AB-4CBD-B20B-BF60BFA6B73E}) (Version: 7.16.3.0 - Garmin Ltd or its subsidiaries) Hidden
EPSON Artisan 710 Series Printer Uninstall (HKLM\...\EPSON Artisan 710 Series) (Version: - SEIKO EPSON Corporation)
EPSON Artisan 837 Series Printer Uninstall (HKLM\...\EPSON Artisan 837 Series) (Version: - SEIKO EPSON Corporation)
Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.44.00 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
EpsonNet Setup (HKLM-x32\...\{FFFAE01B-466F-4C07-9821-A94FD753BDDA}) (Version: 3.1c - SnEIKO EPSON CORPORATION)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Garmin Express (HKLM-x32\...\{504335d2-bcff-4687-a901-c1cfde7acd23}) (Version: 7.16.3.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{E0E153D2-5A9B-4B1A-B918-9A9ED0C8863B}) (Version: 7.16.3.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{e6c731bf-7bcd-47f3-8c8d-0a9940d9b57f}) (Version: 7.12.0.0 - Garmin Ltd or its subsidiaries)
GLI-2012 Predicted Values (HKLM-x32\...\GLI-2012 Predicted Values) (Version: - )
GM Service Manual v09 (HKLM-x32\...\{E4B89BA1-01F4-4C81-B849-EA2A94EDB594}_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 125.0.6422.78 - Google LLC)
Google Photos Backup (HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
HandBrake 1.2.2 (HKLM-x32\...\HandBrake) (Version: 1.2.2 - )
HOT2000 v11.2 (HKLM-x32\...\{2B3EC3E7-1C1B-408B-A8B8-5B3BADB0090E}_is1) (Version: 11.2 - Natural Resources Canada)
iCloud Outlook (HKLM\...\{B87F5B14-C118-472C-93C9-05F35D0361DB}) (Version: 11.3.0.59 - Apple Inc.)
iMobie AnyTrans version 5.5.0.20170217 (HKLM-x32\...\{0FAC3188-E745-4D07-862A-3430302469FE}_is1) (Version: 5.5.0.20170217 - iMobie)
inPixio Photo Clip 8 (HKLM-x32\...\{65634D2B-B6D1-4B35-B4C9-F3999B8D008B}) (Version: 8.0.0 - InPixio)
InPixio Photo Clip 8.0.0 Activation version 8.0.0 (HKLM-x32\...\{DC7C109D-D170-4457-88FE-A6D4AD96450E}_is1) (Version: 8.0.0 - InPixio)
inPixio Photo Clip 9 (HKLM-x32\...\{45C85359-2C7F-4D57-B445-95C7CD82EF3A}) (Version: 9.02.0 - InPixio)
inPixio Photo Editor 8 (HKLM-x32\...\{86CB275A-E5BE-46BD-9DAA-F225A8DFB5A9}) (Version: 8.3 - InPixio)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4242 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}) (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (HKLM\...\{B5E06417-A4AC-4225-B36E-7E34C91616E7}) (Version: 1.31.8.1 - Intel Corporation) Hidden
iPhone 6 Data Recovery (HKLM-x32\...\iPhone 6 Data Recovery) (Version: - Tenorshare, Inc.)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0.1 - AppWork GmbH)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Leawo PowerPoint to Video Pro version 2.8.0.0 (HKLM-x32\...\{5D5CB188-F9B1-4103-B2AD-07FB33068377}_is1) (Version: 2.8.0.0 - Leawo Software)
LibreView Device Drivers (HKLM-x32\...\{D2200BF1-9BF0-4C1C-9282-A727FFCC5046}) (Version: 3.2.2 - Newyu)
Macrium Reflect Free Edition (HKLM\...\{8E0D2C1A-C209-4E34-B31A-89F4471D47CB}) (Version: 7.3.6391 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 7.3 - Paramount Software (UK) Ltd.)
MakeMKV v1.17.5 (HKLM-x32\...\MakeMKV) (Version: v1.17.5 - GuinpinSoft inc)
Malwarebytes version 4.6.13.324 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.13.324 - Malwarebytes)
MediaInfo 0.7.96 (HKLM\...\MediaInfo) (Version: 0.7.96 - MediaArea.net)
MergeModule_x64 (HKLM\...\{12DCC5A7-0100-4433-B4FF-217A3C5DC83B}) (Version: 9.3.00 - Sony Corporation) Hidden
MergeModule_x86 (HKLM-x32\...\{42251A8D-C4AE-4D3B-8A50-948CB98A0969}) (Version: 10.5.00 - Sony Corporation) Hidden
Microlife AA 3.2.5 (HKLM-x32\...\InstallShield_{B7114AC6-C4D5-4D14-93C6-A74F0066CDC1}) (Version: 3.2.5 - Microlife)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 125.0.2535.67 - Microsoft Corporation)
Microsoft Edge Dev (HKLM-x32\...\Microsoft Edge Dev) (Version: 126.0.2592.11 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 125.0.2535.67 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.5.166.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (HKLM-x32\...\{90120000-0117-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (English) 2007 (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (HKLM-x32\...\{90120000-00BA-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (HKLM-x32\...\{90120000-0114-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2007 (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (HKLM-x32\...\{90120000-002C-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}) (Version: - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (HKLM\...\{90120000-002A-0409-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (HKLM\...\{90120000-0116-0409-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (HKLM-x32\...\{90120000-0115-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\OneDriveSetup.exe) (Version: 24.091.0505.0003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30139 (HKLM-x32\...\{2c673fb6-3e65-4751-965d-33d30b68a8a6}) (Version: 14.29.30139.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30135 (HKLM-x32\...\{b7a2b241-3f54-4d7d-94d1-8ce0146e03c7}) (Version: 14.29.30135.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30139 (HKLM\...\{7F4A9F52-173F-4B0D-B1EA-269C32EDA827}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30139 (HKLM\...\{A6D3F752-BF11-4D7C-B19C-F6F96A35CF50}) (Version: 14.29.30139 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30135 (HKLM-x32\...\{77EB1EA9-8E1B-459D-8CDC-1984D0FF15B6}) (Version: 14.29.30135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30135 (HKLM-x32\...\{36A1E79B-581A-4FE5-843D-84C2D3C9431E}) (Version: 14.29.30135 - Microsoft Corporation) Hidden
Microsoft Visual C++ Run Time Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
MKVToolNix 35.0.0 (32-bit) (HKLM-x32\...\MKVToolNix) (Version: 35.0.0 - Moritz Bunkus)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (HKLM-x32\...\{D0B44725-3666-492D-BEF6-587A14BD9BD9}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden
Nero 2016 (HKLM-x32\...\{9C637A56-4287-487F-95BF-1422FC1AA879}) (Version: 17.0.04500 - Nero AG)
Nero Burning Core (HKLM-x32\...\{A163159C-B476-4501-B163-3F77809AC833}) (Version: 17.0.8000 - Nero AG) Hidden
Nero Burning ROM (HKLM-x32\...\{CFB0F37D-22E7-4F37-8FAE-B319A58AC5B9}) (Version: 17.0.8000 - Nero AG) Hidden
Nero ControlCenter (HKLM-x32\...\{ABC88553-8770-4B97-B43E-5A90647A5B63}) (Version: 11.2.0023 - Nero AG) Hidden
Nero Core Components (HKLM-x32\...\{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}) (Version: 11.4.0049 - Nero AG) Hidden
Nero CoverDesigner (HKLM-x32\...\{92EBE575-0C6E-4713-B095-34BB927E5AC6}) (Version: 17.0.9000 - Nero AG) Hidden
Nero Device Updates (HKLM-x32\...\{1C63279A-BF36-4852-9924-B1978D6585A6}) (Version: 17.0.1000 - Nero AG) Hidden
Nero Disc Menus Basic (HKLM-x32\...\{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}) (Version: 17.0.10002 - Nero AG) Hidden
Nero Disc to Device (HKLM-x32\...\{BD6F4D10-E29E-49E3-8497-1D454AF5EEF8}) (Version: 17.0.1010 - Nero AG) Hidden
Nero Effects Basic (HKLM-x32\...\{29F67D84-3A70-456E-806A-52301B02070B}) (Version: 17.0.10002 - Nero AG) Hidden
Nero Express (HKLM-x32\...\{60251665-84B4-41D6-84BF-6D50CE68DD08}) (Version: 17.0.8000 - Nero AG) Hidden
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2003 - Nero AG)
Nero Kwik Themes Basic (HKLM-x32\...\{1B6F5E51-575E-4693-BCA2-7543570D076D}) (Version: 17.0.10002 - Nero AG) Hidden
Nero Launcher (HKLM-x32\...\{EF0BA418-AF37-471E-9594-EAE5913F4681}) (Version: 17.0.63000 - Nero AG) Hidden
Nero MediaHome (HKLM-x32\...\{7E75EA5E-D9FA-45DB-9646-EEA5C5BF61D4}) (Version: 1.36.3900 - Nero AG) Hidden
Nero PiP Effects Basic (HKLM-x32\...\{ACE49D50-19CD-44A6-B192-46F985283B26}) (Version: 17.0.10002 - Nero AG) Hidden
Nero Recode (HKLM-x32\...\{B17D5E7B-FADD-4EB4-B537-CB7EB3333D97}) (Version: 17.0.14000 - Nero AG) Hidden
Nero RescueAgent (HKLM-x32\...\{7F22DD97-256D-491D-9090-743FADC79BBE}) (Version: 17.0.4000 - Nero AG) Hidden
Nero SharedVideoCodecs (HKLM-x32\...\{2432E589-6256-4513-B0BF-EFA8E325D5F0}) (Version: 1.0.16007 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 21.0.1014 - Nero AG) Hidden
Nero Video (HKLM-x32\...\{6861C1AD-9829-4DE4-8647-4785ECEA421A}) (Version: 17.0.17000 - Nero AG) Hidden
Nero Video Samples (HKLM-x32\...\{05C6B128-1B40-4495-9CB9-090B368BFA0A}) (Version: 17.0.10002 - Nero AG) Hidden
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.60.00 - NETGEAR Inc.)
NVIDIA PhysX System Software 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Online Support(S Service) (HKLM-x32\...\{C8996970-A56E-4659-B01B-CCB7097C4E59}) (Version: 1.1 - Samsung Electronics Co., Ltd.)
Photo Common (HKLM-x32\...\{CAA0F57A-BA8C-4AD8-AA03-F32B0E4F5623}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{07AAB66E-4718-422D-9218-4AFB3C922A71}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{C992FFE0-AC32-4FA9-BC9A-F1637B9E655D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PlayMemories Home (HKLM-x32\...\{D3981248-DBE7-4050-B666-A7FE5AFFC62C}) (Version: 5.5.01.05091 - Sony Corporation)
PlayOn (HKLM-x32\...\{40becdaa-0ffe-4641-ac86-ab57335e1940}) (Version: 4.5.33.25588 - MediaMall Technologies, Inc.)
PlayOn (HKLM-x32\...\{A3A380D9-DD8E-470E-893A-C746EFAD029C}) (Version: 4.5.33 - MediaMall Technologies, Inc.) Hidden
PlayOn Dependencies (HKLM-x32\...\{9FCAA915-CEEF-4D9E-AAF2-6A252C888669}) (Version: 4.0.0.0 - MediaMall Technologies, Inc.) Hidden
Pluto TV version 0.2.0 (HKLM-x32\...\Pluto TV_is1) (Version: 0.2.0 - Pluto TV)
PMB_ModeEditor (HKLM-x32\...\{E95982CA-945F-41F2-B156-A603897AB242}) (Version: 10.3.00 - Sony Corporation) Hidden
PMB_ServiceUploader (HKLM-x32\...\{7D3A0097-9E0E-4073-801C-295BBDAEAED8}) (Version: 10.5.01 - Sony Corporation) Hidden
PowerToys (Preview) (HKLM\...\{CABAB14C-FD08-48E4-9A29-9059BC5D2EB2}) (Version: 0.76.1 - Microsoft Corporation) Hidden
PowerToys (Preview) x64 (HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\{7649e6de-c421-4140-9649-db149dd33283}) (Version: 0.76.1 - Microsoft Corporation)
Presto! PageManager 7.15.38 (HKLM-x32\...\{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}) (Version: 7.15.38 - NewSoft Technology Corporation)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
ReadySHARE Vault (HKLM-x32\...\ReadySHARE Vault) (Version: 3.0 - Genie9)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
S Agent (HKLM\...\{5A52C7BA-14F5-4BDD-A74A-3333DCB121F0}) (Version: 1.1.47 - Samsung Electronics CO., LTD.) Hidden
Samsung Settings (HKLM-x32\...\{3BB58176-B3A7-47FD-9F18-C3576431D193}) (Version: 2.2.0 - Samsung Electronics CO., LTD.)
Samsung Update (HKLM-x32\...\{0CAAEAAE-5401-4FFA-88BC-EB6F89947DC4}) (Version: 2.2.51 - Samsung Electronics Co., Ltd.)
Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.9.2.0 - Seagate)
Seagate DiscWizard (HKLM-x32\...\{6F8A27E5-91EE-414B-9D9B-5D2D6A746F3E}) (Version: 25.0.39818 - Seagate) Hidden
Seagate DiscWizard (HKLM-x32\...\{6F8A27E5-91EE-414B-9D9B-5D2D6A746F3E}Visible) (Version: 25.0.39818 - Seagate)
Seagate Drivers (HKLM\...\{81222C62-0C1F-4B86-8CD3-6191C094C9AD}) (Version: 25.0.39818 - Seagate) Hidden
SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version: - Seagate Technology)
SI Data SIen v2004.19 (HKLM-x32\...\{9E0908EB-943F-484C-938E-7DE7D62F6845}) (Version: 3.00.0000 - GM Service and Parts Operations)
SI Stand-alone application (HKLM-x32\...\{1A2CDD52-4D6A-4937-B0E8-7FFFCF01E97F}) (Version: 3.00.0000 - GM Service and Parts Operations)
SI Tiff Viewer Plugin v4 (HKLM-x32\...\{E4641D0C-1C16-4930-BCCC-04C6C01EA6BA}) (Version: 4.00.0000 - GM Service and Parts Operations)
SoftPlan version 13 [C:\SoftPlan13] (HKLM-x32\...\{3022761C-EC21-4C96-81AD-7FA14F0A1051}) (Version: - SoftPlan Systems Inc.)
SpO2 Assistant V1.5 (HKLM-x32\...\SpO2_is1) (Version: - )
Stashimi Stub Installer (HKLM-x32\...\{910B539D-F257-46C8-9CB8-6C95EFF9CF22}) (Version: 18.001.1 - Nero AG) Hidden
SurfEasy VPN 3.13.41 (HKLM-x32\...\SurfEasy VPN) (Version: 3.13.41 - SurfEasy Inc)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.1.8 - Synaptics Incorporated)
Syncios 6.0.0 (HKLM-x32\...\Syncios) (Version: 6.0.0 - Anvsoft)
The Weather Network (HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\The Weather Network) (Version: 6.0.2.5 - The Weather Network)
TMPGEnc Authoring Works 4 (HKLM-x32\...\{B8D91F6B-803A-4579-9DAD-1377B56DC657}) (Version: 4.0.7.32 - Pegasys Inc.)
TMPGEnc DVD Author 1.6 (HKLM-x32\...\{9CD89DD7-234A-4801-9D87-3DE352E146A0}) (Version: 1.6.34 - Pegasys Inc.)
TMPGEnc Sound Player (HKLM-x32\...\{5D0D08F9-FE89-4AC1-B833-3CCB14F57578}) (Version: 1.0.5.19 - Pegasys Inc.)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Toolkit (HKLM-x32\...\Toolkit) (Version: 1.34.0.60 - Seagate)
TouchCopy 11 (HKLM-x32\...\{B7604945-ED3D-4AE5-AA69-7D5CFF333FE1}) (Version: 11.03 - Wide Angle Software)
TunesGo version 9.0.1.3 (HKLM-x32\...\{2C949BDE-FBE5-421B-A87F-A497C11246C3}_is1) (Version: 9.0.1.3 - Wondershare)
TurboTax 2014 (HKLM-x32\...\{0B69B187-4F9F-41C2-B850-735D1A323571}) (Version: 1.00.0000 - Intuit Canada)
TurboTax 2015 (HKLM-x32\...\{2A42456E-B15D-492F-B99A-53C5ABD77EC0}) (Version: 1.00.0000 - Intuit Canada)
TurboTax 2016 (HKLM-x32\...\{22573A7C-7F78-4C6E-931E-8E5E5BC03FCF}) (Version: 1.00.0000 - Intuit Canada)
TurboTax 2017 (HKLM-x32\...\{6CB687FA-7652-4D3F-9D7D-14D478A81C90}) (Version: 1.00.0000 - Intuit Canada)
TurboTax 2018 (HKLM-x32\...\{810e57a4-9e41-4c8b-b489-0383f838c164}) (Version: 1.00.0000 - Intuit Canada)
TurboTax 2019 (HKLM-x32\...\{176AF9FD-3AF6-4C10-9F68-A3AA455B3D51}) (Version: 1.00.0000 - Intuit Canada)
TurboTax 2020 (HKLM-x32\...\{52492CE6-38A6-4847-9041-22BABBC0B545}) (Version: 1.00.0000 - Intuit Canada)
TurboTax 2021 (HKLM-x32\...\{FD83D1F8-ABAA-4F99-A438-C38F39096CC6}) (Version: 1.00.0000 - Intuit Canada)
TurboTax 2022 (HKLM-x32\...\{1912665A-30D4-4440-A9B2-B2EB7A6DA164}) (Version: 1.00.0000 - Intuit Canada)
TurboTax 2023 (HKLM-x32\...\{9A419B01-4198-4EF0-A01F-D807108C50E2}) (Version: 1.00.0000 - Intuit Canada)
TurboTax Business Incorporated 2013 (HKLM-x32\...\{74A6C362-0AE3-49C5-A2D9-C7B6880EF331}) (Version: 2013.1.0 - Intuit Canada)
TurboTax Business Incorporated 2014 (HKLM-x32\...\{6C34FE2D-DAA4-472F-82F7-D09D50814EDA}) (Version: 2014.1.0 - Intuit Canada)
TurboTax Business Incorporated 2015 (HKLM-x32\...\{956B3AAD-A8DA-4EDE-957C-6D43B8AC0B92}) (Version: 2015.1.0 - Intuit Canada)
TurboTax Business Incorporated 2016 (HKLM-x32\...\{AE7CEF41-D1F6-4087-BA43-6753B4057BEC}) (Version: 2016.1.0 - Intuit Canada)
TurboTax Business Incorporated 2017 (HKLM-x32\...\{51F33FA3-36CD-4B4C-B34C-28989C40CE03}) (Version: 2017.1.0 - Intuit Canada)
TurboTax Business Incorporated 2018 (HKLM-x32\...\{3388AAA2-290D-48E9-B59A-A87183941471}) (Version: 2018.1.0 - Intuit Canada)
TurboTax Business Incorporated 2019 (HKLM-x32\...\{123F75FF-5998-47D4-8D0D-677285CBD4A7}) (Version: 2019.1.0 - Intuit Canada)
TurboTax Canada 2015 (HKLM-x32\...\TurboTax Canada 2015_is1) (Version: 2015 - Intuit Canada)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
VidCoder 4.36 (Installer) (HKLM\...\VidCoder-x64_is1) (Version: 4.36 - RandomEngy)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WD Drive Utilities (HKLM-x32\...\{693748a9-bddc-4f6f-b3ff-f9bd14a3fcc0}) (Version: 2.0.0.71 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{ED1E371E-F744-437B-95AD-9552E2BCE629}) (Version: 2.0.0.71 - Western Digital Technologies, Inc.) Hidden
WinDirStat 1.1.2 (HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\WinDirStat) (Version: - )
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17350 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (08/23/2013 6.2.8400.4218) (HKLM\...\26BFE384C802803107F583AE1A739E4FEB56134B) (Version: 08/23/2013 6.2.8400.4218 - Samsung Electronics Co. Ltd.)
Windows Driver Package - Silicon Laboratories (silabenm) Ports (12/10/2012 6.6.1.0) (HKLM\...\D680DEE0F68D64EC53D0C5769879D15D387054CC) (Version: 12/10/2012 6.6.1.0 - Silicon Laboratories)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Communications Platform (HKLM-x32\...\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{66B5819D-DE70-42BE-B40F-978FBA12452E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Installer (HKLM-x32\...\{659CB81C-B54E-4DF1-B618-F35777393A54}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (HKLM-x32\...\{B775C26B-EAA8-4A11-ACBF-76E52DF6B805}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (HKLM-x32\...\{BAD27F0E-5165-49A5-BE66-AF5BF73F2FEE}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (HKLM-x32\...\{BAD984EE-790E-4513-A428-3BE2D426DCA7}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (HKLM-x32\...\{E703613B-BDAB-433E-A66A-DE0263E3D35D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (HKLM\...\{25058321-C33E-496B-8915-6FD64D362CAF}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (HKLM-x32\...\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (HKLM-x32\...\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (HKLM-x32\...\{D1893000-EA77-493C-8DDD-E262436E959B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (HKLM-x32\...\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{6522F5F9-411B-4513-A75B-CEA00395F032}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (HKLM-x32\...\{04BE4035-3C8E-4B48-BFB8-1655849C0C8B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (HKLM-x32\...\{714E162E-CD4F-4F1B-8302-7F5179409C25}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (HKLM-x32\...\{A2DC527D-FA79-46E9-973F-920897CA55E9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (HKLM-x32\...\{0F974770-76EB-4C38-986E-E7BDD9C0DFC4}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows PC Health Check (HKLM\...\{00DC4B60-5FC9-4629-8147-EF81ADF0EEA6}) (Version: 2.3.2106.25001 - Microsoft Corporation)
Windows PC Health Check (HKLM\...\{804A0628-543B-4984-896C-F58BF6A54832}) (Version: 3.7.2204.15001 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )
WinSCP 6.1.1 (HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\winscp3_is1) (Version: 6.1.1 - Martin Prikryl)
WinX DVD Author 6.3.6 (HKLM-x32\...\WinX DVD Author_is1) (Version: - DigiartySoft, Inc.)
WinX DVD Ripper 5.6.2 (HKLM-x32\...\WinX DVD Ripper_is1) (Version: - Digiarty Software, Inc.)
Wondershare NativePush(Build 1.0.0.9) (HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\Wondershare NativePush_is1) (Version: - Wondershare Software)
Wondershare UniConverter 15(Build 15.0.0.19) (HKLM\...\UniConverter 15_is1) (Version: 15.0.0.19 - Wondershare Software)
WoodWorks Sizer (HKLM-x32\...\WoodWorks Sizer) (Version: - )
WoodWorks® Design Office 9 (SR-3a) Canada (HKLM-x32\...\{4CD81636-49C6-4A3D-A542-60244808161B}) (Version: 9.3.2 - CWC)
WoodWorks® Sizer 8.31 (HKLM-x32\...\{9D47B214-BE3A-4D4E-9F9E-66709DD89BD3}) (Version: 8.3.1 - CWC)
WoodWorks® Sizer 9.3.2 Canada (HKLM-x32\...\{629A8860-3E55-4D53-B317-57878AB8DBC8}) (Version: 9.3.2 - CWC)
Xvid MPEG-4 Video Codec (HKLM-x32\...\xvid) (Version: - Xvid Development Team)
Zoom (HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\ZoomUMX) (Version: 5.6.5 (823) - Zoom Video Communications, Inc.)
Zuma Deluxe (HKLM-x32\...\Zuma Deluxe) (Version: 1.0.0 - LeeGT-Games)
Packages:
=========
Adobe Photoshop Express -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.12.430.0_x64__ynb6jyjzte8ga [2024-05-09] (Adobe Inc.)
Audiobooks from Audible -> C:\Program Files\WindowsApps\AudibleInc.AudibleforWindowsPhone_10.5.67.0_x64__xns73kv1ymhp2 [2024-05-09] (Audible Inc)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-05] (Autodesk Inc.)
freda epub ebook reader -> C:\Program Files\WindowsApps\5957Turnipsoft.freda_5.2.0.0_x64__ypmq2qh89vmny [2024-03-10] (Turnipsoft)
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_15.0.215.0_x64__nzyj5cx40ttqa [2024-02-18] (Apple Inc.) [Startup Task]
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa [2024-05-09] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-08-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-08-22] (Microsoft Corporation) [MS Ad]
Microsoft Edge Dev -> C:\Program Files (x86)\Microsoft\Edge Dev\Application [2024-05-22] ()
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2024-05-09] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2024-05-09] (Microsoft Corporation) [MS Ad]
OverDrive - Library eBooks & Audiobooks -> C:\Program Files\WindowsApps\2FA138F6.OverDriveMediaConsole_3.8.0.5_neutral__daecb9042jmvt [2019-03-25] (OverDrive Inc.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-02-25] (Microsoft Corporation)
RAR File Opener -> C:\Program Files\WindowsApps\62307pauljohn.RARFileOpener_1.2.0.0_neutral__7sv5v3m8wq0b2 [2021-12-02] (pauljohn)
Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.18.194.0_x64__43tkc6nmykmb6 [2024-05-09] (Ookla)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-08-22] (Twitter Inc.)
Unpacker -> C:\Program Files\WindowsApps\AFF540DC.Unpacker_1.1.14.24_x64__v7353qx4kg3sa [2018-01-01] (Jujuba Software) [MS Ad]
WinAppRuntime.Main.1.2 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.2_2000.802.31.0_x64__8wekyb3d8bbwe [2024-02-27] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_5001.119.156.0_x64__8wekyb3d8bbwe [2024-05-02] (Microsoft Corp.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3415231190-2578111039-3513294677-1001_Classes\CLSID\{0440049F-D1DC-4E46-B27B-98393D79486B}\InprocServer32 -> C:\Users\DW\AppData\Local\PowerToys\WinUI3Apps\PowerToys.PowerRenameExt.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3415231190-2578111039-3513294677-1001_Classes\CLSID\{10144713-1526-46C9-88DA-1FB52807A9FF}\InprocServer32 -> C:\Users\DW\AppData\Local\PowerToys\PowerToys.SvgThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3415231190-2578111039-3513294677-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> C:\Users\DW\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
CustomCLSID: HKU\S-1-5-21-3415231190-2578111039-3513294677-1001_Classes\CLSID\{4e6f7264-5650-4e00-0000-000000000000}\localserver32 -> "C:\Program Files\NordVPN\NordVPN.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-3415231190-2578111039-3513294677-1001_Classes\CLSID\{51B4D7E5-7568-4234-B4BB-47FB3C016A69}\InprocServer32 -> C:\Users\DW\AppData\Local\PowerToys\PowerToys.ImageResizerExt.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3415231190-2578111039-3513294677-1001_Classes\CLSID\{60789D87-9C3C-44AF-B18C-3DE2C2820ED3}\InprocServer32 -> C:\Users\DW\AppData\Local\PowerToys\PowerToys.MarkdownPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3415231190-2578111039-3513294677-1001_Classes\CLSID\{68583980-1f20-1308-357f-d24e2fa6d607}\localserver32 -> C:\Users\DW\AppData\Local\PowerToys\PowerToys.PowerLauncher.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3415231190-2578111039-3513294677-1001_Classes\CLSID\{729B72CD-B72E-4FE9-BCBF-E954B33FE699}\InprocServer32 -> C:\Users\DW\AppData\Local\PowerToys\PowerToys.QoiPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3415231190-2578111039-3513294677-1001_Classes\CLSID\{77257004-6F25-4521-B602-50ECC6EC62A6}\InprocServer32 -> C:\Users\DW\AppData\Local\PowerToys\PowerToys.StlThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3415231190-2578111039-3513294677-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3415231190-2578111039-3513294677-1001_Classes\CLSID\{84D68575-E186-46AD-B0CB-BAEB45EE29C0}\InprocServer32 -> C:\Users\DW\AppData\Local\PowerToys\WinUI3Apps\PowerToys.FileLocksmithExt.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3415231190-2578111039-3513294677-1001_Classes\CLSID\{869C14C8-1830-491F-B575-5F9AB40D2B42}\InprocServer32 -> C:\Program Files\MediaInfo\MediaInfo_InfoTip.dll (MediaArea.net -> MediaArea.net)
CustomCLSID: HKU\S-1-5-21-3415231190-2578111039-3513294677-1001_Classes\CLSID\{A0257634-8812-4CE8-AF11-FA69ACAEAFAE}\InprocServer32 -> C:\Users\DW\AppData\Local\PowerToys\PowerToys.GcodePreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3415231190-2578111039-3513294677-1001_Classes\CLSID\{AD856B15-D25E-4008-AFB7-AFAA55586188}\InprocServer32 -> C:\Users\DW\AppData\Local\PowerToys\PowerToys.QoiThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3415231190-2578111039-3513294677-1001_Classes\CLSID\{C225B750-83D3-461B-846A-DC65EBD96797} -> [iCloud Drive] => C:\Users\DW\iCloudDrive [2016-05-18 03:25]
CustomCLSID: HKU\S-1-5-21-3415231190-2578111039-3513294677-1001_Classes\CLSID\{D8034CFA-F34B-41FE-AD45-62FCBB52A6DA}\InprocServer32 -> C:\Users\DW\AppData\Local\PowerToys\PowerToys.MonacoPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3415231190-2578111039-3513294677-1001_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynTPCpl.dll",ShowDevicePropPage 0
CustomCLSID: HKU\S-1-5-21-3415231190-2578111039-3513294677-1001_Classes\CLSID\{DD5CACDA-7C2E-4997-A62A-04A597B58F76}\localserver32 -> C:\Users\DW\AppData\Local\PowerToys\PowerToys.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3415231190-2578111039-3513294677-1001_Classes\CLSID\{E15E1D68-0D1C-49F7-BEB8-812B1E00FA60}\InprocServer32 -> C:\Users\DW\AppData\Local\Programs\WinSCP\DragExt64.dll (Martin Prikryl -> Martin Prikryl)
CustomCLSID: HKU\S-1-5-21-3415231190-2578111039-3513294677-1001_Classes\CLSID\{F2847CBE-CD03-4C83-A359-1A8052C1B9D5}\InprocServer32 -> C:\Users\DW\AppData\Local\PowerToys\PowerToys.GcodeThumbnailProviderCpp.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3415231190-2578111039-3513294677-1001_Classes\CLSID\{FCDD4EED-41AA-492F-8A84-31A1546226E0}\InprocServer32 -> C:\Users\DW\AppData\Local\PowerToys\PowerToys.SvgPreviewHandlerCpp.dll (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Seagate\DiscWizard\tishell64_25_0_39818.dll [2021-12-05] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Seagate\DiscWizard\tishell64_25_0_39818.dll [2021-12-05] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Seagate\DiscWizard\tishell64_25_0_39818.dll [2021-12-05] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Seagate\DiscWizard\tishell64_25_0_39818.dll [2021-12-05] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [0GenieTimeLine-BackedUp] -> {88A8B1ED-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] () [File not signed]
ShellIconOverlayIdentifiers: [0GenieTimeLine-Excluded] -> {B77E8651-93B1-40CD-8ECF-6F33DAC805A0} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] () [File not signed]
ShellIconOverlayIdentifiers: [0GenieTimeLine-Folder] -> {CEAF16CE-C11C-4081-BE29-DDE7F45A59DB} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] () [File not signed]
ShellIconOverlayIdentifiers: [0GenieTimeLine-NotBackedUp] -> {88A8B1EE-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] () [File not signed]
ShellIconOverlayIdentifiers: [0GenieTimeLine-Pending ] -> {88A8B1EF-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] () [File not signed]
ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-BackedUp] -> {88A8B1ED-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] () [File not signed]
ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Excluded] -> {B77E8651-93B1-40CD-8ECF-6F33DAC805A0} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] () [File not signed]
ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Folder] -> {CEAF16CE-C11C-4081-BE29-DDE7F45A59DB} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] () [File not signed]
ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-NotBackedUp] -> {88A8B1EE-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] () [File not signed]
ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Pending ] -> {88A8B1EF-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] () [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [AimersoftVideoConverterFileOpreation] -> {1AACB93E-AA97-47F1-BD02-8D2AF2815436} => C:\WINDOWS\SysWOW64\AiCM64.dll [2015-02-27] () [File not signed]
ContextMenuHandlers1: [Genie-Soft Timeline Backup Context Menu Extension] -> {D821600B-0B5D-4D7E-B1CC-034C652E8288} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineContextMenu.gtl [2013-08-29] (Genie9) [File not signed]
ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2019-09-20] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Genie-Soft Timeline Backup Context Menu Extension] -> {D821600B-0B5D-4D7E-B1CC-034C652E8288} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineContextMenu.gtl [2013-08-29] (Genie9) [File not signed]
ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2019-09-20] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-06-16] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [Genie-Soft Timeline Backup Context Menu Extension] -> {D821600B-0B5D-4D7E-B1CC-034C652E8288} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineContextMenu.gtl [2013-08-29] (Genie9) [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [Genie-Soft Timeline Backup Context Menu Extension] -> {D821600B-0B5D-4D7E-B1CC-034C652E8288} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineContextMenu.gtl [2013-08-29] (Genie9) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-06-16] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2_S-1-5-21-3415231190-2578111039-3513294677-1001: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Users\DW\AppData\Local\PowerToys\WinUI3Apps\PowerToys.FileLocksmithExt.dll [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3_S-1-5-21-3415231190-2578111039-3513294677-1001: [FileLocksmithExt] -> {84D68575-E186-46AD-B0CB-BAEB45EE29C0} => C:\Users\DW\AppData\Local\PowerToys\WinUI3Apps\PowerToys.FileLocksmithExt.dll [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3_S-1-5-21-3415231190-2578111039-3513294677-1001: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Users\DW\AppData\Local\PowerToys\WinUI3Apps\PowerToys.PowerRenameExt.dll [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5_S-1-5-21-3415231190-2578111039-3513294677-1001: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => C:\Users\DW\AppData\Local\PowerToys\WinUI3Apps\PowerToys.PowerRenameExt.dll [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [180224 2009-06-07] () [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2016-10-12 18:59 - 2016-10-12 18:59 - 000983552 _____ () [File not signed] C:\Program Files (x86)\Anvsoft\Syncios\androidSyncCore_pdm.dll
2016-10-12 18:59 - 2016-10-12 18:59 - 000177152 _____ () [File not signed] C:\Program Files (x86)\Anvsoft\Syncios\driverMgr4Transfer_pdm.dll
2016-10-18 00:32 - 2016-10-18 00:32 - 000436736 _____ () [File not signed] C:\Program Files (x86)\Anvsoft\Syncios\DuiLib.dll
2016-10-12 18:59 - 2016-10-12 18:59 - 000074240 _____ () [File not signed] C:\Program Files (x86)\Anvsoft\Syncios\generalFunc_pdt.dll
2016-06-21 18:39 - 2016-06-21 18:39 - 000671744 _____ () [File not signed] C:\Program Files (x86)\Anvsoft\Syncios\hashAB.dll
2016-06-21 18:39 - 2016-06-21 18:39 - 000279955 _____ () [File not signed] C:\Program Files (x86)\Anvsoft\Syncios\libidn-11.dll
2015-07-09 18:43 - 2015-07-09 18:43 - 000571392 _____ () [File not signed] C:\Program Files (x86)\Anvsoft\Syncios\sqlite3.dll
2016-06-21 18:39 - 2016-06-21 18:39 - 000059904 _____ () [File not signed] C:\Program Files (x86)\Anvsoft\Syncios\zlib.dll
2016-06-21 18:39 - 2016-06-21 18:39 - 000067072 _____ () [File not signed] C:\Program Files (x86)\Anvsoft\Syncios\zlib1.dll
2015-06-05 14:20 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\CBSCreateVC.dll
2015-06-05 14:20 - 2016-10-08 17:03 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\DAQExp.dll
2015-06-20 16:32 - 2008-11-21 14:58 - 000057344 ____N () [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\SATWAIN.dll
2015-06-20 16:32 - 2009-03-12 16:45 - 000135168 ____N () [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
2016-03-02 22:17 - 2016-03-02 22:17 - 000136704 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\airprintdll.dll
2016-03-02 22:17 - 2016-03-02 22:17 - 000146944 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\DiagnoseDll.dll
2016-01-14 20:06 - 2016-01-14 20:06 - 000057344 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\DiagnosePlugin.dll
2016-02-22 02:25 - 2016-02-22 02:25 - 000116224 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\DragonNetTool.dll
2015-08-24 02:41 - 2015-08-24 02:41 - 002360622 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\drivers\libntgr_api.dll
2019-05-22 02:09 - 2019-05-22 02:09 - 000713728 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Genie.dll
2018-07-19 22:31 - 2018-07-19 22:31 - 000168448 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Airprint.dll
2018-07-19 22:31 - 2018-07-19 22:31 - 000591872 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Internet.dll
2019-05-15 02:07 - 2019-05-15 02:07 - 006903808 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Map.dll
2018-07-19 22:36 - 2018-07-19 22:36 - 002980352 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_MyMedia.dll
2019-05-15 02:07 - 2019-05-15 02:07 - 000967168 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll
2019-04-19 00:38 - 2019-04-19 00:38 - 001259520 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll
2018-11-21 19:58 - 2018-11-21 19:58 - 011973632 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Resource.dll
2019-05-15 02:05 - 2019-05-15 02:05 - 002683392 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll
2019-05-22 03:51 - 2019-05-22 03:51 - 000278528 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Statistics.dll
2019-05-22 02:14 - 2019-05-22 02:14 - 000888832 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Ui.dll
2018-11-20 04:34 - 2018-11-20 04:34 - 000422400 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Wireless.dll
2018-12-12 04:36 - 2018-12-12 04:36 - 000633344 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_Update.dll
2018-07-19 22:33 - 2018-07-19 22:33 - 000433664 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll
2014-12-21 10:07 - 2014-12-21 10:07 - 000119822 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libgcc_s_dw2-1.dll
2014-12-21 10:07 - 2014-12-21 10:07 - 001026062 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libstdc++-6.dll
2012-06-27 16:23 - 2012-06-27 16:23 - 000111616 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libvlc.dll
2012-06-27 16:23 - 2012-06-27 16:23 - 002285056 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libvlccore.dll
2016-03-02 22:17 - 2016-03-02 22:17 - 000074752 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\NetcardApi.dll
2012-06-27 16:23 - 2012-06-27 16:23 - 000219648 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\access\libdshow_plugin.dll
2012-06-27 16:23 - 2012-06-27 16:23 - 000049664 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\audio_output\libaout_directx_plugin.dll
2012-06-27 16:23 - 2012-06-27 16:23 - 000051200 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\audio_output\libwaveout_plugin.dll
2012-06-27 16:23 - 2012-06-27 16:23 - 000051200 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\control\libhotkeys_plugin.dll
2012-06-27 16:23 - 2012-06-27 16:23 - 000037376 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\mmxext\libmemcpymmxext_plugin.dll
2012-06-27 16:23 - 2012-06-27 16:23 - 000070144 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\video_output\libdirectx_plugin.dll
2016-02-26 04:07 - 2016-02-26 04:07 - 000049152 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\QRCode.dll
2016-08-15 02:28 - 2016-08-15 02:28 - 001125888 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\qwt.dll
2019-05-22 02:13 - 2019-05-22 02:13 - 001701376 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\SvtNetworkTool.dll
2016-03-02 22:17 - 2016-03-02 22:17 - 000072192 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\SVTUtils.dll
2016-01-14 20:23 - 2016-01-14 20:23 - 000026112 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\WSetupApiPlugin.dll
2016-04-12 00:13 - 2016-04-12 00:13 - 000067072 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\WSetupDll.dll
2016-01-22 22:20 - 2013-08-29 01:08 - 000710144 _____ () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSBackupManager.gtl
2016-01-22 22:20 - 2013-08-01 03:36 - 000089600 _____ () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSEncryption.gtl
2016-01-22 22:20 - 2013-08-29 01:08 - 000490496 _____ () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSIndexDB.gtl
2016-01-22 22:20 - 2013-08-01 03:36 - 000058368 _____ () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSLibrariesManager.gtl
2016-01-22 22:20 - 2013-08-01 03:36 - 000045568 _____ () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSLogging.gtl
2016-01-22 22:20 - 2013-08-29 01:08 - 000054784 _____ () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSLogManager.gtl
2016-01-22 22:20 - 2013-08-29 01:08 - 000163328 _____ () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl
2016-01-22 22:20 - 2013-08-29 01:08 - 000370688 _____ () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSWatcher4.gtl
2016-01-22 22:20 - 2013-08-29 01:08 - 000332800 _____ () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\OnlineHandler.gtl
2013-02-03 03:21 - 2013-02-03 03:21 - 000045056 _____ () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\pcre.dll
2013-02-03 03:21 - 2013-02-03 03:21 - 000097792 _____ () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\pcrebase.dll
2016-01-22 22:20 - 2013-08-29 01:08 - 000087040 _____ () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\QueueManager.gtl
2016-01-22 22:20 - 2013-02-03 05:40 - 000011264 _____ () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\RWLock.gtl
2016-01-22 22:20 - 2013-08-29 01:08 - 000209920 _____ () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\Settings.gtl
2016-01-22 22:20 - 2012-02-02 03:16 - 000740864 _____ () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\sqlite3.gtl
2016-01-22 22:20 - 2013-02-03 05:40 - 000010752 _____ () [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\VSSEngine_Proxy.gtl
2018-12-27 00:31 - 2015-02-27 15:38 - 000721263 _____ () [File not signed] C:\WINDOWS\SysWOW64\AiCM64.dll
2016-01-22 22:20 - 2013-08-01 04:18 - 000491520 _____ (Artpol Software) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSZipEng.gtl
2023-06-01 10:06 - 2013-02-19 16:38 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_ENU.DLL
2023-06-01 10:06 - 2013-02-19 16:36 - 000307200 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_IMG.dll
2015-06-04 16:32 - 2012-09-25 23:02 - 000152064 _____ (CANON INC.) [File not signed] C:\WINDOWS\system32\CNCENPM6.DLL
2023-06-01 10:04 - 2013-01-24 01:24 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2016-01-22 22:20 - 2013-08-29 01:08 - 000094208 _____ (Genie9) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSCopy.gtl
2016-01-22 22:20 - 2013-08-29 01:08 - 000631296 _____ (Genie9) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineNSE.gtl
2016-01-22 22:20 - 2013-03-20 07:01 - 001520640 _____ (Genie9) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineShellRes.gtl
2016-06-21 18:39 - 2016-06-21 18:39 - 000097792 _____ (Google, inc) [File not signed] C:\Program Files (x86)\Anvsoft\Syncios\AdbWinApi.dll
2016-06-21 18:39 - 2016-06-21 18:39 - 000062976 _____ (Google, inc) [File not signed] C:\Program Files (x86)\Anvsoft\Syncios\AdbWinUsbApi.dll
2015-10-30 01:19 - 2015-10-30 03:07 - 000027648 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\jnwppr.dll
2014-12-21 10:07 - 2014-12-21 10:07 - 000049152 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libwinpthread-1.dll
2013-02-19 00:46 - 2013-02-19 00:46 - 000220160 _____ (NETGEAR Inc.) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\drivers\NETGEAR_PLC_L2_API.dll
2015-06-20 16:32 - 2007-07-09 10:36 - 000114688 ____N (NewSoft Technology Corporation) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\FIOALL32.dll
2015-06-20 16:32 - 2004-02-20 07:24 - 000163840 ____N (NewSoft Technology Corporation) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Ism.dll
2015-06-20 16:32 - 2003-12-01 10:27 - 000053248 ____N (NewSoft Technology Corporation) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Tcm.dll
2015-06-20 16:32 - 2009-03-12 16:45 - 000139264 ____N (NewSoft Technology Corporation.) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\SASM.dll
2016-06-21 18:39 - 2016-06-21 18:39 - 000086070 _____ (Open Source Software community project) [File not signed] C:\Program Files (x86)\Anvsoft\Syncios\pthreadVC2.dll
2014-03-23 20:32 - 2014-03-23 20:32 - 000060273 _____ (Open Source Software community project) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\pthreadGC2.dll
2015-09-01 23:40 - 2015-09-01 23:40 - 001374720 _____ (Pizzolato Davide - www.xdp.it) [File not signed] C:\Program Files (x86)\Anvsoft\Syncios\cximage.dll
2014-01-29 14:20 - 2014-01-29 14:20 - 000022920 _____ (Samsung Electronics CO., LTD. -> Samsung Electronics Co. Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Settings\CmdServer\WSABI.dll
2015-06-20 16:31 - 2005-01-13 10:47 - 000049152 ____N (SEIKO EPSON CORP.) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\ESPSUTL.dll
2015-06-20 16:48 - 2009-06-30 11:33 - 000430080 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBIPDev.dll
2015-06-20 16:48 - 2007-09-10 16:03 - 000110592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBLPBidiDev.dll
2015-06-20 16:48 - 2008-11-05 20:53 - 000237688 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBMSDev.dll
2015-06-20 16:48 - 2009-07-01 12:09 - 000286720 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBNWDev.dll
2015-06-20 16:48 - 2010-09-10 16:50 - 000135168 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBRSVC.dll
2015-06-20 16:48 - 2006-08-30 02:02 - 000106496 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\epLocalBidi.dll
2015-06-20 16:31 - 2008-10-22 11:18 - 000065536 ____N (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\epnsm.dll
2015-06-20 16:41 - 2010-09-13 16:00 - 000558592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
2015-06-20 16:41 - 2008-06-18 12:49 - 000250880 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enpres.dll
2016-06-21 18:39 - 2016-06-21 18:39 - 000602624 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\Anvsoft\Syncios\libcurl.dll
2016-06-21 18:39 - 2016-06-21 18:39 - 001178112 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Anvsoft\Syncios\LIBEAY32.dll
2016-06-21 18:39 - 2016-06-21 18:39 - 000265216 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Anvsoft\Syncios\SSLEAY32.dll
2013-02-10 19:35 - 2013-02-10 19:35 - 001178624 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\LIBEAY32.dll
2013-02-10 19:35 - 2013-02-10 19:35 - 000269824 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\ssleay32.dll
2016-01-22 22:20 - 2012-02-02 03:16 - 001558016 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\NETGEAR\ReadySHARE Vault\libeay32.gtl
2015-10-12 13:44 - 2015-10-12 13:44 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qgif.dll
2015-10-12 13:45 - 2015-10-12 13:45 - 000034816 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qico.dll
2015-10-12 13:45 - 2015-10-12 13:45 - 000246784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qjpeg.dll
2015-10-12 13:58 - 2015-10-12 13:58 - 000366592 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qmng.dll
2015-10-12 13:48 - 2015-10-12 13:48 - 000028672 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qsvg.dll
2015-10-12 13:58 - 2015-10-12 13:58 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qtga.dll
2015-10-12 13:58 - 2015-10-12 13:58 - 000433664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qtiff.dll
2015-10-12 13:58 - 2015-10-12 13:58 - 000027136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qwbmp.dll
2015-10-12 13:46 - 2015-10-12 13:46 - 001413632 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\platforms\qwindows.dll
2015-10-12 13:47 - 2015-10-12 13:47 - 000044544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\printsupport\windowsprintersupport.dll
2015-11-18 22:54 - 2015-11-18 22:54 - 005391360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Core.dll
2015-10-12 13:31 - 2015-10-12 13:31 - 005334528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Gui.dll
2015-10-12 13:26 - 2015-10-12 13:26 - 001528832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Network.dll
2015-10-12 13:42 - 2015-10-12 13:42 - 000334848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5OpenGL.dll
2016-04-12 20:52 - 2016-04-12 20:52 - 000357888 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5PrintSupport.dll
2015-10-12 13:48 - 2015-10-12 13:48 - 000331776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Svg.dll
2015-10-12 13:37 - 2015-10-12 13:37 - 006541824 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Widgets.dll
2015-10-12 13:25 - 2015-10-12 13:25 - 000237056 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Xml.dll
2016-06-21 18:39 - 2016-06-21 18:39 - 000020992 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\Anvsoft\Syncios\curl_download.dll
2016-10-12 18:59 - 2016-10-12 18:59 - 000018944 _____ (TODO: <Company name>) [File not signed] C:\Program Files (x86)\Anvsoft\Syncios\geneLog_pdt.dll
2015-06-05 14:20 - 2016-10-08 17:04 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\CBSProducstInfo.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\Software\Classes\regfile: <==== ATTENTION
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\Software\Classes\.reg: => <==== ATTENTION
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\Software\Classes\.cmd: => <==== ATTENTION
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://c.finance.a1.b.yahoo.com/marketupdate/overview
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://finance.yahoo.com/market-overview/
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Aimersoft Video Converter Ultimate 6.1.0 -> {D879895E-2124-4ED0-BDDF-F8F8BBC98A6F} -> C:\ProgramData\Aimersoft\Video Converter Ultimate\WSBrowserAppMgr.dll [2016-10-26] (Shenzhen Jia Xing Investment Co., Ltd. -> Wondershare)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKU\S-1-5-21-3415231190-2578111039-3513294677-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/products/plugin/autodl/jinstall-180-windows-i586.cab
DPF: HKLM-x32 {CAFEEFAC-0018-0000-00144-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-180-windows-i586.cab
Handler-x32: intu-tt2014 - {97BB39CB-9ABA-4513-81E7-1D6FDA0854B8} - C:\Program Files (x86)\TurboTax 2014\ic2014pp.dll [2014-11-22] (Intuit Canada ULC -> Intuit Canada, a general partnership/une société en nom collectif.)
Handler-x32: intu-tt2015 - {5A676D6A-A3EF-4FAA-8DAC-F55CA235F67C} - C:\Program Files (x86)\TurboTax 2015\ic2015pp.dll [2015-11-23] (Intuit Canada ULC -> Intuit Canada, a general partnership/une société en nom collectif.)
Handler-x32: intu-tt2016 - {D3619A28-0FAE-4AD2-A79F-BAD3CD6E8779} - C:\Program Files (x86)\TurboTax 2016\ic2016pp.dll [2016-11-23] (Intuit Canada ULC -> Intuit Canada, a general partnership/une société en nom collectif.)
Handler-x32: intu-tt2017 - {1215626F-14CA-4AA9-AE16-F7CBD13A3F3F} - C:\Program Files (x86)\TurboTax 2017\ic2017pp.dll [2018-09-04] (Intuit Canada ULC -> Intuit Canada, a general partnership/une société en nom collectif.)
Handler-x32: intu-tt2018 - {c10cb859-8e11-44f1-833b-68a8e1ed7e1d} - C:\Program Files (x86)\TurboTax 2018\ic2018pp.dll [2019-05-16] (Intuit Canada ULC -> Intuit Canada, a general partnership/une société en nom collectif.)
Handler-x32: intu-tt2019 - {F526FF07-B913-4B56-85DC-D7014178A5B4} - C:\Program Files (x86)\TurboTax 2019\ic2019pp.dll [2020-12-15] (Intuit Canada ULC -> Intuit Canada, a general partnership/une société en nom collectif.)
Handler-x32: intu-tt2020 - {BA9B9DDA-C208-4938-90D6-0FAB2903CECE} - C:\Program Files (x86)\TurboTax 2020\ic2020pp.dll [2021-09-14] (Intuit Canada ULC -> Intuit Canada, a general partnership/une société en nom collectif.)
Handler-x32: intu-tt2021 - {B60E21DC-FB86-424A-BAA3-54B06685E3E7} - C:\Program Files (x86)\TurboTax 2021\ic2021pp.dll [2022-07-21] (Intuit Canada ULC -> Intuit Canada, a general partnership/une société en nom collectif.)
Handler-x32: intu-tt2022 - {A1D08E43-AD6A-4092-8541-B7EFB3E60EC5} - C:\Program Files (x86)\TurboTax 2022\ic2022pp.dll [2023-05-10] (Intuit Canada ULC -> Intuit Canada, a general partnership/une société en nom collectif.)
Handler-x32: intu-tt2023 - {84609304-3DF2-4FFD-B10F-5C0E643A4745} - C:\Program Files (x86)\TurboTax 2023\ic2023pp.dll [2024-04-10] (Intuit Canada ULC -> Intuit Canada, a general partnership/une société en nom collectif.)
Handler: WSAMVCUchrome - {086BD280-4613-43B5 - No File
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-07-05 18:43 - 2018-07-10 18:10 - 000517291 ____R C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 fr.a2dfp.net
0.0.0.0 m.fr.a2dfp.net
0.0.0.0 mfr.a2dfp.net
0.0.0.0 ad.a8.net
0.0.0.0 asy.a8ww.net
0.0.0.0 static.a-ads.com
0.0.0.0 atlas.aamedia.ro
0.0.0.0 abcstats.com
0.0.0.0 ad4.abradio.cz
0.0.0.0 a.abv.bg
0.0.0.0 adserver.abv.bg
0.0.0.0 adv.abv.bg
0.0.0.0 bimg.abv.bg
0.0.0.0 ca.abv.bg
0.0.0.0 www2.a-counter.kiev.ua
0.0.0.0 track.acclaimnetwork.com
0.0.0.0 accuserveadsystem.com
0.0.0.0 www.accuserveadsystem.com
0.0.0.0 achmedia.com
0.0.0.0 csh.actiondesk.com
0.0.0.0 ads.activepower.net
0.0.0.0 app.activetrail.com
0.0.0.0 stat.active24stats.nl #[Tracking.Cookie]
0.0.0.0 traffic.acwebconnecting.com
0.0.0.0 office.ad1.ru
0.0.0.0 cms.ad2click.nl
0.0.0.0 ad2games.com
0.0.0.0 ads.ad2games.com
0.0.0.0 content.ad20.net
There are 13844 more lines.
2015-05-22 17:31 - 2022-09-06 07:54 - 000000564 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
92.168.137.1 SAMSUNG.mshome.net # 2020 5 4 21 0 36 49 98
33 31
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Calibre2\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile\;C:\Program Files (x86)\Common Files\Acronis\VirtualFile64\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files (x86)\Smart Projects\DVDVob2Mpg
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\DW\AppData\Local\Microsoft\Windows\Themes\transcodedwallpaper
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Prompt)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: nvsvc => 2
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "MFNetworkScanUtility"
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run: => "Reflect UI"
HKLM\...\StartupApproved\Run: => "Seagate Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "Fitbit Connect"
HKLM\...\StartupApproved\Run32: => "PMBVolumeWatcher"
HKLM\...\StartupApproved\Run32: => "DriveUtilitiesHelper"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "DiscWizardMonitor.exe"
HKLM\...\StartupApproved\Run32: => "DBAgent"
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\StartupApproved\StartupFolder: => "OneNote 2007 Screen Clipper and Launcher.lnk"
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\StartupApproved\Run: => "Artisan 710(Network)"
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\StartupApproved\Run: => "TomTomHOME.exe"
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\StartupApproved\Run: => "EPSONF80F55"
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\StartupApproved\Run: => "Fitbit Connect"
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\StartupApproved\Run: => "EPSON5F1574 (Artisan 837)"
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\StartupApproved\Run: => "Google Photos Backup"
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\StartupApproved\Run: => "Avanquest Message"
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\StartupApproved\Run: => "Speech Recognition"
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\StartupApproved\Run: => "EPSON Artisan 837 Series"
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\StartupApproved\Run: => "GarminExpress"
HKU\S-1-5-21-3415231190-2578111039-3513294677-1001\...\StartupApproved\Run: => "Uploader"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A4569220-2555-4BCC-8EE0-D184A8106A88}] => (Allow) C:\Users\DW\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{AF082E64-BF51-4A31-93F4-D7133ECE5173}] => (Allow) C:\Users\DW\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{BC0E115E-48C4-4C1C-8B14-9F1C186D0E3C}] => (Allow) C:\Users\DW\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C34671D2-D30B-4113-9806-CBE0BE2410BC}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Home\report_sender.exe => No File
FirewallRules: [{8F357016-C093-45B6-946E-FCAF570D608B}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\LicenseActivator.exe => No File
FirewallRules: [{08FE2E17-DD52-4015-9DCF-844B21B02087}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe => No File
FirewallRules: [{3A2099DB-B335-4A86-A62D-7F4BFE9C87F2}] => (Allow) C:\Users\DW\AppData\Local\Temp\BFA44C5D-9663-4283-A550-9288F26E4F7F\ga_service.exe => No File
FirewallRules: [UDP Query User{1938E4A8-AC55-4F9E-9B8B-620D5477F47C}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Block) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (NETGEAR TAIWAN CO., LTD -> NETGEAR Inc.)
FirewallRules: [TCP Query User{39EA3BD7-4020-4006-94C3-08AC046AD75B}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Block) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (NETGEAR TAIWAN CO., LTD -> NETGEAR Inc.)
FirewallRules: [UDP Query User{01D35AAE-EF4F-4246-A04B-72663DA34F57}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (NETGEAR TAIWAN CO., LTD -> NETGEAR Inc.)
FirewallRules: [TCP Query User{23B151ED-8B06-4F93-8CAD-645FF0DCE372}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (NETGEAR TAIWAN CO., LTD -> NETGEAR Inc.)
FirewallRules: [UDP Query User{F9AA97A9-4239-40FB-89D0-BAFB50F93BD2}C:\program files (x86)\nero\km\nmdllhost.exe] => (Block) C:\program files (x86)\nero\km\nmdllhost.exe (Nero AG -> Nero AG)
FirewallRules: [TCP Query User{D650AE1B-F9EC-4A94-99B6-8F135B278F11}C:\program files (x86)\nero\km\nmdllhost.exe] => (Block) C:\program files (x86)\nero\km\nmdllhost.exe (Nero AG -> Nero AG)
FirewallRules: [UDP Query User{1E3469FC-DA4A-4531-B7D0-122FAC276A75}C:\program files (x86)\nero\km\mediahome.exe] => (Block) C:\program files (x86)\nero\km\mediahome.exe (Nero AG -> Nero AG)
FirewallRules: [TCP Query User{34EB0183-434D-4347-B59F-7D1379B3311B}C:\program files (x86)\nero\km\mediahome.exe] => (Block) C:\program files (x86)\nero\km\mediahome.exe (Nero AG -> Nero AG)
FirewallRules: [{524DB2A4-A707-46FB-B72B-25E2A6097919}] => (Allow) C:\RECOVERY FOR IPHONE\tenorshare-iphone-6-data-recovery-trial.exe (Tenorshare Co.,Ltd. -> )
FirewallRules: [{60F76987-5424-4F42-BE62-22EEDA3F8F5A}] => (Allow) C:\RECOVERY FOR IPHONE\tenorshare-iphone-6-data-recovery-trial.exe (Tenorshare Co.,Ltd. -> )
FirewallRules: [TCP Query User{97B3065E-3813-4714-B9E4-B2816AA14DAF}C:\program files (x86)\plex\plex media server\plex media server.exe] => (Block) C:\program files (x86)\plex\plex media server\plex media server.exe => No File
FirewallRules: [TCP Query User{6FE10995-675F-4D53-9C71-382A5E7E90FD}C:\program files (x86)\plex\plex media server\plexdlnaserver.exe] => (Block) C:\program files (x86)\plex\plex media server\plexdlnaserver.exe => No File
FirewallRules: [UDP Query User{C25ECE49-97B2-4DE9-9D29-568DD7696BAF}C:\program files (x86)\plex\plex media server\plexdlnaserver.exe] => (Block) C:\program files (x86)\plex\plex media server\plexdlnaserver.exe => No File
FirewallRules: [TCP Query User{CFDA9A86-B61A-445A-ADCB-0D50962020FC}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Newsoft Technology Company -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{A90D4295-244E-4FF1-BF8C-818B35473EEB}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Newsoft Technology Company -> SEIKO EPSON CORPORATION)
FirewallRules: [{CDF8B486-DAF5-4450-8389-595A51E3B71C}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Newsoft Technology Company -> SEIKO EPSON CORPORATION)
FirewallRules: [{FAA9F95A-CE5B-40A9-912F-D3FF26343294}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Newsoft Technology Company -> SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{F3E38D5C-409F-4EB8-AC36-9E04FC440AB4}C:\program files\itunes\itunes.exe] => (Allow) C:\program files\itunes\itunes.exe => No File
FirewallRules: [UDP Query User{6D180231-8D8D-451A-873C-DD1FFC7064ED}C:\program files\itunes\itunes.exe] => (Allow) C:\program files\itunes\itunes.exe => No File
FirewallRules: [{76DBD0EC-D902-4C37-99BC-6FBDD620184A}] => (Block) C:\program files\itunes\itunes.exe => No File
FirewallRules: [{87C5A9EF-B6F5-41F1-89CE-413E58F19F3E}] => (Block) C:\program files\itunes\itunes.exe => No File
FirewallRules: [TCP Query User{AF7F3C68-652B-48ED-B3F0-DBF4E607FA03}C:\users\dw\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\dw\appdata\local\akamai\netsession_win.exe => No File
FirewallRules: [UDP Query User{A97281AD-9A08-40A1-9A7C-8F0B46CABDCD}C:\users\dw\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\dw\appdata\local\akamai\netsession_win.exe => No File
FirewallRules: [{EAB2E784-696D-4EEA-A4C1-5FEFB908CE35}] => (Block) C:\users\dw\appdata\local\akamai\netsession_win.exe => No File
FirewallRules: [{FB49A1FD-89AA-487C-BA20-989B0734A948}] => (Block) C:\users\dw\appdata\local\akamai\netsession_win.exe => No File
FirewallRules: [{05BC3AF1-52C9-48F2-9316-0E1B6F5CB002}] => (Allow) C:\Program Files (x86)\MediaMall\MediaMallServer.exe (MediaMall Technologies, Inc. -> MediaMall Technologies, Inc.)
FirewallRules: [{B81A5A82-0F0B-4851-8C2C-FAC7BF3D2D01}] => (Allow) C:\Program Files (x86)\MediaMall\MediaMallServerLauncher.exe (MediaMall Technologies, Inc.) [File not signed]
FirewallRules: [{0E6C394B-A81B-4E14-98B4-AB8DE8818BC5}] => (Allow) C:\Program Files (x86)\MediaMall\SettingsManager.exe (MediaMall Technologies, Inc. -> MediaMall Technologies, Inc.)
FirewallRules: [{E7138196-C173-4884-940C-52930BB768D5}] => (Allow) C:\Program Files (x86)\MediaMall\PlayOn.exe (MediaMall Technologies, Inc. -> MediaMall Technologies, Inc.)
FirewallRules: [{17D96841-CEDC-4519-958A-D18D8F722C67}] => (Allow) C:\Program Files (x86)\MediaMall\Surfer.exe (MediaMall Technologies, Inc.) [File not signed]
FirewallRules: [TCP Query User{F74E7D54-046F-45C8-9278-A719610F7B7D}C:\program files (x86)\surfeasy vpn\client\surfeasyvpn.exe] => (Allow) C:\program files (x86)\surfeasy vpn\client\surfeasyvpn.exe (NortonLifeLock Inc. -> )
FirewallRules: [UDP Query User{259DBF6E-DF97-4C07-B97C-7B4D63B1D4C1}C:\program files (x86)\surfeasy vpn\client\surfeasyvpn.exe] => (Allow) C:\program files (x86)\surfeasy vpn\client\surfeasyvpn.exe (NortonLifeLock Inc. -> )
FirewallRules: [{63DB9EE9-C7D9-4F24-B639-D7B10C43103B}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{CA19C81F-5D96-4977-96D6-C3D34623D354}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{B6CA6E27-17F7-486E-979A-C0224C5CEA25}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{D1742DF4-B4DE-4A8A-9922-097B7AA48041}C:\program files (x86)\surfeasy vpn\client\surfeasyvpn.exe] => (Allow) C:\program files (x86)\surfeasy vpn\client\surfeasyvpn.exe (NortonLifeLock Inc. -> )
FirewallRules: [UDP Query User{7A0FBFC0-F93A-4373-83CD-8408D826E536}C:\program files (x86)\surfeasy vpn\client\surfeasyvpn.exe] => (Allow) C:\program files (x86)\surfeasy vpn\client\surfeasyvpn.exe (NortonLifeLock Inc. -> )
FirewallRules: [{FCB42321-03EE-498B-9C90-48B435F95EF6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{59154658-BFE0-4081-BA64-293DE4D7DD48}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{47AE6514-2C8A-4EE6-8794-44672D8AB3EA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{12859720-6D56-445B-9D83-40210CFF7D48}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{8A42FDC3-8F86-46D1-8110-A58812C9687F}C:\program files (x86)\nero\nero 2016\nero burning rom\nero.exe] => (Block) C:\program files (x86)\nero\nero 2016\nero burning rom\nero.exe (Nero AG -> Nero AG)
FirewallRules: [UDP Query User{F5DCD068-790D-4C2A-8CC6-D9AA5C80A769}C:\program files (x86)\nero\nero 2016\nero burning rom\nero.exe] => (Block) C:\program files (x86)\nero\nero 2016\nero burning rom\nero.exe (Nero AG -> Nero AG)
FirewallRules: [{78F67275-4FA5-4169-96B0-265DD4F98499}] => (Allow) LPort=8888
FirewallRules: [TCP Query User{CDC479A1-F9F9-4C3E-A194-EF665450170D}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe (Seagate Technology LLC -> Seagate Technology LLC)
FirewallRules: [UDP Query User{DFCEA328-B193-4D1D-9EC4-ABFEAC36CD95}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe (Seagate Technology LLC -> Seagate Technology LLC)
FirewallRules: [TCP Query User{C6AB84B2-EEEE-4E06-9418-018CA284EBEB}C:\program files (x86)\toolkit\toolkit.exe] => (Allow) C:\program files (x86)\toolkit\toolkit.exe (SEAGATE TECHNOLOGY LLC -> Seagate Technology LLC)
FirewallRules: [UDP Query User{5C8985B1-20B0-4691-A4D5-C00651528814}C:\program files (x86)\toolkit\toolkit.exe] => (Allow) C:\program files (x86)\toolkit\toolkit.exe (SEAGATE TECHNOLOGY LLC -> Seagate Technology LLC)
FirewallRules: [{4EAC405E-1251-48A2-AA41-370802106D4C}] => (Allow) C:\Program Files (x86)\Seagate\DiscWizard\DiscWizard.exe (Acronis International GmbH -> )
FirewallRules: [{1C3380D4-C466-4AC0-835F-233C62D75BAD}] => (Allow) C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe (Acronis International GmbH -> )
FirewallRules: [{45558309-66AD-40D6-B97A-D618668831FB}] => (Allow) C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardTools.exe (Acronis International GmbH -> )
FirewallRules: [{5016ED56-96C7-403D-89EA-3FF1BDB63C6E}] => (Allow) C:\Program Files (x86)\Common Files\Seagate\DiscWizard\DiscWizardService.exe (Acronis International GmbH -> )
FirewallRules: [{5503715B-52E4-43EE-B8FE-D758FDA9D0CF}] => (Allow) C:\Program Files (x86)\Seagate\DiscWizard\MediaBuilder.exe (Acronis International GmbH -> )
FirewallRules: [{5F747F4E-86E0-40EE-B335-B6342EEBF1E7}] => (Allow) C:\Program Files (x86)\Seagate\DiscWizard\SystemReport.exe (Acronis International GmbH -> )
FirewallRules: [{A4D32769-2F51-4E44-9A72-B9D7D966A1D9}] => (Allow) C:\Program Files (x86)\Seagate\Agent\bin\bckp_amgr.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{B21B9957-4BF9-4FDE-9BF5-32F049508F7B}] => (Allow) C:\Program Files (x86)\Seagate\Agent\bin\task-manager.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{328B902B-8852-4D06-BF10-A47751C1F9F3}] => (Allow) LPort=8888
FirewallRules: [TCP Query User{1DE37606-D429-4C5D-AE99-ED759CFDC5BE}C:\program files (x86)\turbotax 2022\cefsharp.browsersubprocess.exe] => (Block) C:\program files (x86)\turbotax 2022\cefsharp.browsersubprocess.exe (Intuit Canada ULC -> The CefSharp Authors)
FirewallRules: [UDP Query User{B0DC3CD6-E72E-45B3-BF6E-F1F461CC2CEC}C:\program files (x86)\turbotax 2022\cefsharp.browsersubprocess.exe] => (Block) C:\program files (x86)\turbotax 2022\cefsharp.browsersubprocess.exe (Intuit Canada ULC -> The CefSharp Authors)
FirewallRules: [TCP Query User{C1D5EBFC-98F0-4EEF-85FF-696CB4C7EE6C}C:\program files\dvdfab\dvdfab 12\dvdfab64.exe] => (Allow) C:\program files\dvdfab\dvdfab 12\dvdfab64.exe => No File
FirewallRules: [UDP Query User{5DA42AA6-7925-4CEC-A82A-AF717721D66A}C:\program files\dvdfab\dvdfab 12\dvdfab64.exe] => (Allow) C:\program files\dvdfab\dvdfab 12\dvdfab64.exe => No File
FirewallRules: [{ED07D903-029D-4B63-B3CD-50ACFF4A344F}] => (Allow) C:\Program Files\NordVPN\NordSec ThreatProtection\nordsec-threatprotection-service.exe => No File
FirewallRules: [{5688C3FB-12CF-4362-A62C-3B983E9F85A7}] => (Allow) C:\Program Files\NordVPN\NordSec ThreatProtection\nordsec-threatprotection-service.exe => No File
FirewallRules: [TCP Query User{338BC95F-F2AA-46BA-A9D6-C08AB7522B9E}C:\windows\system32\mmc.exe] => (Block) C:\windows\system32\mmc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{943B63FE-F38F-4875-9F55-80E1AC94B2F0}C:\windows\system32\mmc.exe] => (Block) C:\windows\system32\mmc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{CF6F6AA9-B987-493D-A278-12FE67621B70}] => (Allow) C:\Users\DW\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
FirewallRules: [{F58AD4F3-3CF7-4DD6-B535-57D0037F8F65}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{8D701E73-6BAB-455D-B9E6-4C465CA20C9A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{1116C302-60B7-4532-942F-EA92B713AE4B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{E2DFABB0-441C-4CB4-8C09-B9270A0C8A5D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{AA84FAC8-F0D5-4F11-A138-A09EF443CACF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{FFF70C16-4971-475A-BC36-9AFB69B46874}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{5D0B0461-77B6-4D44-AE83-69F4646F9AA3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{8FA13D1F-C7E1-45E5-A789-9F2C9562763D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12130.9.2003.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{C2141DB8-8A35-48E7-A479-1BE5704F053B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{7084415A-954D-4305-B8F3-15E8E29EDF4F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{03AD9F51-4A2F-42D8-B34A-748C662F28E2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{AB3086D8-9FF7-4259-BCDB-C177A38FD19A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{4B74768D-82E3-487A-B7DA-B2819351C210}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{6D2B760D-4B7E-4CE1-A5CA-97C53556F9F0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{51EA0E4D-A435-4752-A986-E66D2774EAF9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{1D1FF561-162F-4124-B030-2C56AA8AEBE1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12132.3.2017.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{E838B5CB-678F-41CE-897A-4B4975AB809D}] => (Allow) C:\Program Files (x86)\Microsoft\Edge Dev\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{212CAF31-5DFA-4ED7-93A0-538B36DC8900}] => (Allow) C:\Program Files (x86)\Microsoft\Edge Dev\Application\126.0.2592.11\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C644921B-078B-43DE-8296-EF4918FA40BC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E80978FD-F9B3-4B99-89A3-21CBDB8CA1DA}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.67\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
Name: USB Mass Storage Device
Description: USB Mass Storage Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Compatible USB storage device
Service: USBSTOR
Problem: : Windows cannot use this hardware device because it has been prepared for safe removal, but it has not been removed from the computer. (Code 47)
Resolution: Unplug the device, and then plug it in again. Alternately, restart the computer to make the device available.
Name: Apple Mobile Device USB Composite Device
Description: Apple Mobile Device USB Composite Device
Class Guid: {88bae032-5a81-49f0-bc3d-a4ff138216d6}
Manufacturer: Apple, Inc.
Service: usbccgp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (05/29/2024 08:13:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 15 137.0.168.192.in-addr.arpa. PTR SAMSUNG.local.
Error: (05/29/2024 08:13:17 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.137:5353 17 137.0.168.192.in-addr.arpa. PTR SAMSUNG-3.local.
Error: (05/29/2024 08:12:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 15 137.0.168.192.in-addr.arpa. PTR SAMSUNG.local.
Error: (05/29/2024 08:12:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.137:5353 17 137.0.168.192.in-addr.arpa. PTR SAMSUNG-3.local.
Error: (05/28/2024 08:15:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 15 137.0.168.192.in-addr.arpa. PTR SAMSUNG.local.
Error: (05/28/2024 08:15:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.137:5353 17 137.0.168.192.in-addr.arpa. PTR SAMSUNG-3.local.
Error: (05/28/2024 07:56:55 PM) (Source: SITomcat) (EventID: 4098) (User: )
Description: Event-ID 4098
Error: (05/28/2024 07:56:55 PM) (Source: SITomcat) (EventID: 4096) (User: )
Description: Event-ID 4096
System errors:
=============
Error: (05/29/2024 07:20:52 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Error: (05/28/2024 08:15:27 PM) (Source: DCOM) (EventID: 10010) (User: SAMSUNG)
Description: The server {DD000CBD-67A6-423F-9132-1A2D0F76EAD5} did not register with DCOM within the required timeout.
Error: (05/28/2024 08:10:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (05/28/2024 08:10:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
Error: (05/28/2024 08:05:45 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Management and Security Application Local Management Service service hung on starting.
Error: (05/28/2024 07:57:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MediaMall Server service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (05/28/2024 07:57:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the MediaMall Server service to connect.
Error: (05/28/2024 07:57:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the Seagate Dashboard Services service to connect.
Windows Defender:
================
Date: 2024-05-29 09:43:08
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-05-29 08:57:36
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-05-29 08:07:40
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-05-29 07:48:33
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2024-05-28 22:28:29
Description:
C:\Program Files\CCleaner\CCleaner64.exe has been blocked from modifying %userprofile%\Documents\DVDFab\ by Controlled Folder Access.
Detection time: 2024-05-29T04:28:29.767Z
Path: %userprofile%\Documents\DVDFab\
Process Name: C:\Program Files\CCleaner\CCleaner64.exe
Security intelligence Version: 1.411.418.0
Engine Version: 1.1.24040.1
Product Version: 4.18.24040.4
Event[0]:
Date: 2024-05-27 11:02:23
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
Date: 2024-05-20 16:34:52
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
Date: 2024-05-15 12:21:17
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
Date: 2024-05-03 09:23:21
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
Date: 2024-05-02 17:11:48
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.409.616.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.24030.4
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.
CodeIntegrity:
===============
Date: 2024-05-29 11:00:10
Description:
Code Integrity determined that a process (\Device\HarddiskVolume9\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume9\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
Date: 2024-05-29 07:55:03
Description:
Code Integrity determined that a process (\Device\HarddiskVolume9\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe) attempted to load \Device\HarddiskVolume9\Program Files\Malwarebytes\Anti-Malware\mbamsi32.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. P09ABI.026.141024.dg 10/24/2014
Motherboard: SAMSUNG ELECTRONICS CO., LTD. NP550P7C-T05CA
Processor: Intel® Core i7-3630QM CPU @ 2.40GHz
Percentage of memory in use: 64%
Total physical RAM: 8079.29 MB
Available physical RAM: 2906.9 MB
Total Virtual: 27535.29 MB
Available Virtual: 22333.87 MB
==================== Drives ================================
Drive c: (Local Disk) (Fixed) (Total:1860.6 GB) (Free:443.91 GB) (Model: WDC WD20SPZX-22UA7T0) NTFS
Drive f: () (Fixed) (Total:908.78 GB) (Free:21.83 GB) (Model: ST1000LM024 HN-M101MBB) NTFS
Drive u: () (Network) (Total:0 GB) (Free:0 GB) (Model: ST1000LM024 HN-M101MBB)
Drive x: () (Network) (Total:0 GB) (Free:0 GB)
Drive y: () (Network) (Total:0 GB) (Free:0 GB) (Model: ST1000LM024 HN-M101MBB)
Drive z: () (Network) (Total:0 GB) (Free:0 GB) (Model: ST1000LM024 HN-M101MBB)
\\?\Volume{d19923b0-e889-4b1a-b264-29b427b958cc}\ (Windows RE tools) (Fixed) (Total:0.49 GB) (Free:0.15 GB) NTFS
\\?\Volume{afd6a5d3-3e96-4dd2-b8ff-bfbfcd18deac}\ () (Fixed) (Total:0.44 GB) (Free:0.13 GB) NTFS
\\?\Volume{7c059aa7-b0d9-4bb1-aec6-8025b9d7096d}\ (SAMSUNG_REC2) (Fixed) (Total:20.39 GB) (Free:0.61 GB) NTFS
\\?\Volume{18edf1d8-c7a1-42e4-4173-636c65706975}\ (SAMSUNG_REC) (Fixed) (Total:1 GB) (Free:0.3 GB) FAT32
\\?\Volume{61b714ba-f4e4-4d17-8293-f81b401e39f8}\ () (Fixed) (Total:0.92 GB) (Free:0.24 GB) NTFS
\\?\Volume{bf5c880a-6343-4491-9265-e59484f6e363}\ () (Fixed) (Total:0.44 GB) (Free:0.12 GB) NTFS
\\?\Volume{4d31fcec-7ce8-4900-aeb7-babf96ed301c}\ () (Fixed) (Total:0.44 GB) (Free:0.12 GB) NTFS
\\?\Volume{5076b848-7c38-4569-aff6-35cf7e0f2b92}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.26 GB) FAT32
\\?\Volume{90cc95d0-0fff-4aef-a1fc-6ae2ff3e7528}\ () (Fixed) (Total:0.49 GB) (Free:0.35 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4820B9BD)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: BCEA6765)
Partition: GPT.
==================== End of Addition.txt =======================
Edited by Chris Cosgrove, 30 May 2024 - 02:26 AM.
Duplicated post deleted.