Blocked from any site that Uses WordPress

So Farrare

Starting a couple of months ago I noticed that some sites I have bookmarked and look at occasionally were returning the message, “This site is unreachable … ERR_CONNECTION_TIMED_OUT.” I normally use Google Chrome, but have the same behavior in Firefox. The same thing happens with some links on news aggregators […]

Starting a couple of months ago I noticed that some sites I have bookmarked and look at occasionally were returning the message, “This site is unreachable … ERR_CONNECTION_TIMED_OUT.” I normally use Google Chrome, but have the same behavior in Firefox. The same thing happens with some links on news aggregators I use. I noticed that some of the sites are located on the WordPress server, e.g. unlearningeconomics.wordpress.com, while others do not, e.g. mikethemadbiologist.com. I infer they all use the WordPress software, but don’t know how to confirm that. I have no trouble connecting to them from a Linux installation.

 

The only restore point on System Restore is not found by the utility when I try to restore it, and there should be at least three other restore points.

 

I have tried a number of antivirus programs, including ESET Offline Scanner, Kaspersky Rescue Disk, Malwarebytes, AVG Antivirus, and Spy Hunter. None of them found anything.

—————————————————————————————————————

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-07-2021 01
Ran by Roger (administrator) on HENRY (23-07-2021 13:36:00)
Running from C:UsersRogerDownloads
Loaded Profiles: Roger
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:Program FilesqBittorrentqbittorrent.exe
(AMD) [File not signed] C:Program FilesAMDPerformance Profile ClientAUEPUF.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:Program FilesAVGAntivirusaswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:Program FilesAVGAntivirusaswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:Program FilesAVGAntivirusAVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:Program FilesAVGAntivirusavgToolsSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:Program FilesAVGAntivirusAVGUI.exe <4>
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:Program FilesAVGAntiviruswsc_proxy.exe
(AVG Technologies USA, LLC -> AVG Technologies) C:Program Files (x86)AVGBrowserUpdate1.8.1066.0AVGBrowserCrashHandler.exe
(AVG Technologies USA, LLC -> AVG Technologies) C:Program Files (x86)AVGBrowserUpdate1.8.1066.0AVGBrowserCrashHandler64.exe
(CANON ELECTRONICS INC -> Canon Electronics Inc.) C:Program Files (x86)Canon ElectronicsShared FilesDriverNetworkMonitor.exe
(CANON ELECTRONICS INC -> Copyright Canon Electronics Inc.) C:Program FilesCanon ElectronicsDRM200button_monitor.exe
(Canon Inc. -> ) C:Program Files (x86)CanonIJPLMijplmsvc.exe
(Canon Inc. -> CANON INC.) C:Program Files (x86)CanonIJ Scan UtilitySETEVENT.exe
(DEVGURU Co., Ltd. -> DEVGURU Co., LTD.) C:Program Files (x86)SamsungUSB Drivers28_ssconn2connss_conn_service2.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:Program FilesEnigmaSoftSpyHunterShKernel.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:Program FilesEnigmaSoftSpyHunterShMonitor.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:Program FilesEnigmaSoftSpyHunterSpyHunter5.exe
(F.lux Software LLC -> f.lux Software LLC) C:UsersRogerAppDataLocalFluxSoftwareFluxflux.exe
(Google LLC -> Google LLC) C:Program FilesGoogleChromeApplicationchrome.exe <19>
(Microsoft Corporation -> Microsoft Corporation) C:Program Files (x86)MicrosoftEdgeUpdateMicrosoftEdgeUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:Program FilesWindows Sidebarsidebar.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32vds.exe
(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32wbengine.exe
(Mozilla Corporation -> Mozilla Corporation) C:Program FilesMozilla Firefoxfirefox.exe <8>
(NVIDIA Corporation -> Node.js) C:Program Files (x86)NVIDIA CorporationNvNodeNVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationDisplay.NvContainerNVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:Program FilesNVIDIA CorporationShadowPlaynvsphelper64.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:Program FilesCCleanerCCleaner64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:Program Files (x86)SamsungUSB Drivers27_ssconnconnss_conn_service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM…Run: [Canon DR-M200 Series Button Monitor] => C:Program FilesCanon ElectronicsDRM200button_monitor.exe [4284712 2017-12-04] (CANON ELECTRONICS INC -> Copyright Canon Electronics Inc.)
HKLM…Run: [AVGUI.exe] => C:Program FilesAVGAntivirusAvLaunch.exe [171320 2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLMSOFTWAREPoliciesMicrosoftWindows Defender: Restriction <==== ATTENTION
HKUS-1-5-21-2753872946-3147176540-3625591976-1000…Run: [f.lux] => C:UsersRogerAppDataLocalFluxSoftwareFluxflux.exe [1515848 2021-06-18] (F.lux Software LLC -> f.lux Software LLC)
HKUS-1-5-21-2753872946-3147176540-3625591976-1000…Run: [AppEx Accelerator UI] => C:Program FilesAMD Quick StreamAMDQuickStream.exe [488640 2015-04-06] (AppEx Networks Corporation -> AppEx Networks Corporation)
HKUS-1-5-21-2753872946-3147176540-3625591976-1000…Run: [qBittorrent] => C:Program FilesqBittorrentqbittorrent.exe [26895872 2021-06-27] () [File not signed]
HKUS-1-5-21-2753872946-3147176540-3625591976-1000…Run: [CCleaner Smart Cleaning] => C:Program FilesCCleanerCCleaner64.exe [35062912 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKUS-1-5-21-2753872946-3147176540-3625591976-1000…PoliciesExplorer: [NoLowDiskSpaceChecks] 1
HKUS-1-5-21-2753872946-3147176540-3625591976-1000…MountPoints2: aa5b5318-6a35-11ea-ba15-e0d55e33c7c4 – H:Setup.exe /s
HKUS-1-5-21-2753872946-3147176540-3625591976-500…Run: [FBackup 7 Tray Agent] => “C:Program Files (x86)SoftlandFBackup 7bTray.exe”
HKUS-1-5-21-2753872946-3147176540-3625591976-500…PoliciesExplorer: [LinkResolveIgnoreLinkInfo] 1
HKUS-1-5-21-2753872946-3147176540-3625591976-500…PoliciesExplorer: [NoInternetOpenWith] 1
HKUS-1-5-21-2753872946-3147176540-3625591976-500…PoliciesExplorer: [NoLowDiskSpaceChecks] 1
HKUS-1-5-21-2753872946-3147176540-3625591976-500…PoliciesExplorer: [NoResolveSearch] 1
HKLM…Windows x64Print ProcessorsCanon G2000 series Print Processor: C:WindowsSystem32spoolprtprocsx64CNMPDCX.DLL [30208 2016-03-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM…Windows x64Print ProcessorsCanon G2010 series Print Processor: C:WindowsSystem32spoolprtprocsx64CNMPDEG.DLL [482816 2017-08-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM…PrintMonitorsCanon BJ Language Monitor G2000 series: C:WindowsSystem32CNMLMCX.DLL [406528 2016-03-21] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM…PrintMonitorsCanon BJ Language Monitor G2010 series: C:WindowsSystem32CNMLMEG.DLL [1303040 2017-08-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM…PrintMonitorsCanon BJ Language Monitor MP280 series: C:WindowsSystem32CNMLMAA.DLL [385024 2012-03-14] (CANON INC.) [File not signed]
HKLMSoftware…AppCompatFlagsCustomiexplore.exe: [a9264802-8a7a-40fe-a135-5c6d204aed7a.sdb] -> Internet Explorer (Enable DEP)
HKLMSoftware…AppCompatFlagsInstalledSDBa9264802-8a7a-40fe-a135-5c6d204aed7a: [DatabasePath] -> C:WindowsAppPatchCustoma9264802-8a7a-40fe-a135-5c6d204aed7a.sdb [2011-12-19]
HKLMSoftwareMicrosoftActive SetupInstalled Components: [48F69C39-1356-4A7B-A899-70E3539D4982] -> C:Program Files (x86)AVGBrowserApplication91.1.10935.166Installerchrmstp.exe [2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies)
HKLMSoftwareMicrosoftActive SetupInstalled Components: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> C:Program FilesGoogleChromeApplication91.0.4472.164Installerchrmstp.exe [2021-07-19] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:ProgramDataNTUSER.pol: Restriction <==== ATTENTION
HKLMSOFTWAREPoliciesMozillaFirefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: 006A0D8B-C98C-4829-A4C9-66EDD65CF00E – System32Tasksnvprofileupdaterdaily_b2fe1952-0186-46c3-baec-a80aa35ac5b8 => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: 05D24A77-8F88-4C1A-B890-AC2F86D7A9F9 – System32Tasksadobe acrobat update task => C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: 07D0C60B-C5C5-4E78-8FFF-BDBEC060318C – System32Tasksgoogleupdatetaskmachineua => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [153168 2015-10-31] (Google Inc -> Google Inc.)
Task: 0FCB8C6E-6AE8-4D0C-8FC9-7B14EC7CF42A – System32Tasksnvtmrep_crashreport3_b2fe1952-0186-46c3-baec-a80aa35ac5b8 => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: 0FFC7E56-34A2-45D7-B846-63D6BC2F09A7 – System32TasksAVGUpdateTaskMachineUA => C:Program Files (x86)AVGBrowserUpdateAVGBrowserUpdate.exe [201984 2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies)
Task: 10408190-C0E9-4F95-9B89-0A248F723ABC – System32TasksNVIDIA GeForce Experience SelfUpdate_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: 135F0068-9AA0-440C-913E-673ACB850C87 – System32TasksAMDLinkUpdate => C:Program FilesAMDCIMBIN64InstallManagerApp.exe [10219208 2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: 1431C7BB-6661-45E4-AA15-A0BB49E1DD39 – System32Tasksnvnodelauncher_b2fe1952-0186-46c3-baec-a80aa35ac5b8 => C:Program Files (x86)NVIDIA CorporationNvNodenvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: 2F19B3BA-EEC4-465A-A5D7-BD75EF34E6D8 – System32TasksEOSv3 Scheduler onTime => C:UsersRogerAppDataLocalESETESETOnlineScannerESETOnlineScanner.exe
Task: 354AFE02-A59C-4037-87F1-A4B60E646B50 – System32TasksMozillaFirefox Default Browser Agent 308046B0AF4A39CB => C:Program FilesMozilla Firefoxdefault-browser-agent.exe [681400 2021-07-19] (Mozilla Corporation -> Mozilla Foundation)
Task: 364ADB2D-2096-40FE-9B6B-A2DE19AAA0F5 – System32Tasksnvtmrep_crashreport4_b2fe1952-0186-46c3-baec-a80aa35ac5b8 => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: 47566916-03CC-4FDD-A409-BEA9059A1FA8 – System32Tasksgoogleupdatetaskmachinecore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [153168 2015-10-31] (Google Inc -> Google Inc.)
Task: 4AE3D786-F531-4252-8578-A5A69B9CC390 – System32Tasksnvtmrep_crashreport1_b2fe1952-0186-46c3-baec-a80aa35ac5b8 => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: 613E6945-8A5E-44B9-B4C0-ADB4002EABCD – System32TasksAVGOverseer => C:Program FilesCommon FilesAVGOverseeroverseer.exe [1821968 2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies)
Task: 671410B2-2C4B-46AF-8D8F-C8FEECDDAA0B – System32TasksAVGUpdateTaskMachineCore => C:Program Files (x86)AVGBrowserUpdateAVGBrowserUpdate.exe [201984 2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies)
Task: 71DF40F9-D4F5-424E-97E6-4000E59D2511 – System32TasksCCleanerSkipUAC => C:Program FilesCCleanerCCleaner.exe [29136000 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: 8CDDCAD3-482F-4449-BD25-98E95B71F632 – System32TasksAntivirus Emergency Update => C:Program FilesAVGAntivirusAvEmUpdate.exe [4950840 2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: 9CD313A7-89E3-48BE-8B8A-9468AD40D0B3 – System32Tasksnvtmrep_crashreport2_b2fe1952-0186-46c3-baec-a80aa35ac5b8 => C:Program FilesNVIDIA CorporationNvBackendNvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: 9FC42C0B-1647-4219-8F01-EA41E97AF874 – System32TasksEOSv3 Scheduler onLogOn => C:UsersRogerAppDataLocalESETESETOnlineScannerESETOnlineScanner.exe
Task: A28D7936-8E06-4A22-AFC9-CCB90B920FC2 – System32TasksNvBatteryBoostCheckOnLogon_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvBackendNvBatteryBoostCheck” -l 3 -f C:ProgramDataNVIDIANvContainerBatteryBoostCheck.log
Task: B4E5AABD-AAC6-4D8F-9097-C14AA3AA8C23 – System32TasksCCleaner Update => C:Program FilesCCleanerCCUpdate.exe [684976 2021-07-16] (Piriform Software Ltd -> Piriform)
Task: C19A930D-7732-48BA-861C-9A2BF7F87352 – System32TasksAVG Secure Browser Heartbeat Task (Hourly) => C:Program Files (x86)AVGBrowserApplicationAVGBrowser.exe [2280784 2021-07-16] (AVG Technologies USA, LLC -> AVG Technologies)
Task: C713779D-9889-4E14-A451-DCD0EEE0668A – System32TasksModifyLinkUpdate => C:Program FilesAMDCIMBin64InstallManagerApp.exe [10219208 2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: D3EC339E-07E1-4F0E-8227-9FA8D4179B37 – System32Tasksamd updater => C:Program FilesAMDCIM\Bin64InstallManagerApp.exe [10219208 2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: DF5DC6AE-A40C-4954-8078-826D0661CB3C – System32Tasksnvprofileupdateronlogon_b2fe1952-0186-46c3-baec-a80aa35ac5b8 => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: E47BB330-2731-4879-ADF1-E7AA564123CF – System32TasksNeroNero Info => C:Program Files (x86)Common FilesNeroNero InfoNeroInfo.exe [3227472 2013-08-20] (Nero AG -> Nero AG)
Task: F1D62F04-C4D6-4B45-8ED4-C14D5A3B5438 – System32TasksAVG Secure Browser Heartbeat Task (Logon) => C:Program Files (x86)AVGBrowserApplicationAVGBrowser.exe [2280784 2021-07-16] (AVG Technologies USA, LLC -> AVG Technologies)
Task: F4CE631A-3B23-4F3B-9B96-74E891D3ACAC – System32TasksNvDriverUpdateCheckDaily_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8 => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvDriverUpdateCheck” -l 3 -f C:ProgramDataNVIDIANvContainerDriverUpdateCheck.log

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-2753872946-3147176540-3625591976-1000] => 127.0.0.1:8892
Tcpip..InterfacesC43B5CF4-8D98-4760-B4FE-0F0DD108C327: [NameServer] 8.8.8.8,8.8.4.4
HKLMSystem…ParametersPersistentRoutes: [0.0.0.0,0.0.0.0,192.168.1.1,-1]

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:UsersRogerAppDataLocalMicrosoftEdgeUser DataDefault [2021-07-23]

FireFox:
========
FF DefaultProfile: cmrzmufm.default-1604243613107
FF DefaultProfile: 47fiiz9p.default
FF ProfilePath: C:UsersRogerAppDataRoamingMozillaFirefoxProfilescmrzmufm.default-1604243613107 [2021-07-23]
FF NetworkProxy: MozillaFirefoxProfilescmrzmufm.default-1604243613107 -> type”, 0
FF Session Restore: MozillaFirefoxProfilescmrzmufm.default-1604243613107 -> is enabled.
FF Notifications: MozillaFirefoxProfilescmrzmufm.default-1604243613107 -> hxxps://calendar.google.com
FF Extension: (Bypass Paywalls) – C:UsersRogerAppDataRoamingMozillaFirefo[email protected]bypasspaywalls.xpi [2021-07-17]
FF Extension: (Cookie AutoDelete) – C:UsersRogerAppDataRoamingMozillaFirefoxP[email protected]kennydo.com.xpi [2021-02-20]
FF Extension: (HTTPS Everywhere) – C:UsersRogerAppDataRoamingMozillaFirefoxP[email protected]eff.org.xpi [2021-07-16]
FF Extension: (360 Internet Protection) – C:UsersRogerAppDataRoamingMozillaFirefoxPro[email protected]360safe.com.xpi [2020-11-29]
FF Extension: (Privacy Badger) – C:UsersRogerAppDataRoamingMozillaFirefoxProf[email protected]jetpack.xpi [2021-06-12]
FF Extension: (Print Edit WE) – C:UsersRogerAppDataRoamingMozillaFire[email protected]DW-dev.xpi [2021-05-27]
FF Extension: (LastPass: Free Password Manager) – C:UsersRogerAppDataRoamingMozill[email protected]lastpass.com.xpi [2021-07-22]
FF Extension: (Privacy Possum) – C:UsersRogerAppDataRoamingMozillaFirefoxProf[email protected]jetpack.xpi [2020-11-01]
FF Extension: (Video DownloadHelper) – C:UsersRogerAppDataRoamingMozillaFirefoxProfilescmrzmufm.default-1604243613107Extensionsb9db16a4-6edc-47ec-a1f4-b86292ed211d.xpi [2021-07-05]
FF ProfilePath: C:UsersRogerAppDataRoamingDisruptive Innovations SARLBlueGriffonProfiles47fiiz9p.default [2020-06-26]
FF Extension: (Czech (CZ) Language Pack) – C:UsersRogerAppDataRoamingDisruptive Innovations [email protected]egriffon.org.xpi [2020-06-19] [Legacy] [not signed]
FF Extension: (Deutsch (DE) Language Pack) – C:UsersRogerAppDataRoamingDisruptive Innovations [email protected]egriffon.org.xpi [2020-06-19] [Legacy] [not signed]
FF Extension: (English (US) Language Pack) – C:UsersRogerAppDataRoamingDisruptive Innovations [email protected]bluegriffon.org.xpi [2020-06-19] [Legacy] [not signed]
FF Extension: (Español (España) Language Pack) – C:UsersRogerAppDataRoamingDisruptive Innovations [email protected]bluegriffon.org.xpi [2020-06-19] [Legacy] [not signed]
FF Extension: (Finnish Language Pack) – C:UsersRogerAppDataRoamingDisruptive Innovations [email protected]egriffon.org.xpi [2020-06-19] [Legacy] [not signed]
FF Extension: (Français Language Pack) – C:UsersRogerAppDataRoamingDisruptive Innovations [email protected]egriffon.org.xpi [2020-06-19] [Legacy] [not signed]
FF Extension: (Galego (España) Language Pack) – C:UsersRogerAppDataRoamingDisruptive Innovations [email protected]egriffon.org.xpi [2020-06-19] [Legacy] [not signed]
FF Extension: (Hebrew (IL) Language Pack) – C:UsersRogerAppDataRoamingDisruptive Innovations [email protected]egriffon.org.xpi [2020-06-19] [Legacy] [not signed]
FF Extension: (Magyar (HU) Language Pack) – C:UsersRogerAppDataRoamingDisruptive Innovations [email protected]egriffon.org.xpi [2020-06-19] [Legacy] [not signed]
FF Extension: (Italiano (IT) Language Pack) – C:UsersRogerAppDataRoamingDisruptive Innovations [email protected]egriffon.org.xpi [2020-06-19] [Legacy] [not signed]
FF Extension: (Japanese Language Pack) – C:UsersRogerAppDataRoamingDisruptive Innovations [email protected]egriffon.org.xpi [2020-06-19] [Legacy] [not signed]
FF Extension: (Korean (KR) Language Pack) – C:UsersRogerAppDataRoamingDisruptive Innovations [email protected]egriffon.org.xpi [2020-06-19] [Legacy] [not signed]
FF Extension: (Nederlands (NL) Language Pack) – C:UsersRogerAppDataRoamingDisruptive Innovations [email protected]egriffon.org.xpi [2020-06-19] [Legacy] [not signed]
FF Extension: (Polski Language Pack) – C:UsersRogerAppDataRoamingDisruptive Innovations [email protected]egriffon.org.xpi [2020-06-19] [Legacy] [not signed]
FF Extension: (Russian (RU) Language Pack) – C:UsersRogerAppDataRoamingDisruptive Innovations [email protected]egriffon.org.xpi [2020-06-19] [Legacy] [not signed]
FF Extension: (Slovenski jezik Language Pack) – C:UsersRogerAppDataRoamingDisruptive Innovations [email protected]egriffon.org.xpi [2020-06-19] [Legacy] [not signed]
FF Extension: (српски (sr) Language Pack) – C:UsersRogerAppDataRoamingDisruptive Innovations [email protected]egriffon.org.xpi [2020-06-19] [Legacy] [not signed]
FF Extension: (Svenska (SE) Language Pack) – C:UsersRogerAppDataRoamingDisruptive Innovations [email protected]bluegriffon.org.xpi [2020-06-19] [Legacy] [not signed]
FF Extension: (Chinese Simplified (zh-CN) Language Pack) – C:UsersRogerAppDataRoamingDisruptive Innovations [email protected]bluegriffon.org.xpi [2020-06-19] [Legacy] [not signed]
FF Extension: (Traditional Chinese (zh-TW) Language Pack) – C:UsersRogerAppDataRoamingDisruptive Innovations [email protected]bluegriffon.org.xpi [2020-06-19] [Legacy] [not signed]
FF HKLM-x32…ThunderbirdExtensions: [[email protected]] – C:Program FilesESETESET NOD32 AntivirusMozilla Thunderbird => not found
FF HKUS-1-5-21-2753872946-3147176540-3625591976-500…SeaMonkeyExtensions: [[email protected]] – C:Program Files (x86)Internet Download Manageridmmzcc2.xpi => not found
FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:Program FilesJavajre1.8.0_231bindtpluginnpDeployJava1.dll [2019-10-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:Program FilesJavajre1.8.0_231binplugin2npjp2.dll [2019-10-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:Program FilesVideoLANVLCnpvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:Program Files (x86)AdobeAdobe Creative CloudUtilsnpAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @canon.com/EPPEX -> C:Program Files (x86)CanonMy Image GardenAddOnCIGnpmigfpi.dll [2019-07-02] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:Program Files (x86)Microsoft Silverlight5.1.30214.0npctrl.dll [2014-02-14] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=3 -> C:Program Files (x86)AVGBrowserUpdate1.8.1066.0npAvgBrowserUpdate3.dll [2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: @update.avgbrowser.com/AVG Browser;version=9 -> C:Program Files (x86)AVGBrowserUpdate1.8.1066.0npAvgBrowserUpdate3.dll [2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies)
FF Plugin-x32: Adobe Reader -> C:Program Files (x86)AdobeAcrobat Reader DCReaderAIRnppdf32.dll [2021-06-27] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:Program Files (x86)AdobeAdobe Creative CloudUtilsnpAdobeAAMDetect32.dll [No File]

Chrome:
=======
CHR Profile: C:UsersRogerAppDataLocalGoogleChromeUser DataDefault [2021-07-23]
CHR DownloadDir: C:UsersRogerDesktop
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> “hxxps://www.google.co.th/”
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q=searchTerms
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultNewTabURL: Default -> hxxps://duckduckgo.com/chrome_newtab
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q=searchTerms&type=list
CHR Session Restore: Default -> is enabled.
CHR Extension: (Slides) – C:UsersRogerAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2021-07-19]
CHR Extension: (Docs) – C:UsersRogerAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2021-07-19]
CHR Extension: (Google Drive) – C:UsersRogerAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2021-07-19]
CHR Extension: (YouTube) – C:UsersRogerAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2021-07-19]
CHR Extension: (EasyReader) – C:UsersRogerAppDataLocalGoogleChromeUser DataDefaultExtensionsboamfheepdiallipiieadpmnklbhadhc [2021-07-19]
CHR Extension: (uBlock Origin) – C:UsersRogerAppDataLocalGoogleChromeUser DataDefaultExtensionscjpalhdlnbpafiamejdnhcphjbkeiagm [2021-07-19]
CHR Extension: (Disable HTML5 Autoplay) – C:UsersRogerAppDataLocalGoogleChromeUser DataDefaultExtensionsefdhoaajjjgckpbkoglidkeendpkolai [2021-07-19]
CHR Extension: (Sheets) – C:UsersRogerAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2021-07-19]
CHR Extension: (Cookie AutoDelete) – C:UsersRogerAppDataLocalGoogleChromeUser DataDefaultExtensionsfhcgjolkccmbidfldomjliifgaodjagh [2021-07-19]
CHR Extension: (Google Docs Offline) – C:UsersRogerAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-19]
CHR Extension: (LastPass: Free Password Manager) – C:UsersRogerAppDataLocalGoogleChromeUser DataDefaultExtensionshdokiejnpimakedhajhdlcegeplioahd [2021-07-19]
CHR Extension: (IE Tab) – C:UsersRogerAppDataLocalGoogleChromeUser DataDefaultExtensionshehijbfgiekmjfkfjpbkbammjbdenadd [2021-07-19]
CHR Extension: (Evernote Web) – C:UsersRogerAppDataLocalGoogleChromeUser DataDefaultExtensionslbfehkoinhhcknnbdgnnmjhiladcgbol [2021-07-19]
CHR Extension: (AVG Online Security) – C:UsersRogerAppDataLocalGoogleChromeUser DataDefaultExtensionsnbmoafcmbajniiapeidgficgifbfmjfo [2021-07-22]
CHR Extension: (Save to Pocket) – C:UsersRogerAppDataLocalGoogleChromeUser DataDefaultExtensionsniloccemoadcdkdjlinkgdfekeahmflj [2021-07-19]
CHR Extension: (Chrome Web Store Payments) – C:UsersRogerAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-07-19]
CHR Extension: (Print Friendly & PDF) – C:UsersRogerAppDataLocalGoogleChromeUser DataDefaultExtensionsohlencieiipommannpdfcmfdpjjmeolj [2021-07-19]
CHR Extension: (Evernote Web Clipper) – C:UsersRogerAppDataLocalGoogleChromeUser DataDefaultExtensionspioclpoplcdbaefihamjohnefbikjilc [2021-07-19]
CHR Extension: (Gmail) – C:UsersRogerAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2021-07-19]
CHR Extension: (Chrome Media Router) – C:UsersRogerAppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-19]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeARMservice; C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeUpdateService; C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonElevationManagerAdobeUpdateService.exe [818128 2018-02-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S3 AMD FUEL Service; C:Program FilesAMDATI.ACEFuelFuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [File not signed]
S2 AUEPLauncher; C:Program FilesAMDPerformance Profile ClientAUEPLauncher.exe [43008 2019-03-02] (AMD) [File not signed]
S2 avg; C:Program Files (x86)AVGBrowserUpdateAVGBrowserUpdate.exe [201984 2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies)
R2 AVG Antivirus; C:Program FilesAVGAntivirusAVGSvc.exe [625976 2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:Program FilesAVGAntivirusavgToolsSvc.exe [374072 2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:Program FilesAVGAntivirusaswidsagent.exe [8297584 2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgm; C:Program Files (x86)AVGBrowserUpdateAVGBrowserUpdate.exe [201984 2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies)
S3 AVGSecureBrowserElevationService; C:Program Files (x86)AVGBrowserApplication91.1.10935.166elevation_service.exe [1421328 2021-07-16] (AVG Technologies USA, LLC -> AVG Technologies)
R2 AvgWscReporter; C:Program FilesAVGAntiviruswsc_proxy.exe [109480 2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 Backupper Service; C:Program Files (x86)AOMEI BackupperABService.exe [483184 2019-03-29] (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.)
R2 CIJSRegister; C:Program Files (x86)CanonIJ Scan UtilitySETEVENT.exe [153736 2017-03-02] (Canon Inc. -> CANON INC.)
R2 DriverNetworkMonitor; C:Program Files (x86)Canon ElectronicsShared FilesDriverNetworkMonitor.exe [378152 2018-01-15] (CANON ELECTRONICS INC -> Canon Electronics Inc.)
S3 EasyAntiCheat; C:Program Files (x86)EasyAntiCheatEasyAntiCheat.exe [803952 2019-08-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S2 Emc.Captiva.WebCaptureService; C:Program Files (x86)EMC CaptivaCaptiva Cloud RuntimeEmc.Captiva.WebCaptureService.exe [86008 2016-06-20] (EMC Corporation -> EMC Corporation)
R2 EsgShKernel; C:Program FilesEnigmaSoftSpyHunterShKernel.exe [12872144 2021-07-23] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 IJPLMSVC; C:Program Files (x86)CanonIJPLMIJPLMSVC.EXE [443344 2020-05-25] (Canon Inc. -> )
S3 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [7477704 2021-07-19] (Malwarebytes Inc -> Malwarebytes)
S3 NMIndexingService; C:Program Files (x86)Common FilesAheadLibNMIndexingService.exe [271920 2007-05-16] (Nero AG -> Nero AG)
R2 ShMonitor; C:Program FilesEnigmaSoftSpyHunterShMonitor.exe [526800 2021-07-23] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 ss_conn_service; C:Program Files (x86)SamsungUSB Drivers27_ssconnconnss_conn_service.exe [752224 2019-07-10] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:Program Files (x86)SamsungUSB Drivers28_ssconn2connss_conn_service2.exe [780328 2019-07-10] (DEVGURU Co., Ltd. -> DEVGURU Co., LTD.)
S3 WinDefend; C:Program FilesWindows Defendermpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S2 SntpService; “C:Program FilesSophosSophos Network Threat ProtectionSophosNtpService.exe” [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:WindowsSystem32DRIVERSaftap0901.sys [48624 2018-03-06] (AnchorFree Inc -> The OpenVPN Project)
R0 ambakdrv; C:WindowsSystem32ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:Windowssystem32ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:Windowssystem32amwrtdrv.sys [38320 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 AODDriver4.3; C:Program FilesAMDATI.ACEFuelamd64AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R2 AODDriver4.3.0; C:Program FilesAMDPerformance Profile Clientamd64AODDriver2.sys [60104 2015-02-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R2 APXACC; C:WindowsSystem32DRIVERSappexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation -> AppEx Networks Corporation)
R0 avgArDisk; C:WindowsSystem32driversavgArDisk.sys [35872 2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:WindowsSystem32driversavgArPot.sys [217056 2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:WindowsSystem32driversavgbidsdriver.sys [366704 2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:WindowsSystem32driversavgbidsh.sys [250464 2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:WindowsSystem32driversavgbuniv.sys [99440 2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:WindowsSystem32driversavgKbd.sys [41488 2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:WindowsSystem32driversavgMonFlt.sys [182736 2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:WindowsSystem32driversavgNetHub.sys [524568 2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgNetNd6; C:WindowsSystem32DRIVERSavgNetNd6.sys [29944 2021-07-22] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:WindowsSystem32driversavgRdr2.sys [108000 2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:WindowsSystem32driversavgRvrt.sys [83056 2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:WindowsSystem32driversavgSnx.sys [851344 2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:WindowsSystem32driversavgSP.sys [472064 2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:WindowsSystem32driversavgStm.sys [215536 2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:WindowsSystem32driversavgVmm.sys [327696 2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 EnigmaFileMonDriver; C:Windowssystem32DriversEnigmaFileMonDriver.sys [76744 2021-07-23] (EnigmaSoft Limited -> EnigmaSoft Limited)
R1 HWiNFO32; C:WindowsSysWOW64driversHWiNFO64A.SYS [27552 2015-10-31] (Martin Malik – REALiX -> REALiX™)
S3 igfx; C:WindowsSystem32DRIVERSigdkmd64.sys [5353888 2012-12-12] (Intel Corporation) [File not signed]
S3 MBAMSwissArmy; C:WindowsSystem32Driversmbamswissarmy.sys [248992 2021-07-19] (Malwarebytes Inc -> Malwarebytes)
R3 NVHDA; C:WindowsSystem32driversnvhda64v.sys [129960 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R3 nvlddmkm; C:WindowsSystem32DRIVERSnvlddmkm.sys [38199688 2021-06-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R1 sntp; C:WindowsSystem32DRIVERSsntp.sys [237520 2020-11-25] (Sophos Ltd -> Sophos Limited)
R0 Sophos Endpoint Defense; C:WindowsSystem32DRIVERSSophosED.sys [1247832 2020-12-16] (Sophos Ltd -> Sophos Limited)
S3 ssudmdm; C:WindowsSystem32DRIVERSssudmdm.sys [166752 2019-07-10] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudserd; C:WindowsSystem32DRIVERSssudserd.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
U5 UnlockerDriver5; C:Program Files (x86)UnlockerUnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
U4 Sophos Endpoint Defense Service; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-07-23 13:36 – 2021-07-23 13:37 – 000037404 _____ C:UsersRogerDownloadsFRST.txt
2021-07-23 13:29 – 2021-07-23 13:29 – 002300416 _____ (Farbar) C:UsersRogerDownloadsFRST64(3).exe
2021-07-23 13:29 – 2021-07-23 13:29 – 002300416 _____ (Farbar) C:UsersRogerDesktopFRST64.exe
2021-07-23 13:24 – 2021-07-23 13:24 – 002300416 _____ (Farbar) C:UsersRogerDownloadsFRST64(2).exe
2021-07-23 13:18 – 2021-07-23 13:18 – 002300416 _____ (Farbar) C:UsersRogerDownloadsFRST64(1).exe
2021-07-23 12:19 – 2021-07-23 12:19 – 000076744 _____ (EnigmaSoft Limited) C:Windowssystem32DriversEnigmaFileMonDriver.sys
2021-07-23 12:19 – 2021-07-23 12:19 – 000001034 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsSpyHunter5.lnk
2021-07-23 12:19 – 2021-07-23 12:19 – 000001010 _____ C:UsersPublicDesktopSpyHunter5.lnk
2021-07-23 12:19 – 2021-07-23 12:19 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsEnigmaSoft
2021-07-23 12:19 – 2021-07-23 12:19 – 000000000 ____D C:ProgramDataEnigmaSoft Limited
2021-07-23 12:18 – 2021-07-23 12:18 – 000000000 ____D C:sh5ldr
2021-07-23 12:18 – 2021-07-23 12:18 – 000000000 ____D C:Program FilesEnigmaSoft
2021-07-23 12:00 – 2021-07-23 12:00 – 000000000 ____D C:UsersRogerAppDataRoamingVisual Studio Code
2021-07-23 11:48 – 2021-07-23 11:48 – 006611408 _____ (EnigmaSoft Limited) C:UsersRogerDesktopSpyHunter-Installer.exe
2021-07-23 07:43 – 2021-07-23 07:43 – 000000796 _____ C:UsersPublicDesktopSpeccy.lnk
2021-07-23 07:43 – 2021-07-23 07:43 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSpeccy
2021-07-23 07:43 – 2021-07-23 07:43 – 000000000 ____D C:Program FilesSpeccy
2021-07-22 20:41 – 2021-07-23 10:32 – 000000000 ____D C:Windowssystem32TasksAVAST Software
2021-07-22 17:34 – 2021-07-22 17:34 – 000000137 _____ C:UsersRogerDesktopping_and_trace.bat
2021-07-22 13:49 – 2021-07-23 12:51 – 000000000 ____D C:UsersRogerAppDataLocalLowMozilla
2021-07-22 06:51 – 2021-07-22 06:51 – 000003706 _____ C:Windowssystem32TasksAVG Secure Browser Heartbeat Task (Hourly)
2021-07-22 06:51 – 2021-07-22 06:51 – 000003124 _____ C:Windowssystem32TasksAVG Secure Browser Heartbeat Task (Logon)
2021-07-22 06:51 – 2021-07-22 06:51 – 000002382 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAVG Secure Browser.lnk
2021-07-22 06:50 – 2021-07-22 06:50 – 000003334 _____ C:Windowssystem32TasksAVGUpdateTaskMachineUA
2021-07-22 06:50 – 2021-07-22 06:50 – 000003206 _____ C:Windowssystem32TasksAVGUpdateTaskMachineCore
2021-07-22 06:50 – 2021-07-22 06:50 – 000000000 ____D C:Program Files (x86)AVG
2021-07-22 06:47 – 2021-07-22 06:47 – 000001990 _____ C:UsersPublicDesktopAVG AntiVirus FREE.lnk
2021-07-22 06:47 – 2021-07-22 06:47 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsAVG
2021-07-22 06:45 – 2021-07-22 06:45 – 000000000 ____D C:Windowssystem32TasksAVG
2021-07-22 06:44 – 2021-07-23 12:16 – 000004162 _____ C:Windowssystem32TasksAntivirus Emergency Update
2021-07-22 06:44 – 2021-07-22 06:44 – 000524568 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgNetHub.sys
2021-07-22 06:44 – 2021-07-22 06:44 – 000472064 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgSP.sys
2021-07-22 06:44 – 2021-07-22 06:44 – 000340280 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32avgBoot.exe
2021-07-22 06:44 – 2021-07-22 06:44 – 000327696 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgVmm.sys
2021-07-22 06:44 – 2021-07-22 06:44 – 000250464 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32Driversavgbidsh.sys
2021-07-22 06:44 – 2021-07-22 06:44 – 000215536 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgStm.sys
2021-07-22 06:44 – 2021-07-22 06:44 – 000182736 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgMonFlt.sys
2021-07-22 06:44 – 2021-07-22 06:44 – 000108000 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgRdr2.sys
2021-07-22 06:44 – 2021-07-22 06:44 – 000099440 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32Driversavgbuniv.sys
2021-07-22 06:44 – 2021-07-22 06:44 – 000083056 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgRvrt.sys
2021-07-22 06:44 – 2021-07-22 06:44 – 000041488 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgKbd.sys
2021-07-22 06:44 – 2021-07-22 06:44 – 000029944 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgNetNd6.sys
2021-07-22 06:44 – 2021-07-22 06:44 – 000000000 ____D C:Program FilesCommon FilesAVG
2021-07-22 06:44 – 2021-07-22 06:43 – 000851344 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgSnx.sys
2021-07-22 06:44 – 2021-07-22 06:43 – 000366704 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32Driversavgbidsdriver.sys
2021-07-22 06:44 – 2021-07-22 06:43 – 000217056 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgArPot.sys
2021-07-22 06:44 – 2021-07-22 06:43 – 000035872 _____ (AVG Technologies CZ, s.r.o.) C:Windowssystem32DriversavgArDisk.sys
2021-07-22 06:43 – 2021-07-22 06:43 – 000000000 ____D C:Program FilesAVG
2021-07-22 06:06 – 2021-07-22 06:19 – 000000000 ____D C:UsersRogerAppDataLocalFSDART
2021-07-22 06:06 – 2021-07-22 06:11 – 000000000 ____D C:ProgramDataF-Secure
2021-07-22 06:06 – 2021-07-22 06:06 – 000000000 ____D C:UsersRogerAppDataLocalF-Secure
2021-07-21 20:07 – 2021-07-22 11:09 – 000028672 ____H C:AomeiBootBackup
2021-07-21 20:07 – 2021-07-21 20:07 – 000000209 ____H C:amcf.lst
2021-07-21 20:07 – 2021-07-21 20:07 – 000000000 ___HD C:Aomei
2021-07-21 20:07 – 2017-03-27 09:23 – 000221423 ____H C:amldr
2021-07-21 20:07 – 2017-03-27 09:23 – 000009216 ____H C:amldr.mbr
2021-07-21 20:06 – 2021-07-21 20:07 – 000000344 _____ C:am_pe_log.txt
2021-07-21 16:57 – 2021-07-21 19:46 – 000001196 _____ C:UsersRogerDesktopESET Online Scanner.lnk
2021-07-20 13:16 – 2021-07-20 13:29 – 000000000 ____D C:UsersRogerAppDataRoaminggoogle-messages-nativefier-11f104
2021-07-19 20:49 – 2021-07-21 21:02 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsEagle Dynamics
2021-07-19 20:04 – 2021-07-19 20:04 – 000000000 __SHD C:found.000
2021-07-19 19:30 – 2021-07-19 20:11 – 000248992 _____ (Malwarebytes) C:Windowssystem32Driversmbamswissarmy.sys
2021-07-19 16:12 – 2021-07-19 16:12 – 000000000 ____D C:Windowssystem32TasksMozilla
2021-07-19 13:51 – 2021-07-19 13:51 – 000002246 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk
2021-07-19 13:51 – 2021-07-19 13:51 – 000000000 ____D C:Program FilesGoogle
2021-07-19 13:46 – 2021-07-19 13:46 – 001323176 _____ (Google LLC) C:UsersRogerDownloadsChromeSetup.exe
2021-07-19 13:38 – 2021-07-19 13:38 – 022507504 _____ (IObit ) C:UsersRogerDownloadsiobituninstaller.exe
2021-07-19 13:35 – 2021-07-19 13:35 – 015718592 _____ (IObit ) C:UsersRogerDownloadsiobit-software-updater-setup.exe
2021-07-19 12:56 – 2021-07-19 12:58 – 000000000 ____D C:KRD2018_Data
2021-07-17 13:25 – 2021-07-06 18:44 – 000000000 ____D C:UsersRogerDownloadsbypass-paywalls-chrome-master
2021-07-15 16:46 – 2021-07-15 16:46 – 000000069 _____ C:UsersRogerDesktopUnleash Your Super Brain To Learn Faster – Jim Kwik – YouTube.url
2021-07-12 16:55 – 2021-07-12 16:55 – 000000930 _____ C:UsersPublicDesktopcalibre 64bit – E-book management.lnk
2021-07-12 16:54 – 2021-07-12 16:55 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramscalibre 64bit – E-book Management
2021-07-11 11:31 – 2021-07-11 11:31 – 000000020 _____ C:UsersRoger.lesshst
2021-07-04 15:21 – 2021-07-04 15:21 – 000000000 ____D C:.Trash-1000
2021-07-04 13:03 – 2021-07-04 13:03 – 000132432 _____ C:UsersRogerAppDataLocalGDIPFONTCACHEV1.DAT
2021-07-03 12:12 – 2021-07-23 10:32 – 000003756 _____ C:Windowssystem32TasksEOSv3 Scheduler onLogOn
2021-07-03 12:12 – 2021-07-23 10:32 – 000003316 _____ C:Windowssystem32TasksEOSv3 Scheduler onTime
2021-07-03 07:25 – 2021-07-03 07:25 – 000000000 ____D C:UsersRogerAppDataLocalESET
2021-06-28 15:33 – 2021-06-28 15:33 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsqBittorrent
2021-06-28 15:33 – 2021-06-28 15:33 – 000000000 ____D C:Program FilesqBittorrent
2021-06-26 18:08 – 2021-07-23 12:59 – 000000000 ____D C:Program FilesMozilla Firefox
2021-06-23 03:12 – 2021-06-03 20:56 – 000043408 _____ (NVIDIA Corporation) C:Windowssystem32DriversNvModuleTracker.sys
2021-06-23 03:12 – 2021-06-02 21:03 – 000067464 _____ (NVIDIA Corporation) C:Windowssystem32Driversnvvhci.sys
2021-06-23 03:12 – 2021-06-02 20:17 – 000069856 _____ (NVIDIA Corporation) C:Windowssystem32Driversnvvad64v.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-07-23 13:36 – 2018-11-14 17:29 – 000000000 ____D C:FRST
2021-07-23 13:36 – 2009-07-14 11:45 – 000034784 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-07-23 13:36 – 2009-07-14 11:45 – 000034784 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-07-23 13:31 – 2019-09-20 06:53 – 000000000 ____D C:UsersRogerAppDataRoamingqBittorrent
2021-07-23 12:52 – 2019-06-20 14:14 – 000000000 ____D C:ProgramDataMozilla
2021-07-23 12:25 – 2019-06-18 19:28 – 000000000 ____D C:ProgramDataNVIDIA
2021-07-23 12:17 – 2019-01-18 06:45 – 000000000 ____D C:Program FilesCCleaner
2021-07-23 12:14 – 2018-04-23 06:45 – 000000000 ____D C:UsersRogerAppDataLocalCrashDumps
2021-07-23 12:14 – 2014-06-26 15:00 – 000000000 ____D C:ProgramDataAVG
2021-07-23 12:13 – 2009-07-14 12:08 – 000000006 ____H C:WindowsTasksSA.DAT
2021-07-23 12:00 – 2019-01-19 21:31 – 000000000 ____D C:UsersRogerAppDataRoamingCode
2021-07-23 10:32 – 2020-06-30 11:41 – 000003380 _____ C:Windowssystem32TasksMicrosoftEdgeUpdateTaskMachineUA
2021-07-23 10:32 – 2020-06-30 11:41 – 000003252 _____ C:Windowssystem32TasksMicrosoftEdgeUpdateTaskMachineCore
2021-07-23 10:32 – 2019-08-27 12:03 – 000003790 _____ C:Windowssystem32TasksNVIDIA GeForce Experience SelfUpdate_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8
2021-07-23 10:32 – 2019-08-27 12:02 – 000004146 _____ C:Windowssystem32TasksNvDriverUpdateCheckDaily_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8
2021-07-23 10:32 – 2019-08-27 12:02 – 000003940 _____ C:Windowssystem32TasksNvBatteryBoostCheckOnLogon_B2FE1952-0186-46C3-BAEC-A80AA35AC5B8
2021-07-23 10:32 – 2019-03-16 11:25 – 000003116 _____ C:Windowssystem32TasksModifyLinkUpdate
2021-07-23 10:32 – 2019-03-16 11:25 – 000003096 _____ C:Windowssystem32TasksAMDLinkUpdate
2021-07-23 10:32 – 2019-01-18 06:45 – 000004128 _____ C:Windowssystem32TasksCCleaner Update
2021-07-23 08:45 – 2021-03-24 20:31 – 000000000 ____D C:WindowsMinidump
2021-07-23 08:41 – 2019-01-18 06:45 – 000002802 _____ C:Windowssystem32TasksCCleanerSkipUAC
2021-07-22 18:15 – 2018-04-22 22:19 – 000000000 ____D C:Windowspss
2021-07-22 13:49 – 2018-04-22 18:55 – 000000000 ____D C:UsersRogerAppDataRoamingMozilla
2021-07-22 12:50 – 2020-08-14 11:47 – 000001264 _____ C:UsersRoger.bash_history
2021-07-22 09:12 – 2018-04-22 18:55 – 000000000 ____D C:UsersRogerAppDataLocalMozilla
2021-07-22 07:25 – 2009-07-14 10:20 – 000000000 ____D C:Windowssystem32NDF
2021-07-22 06:51 – 2018-04-22 18:55 – 000000000 ____D C:UsersRogerAppDataLocalAVG
2021-07-22 06:47 – 2018-04-22 18:55 – 000000000 ____D C:UsersRogerAppDataRoamingAVG
2021-07-22 06:45 – 2009-07-14 10:20 – 000000000 ____D C:Windowsinf
2021-07-22 06:34 – 2018-04-23 08:50 – 000000000 ____D C:Program Files (x86)Sophos
2021-07-21 20:41 – 2021-05-11 12:09 – 000000000 ____D C:UsersRogerAppDataRoamingWise Uninstaller
2021-07-21 20:07 – 2019-06-21 17:42 – 000000000 ____D C:Program Files (x86)AOMEI Backupper
2021-07-21 20:05 – 2021-01-14 06:10 – 000001024 ____H C:SYSTAG.BIN
2021-07-21 20:05 – 2019-06-21 17:45 – 000000208 _____ C:WindowsSysWOW64AbBakConfig.dat
2021-07-21 20:05 – 2019-06-21 17:45 – 000000150 _____ C:WindowsSysWOW64winsevr.dat
2021-07-21 20:04 – 2019-06-21 17:43 – 000000000 ____D C:ProgramDataAomeiBR
2021-07-21 19:17 – 2009-07-14 12:13 – 000006190 _____ C:Windowssystem32PerfStringBackup.INI
2021-07-21 15:56 – 2019-01-16 09:46 – 000000000 ____D C:UsersRogerAppDataLocalElevatedDiagnostics
2021-07-21 13:41 – 2020-02-14 10:13 – 000000000 ____D C:UsersRogerAppDataRoamingvlc
2021-07-20 15:51 – 2018-05-08 11:14 – 000001188 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramspaint.net.lnk
2021-07-20 15:51 – 2018-05-08 11:14 – 000001176 _____ C:UsersPublicDesktoppaint.net.lnk
2021-07-20 15:51 – 2018-05-08 11:13 – 000000000 ____D C:Program Filespaint.net
2021-07-19 20:24 – 2018-12-29 12:01 – 000000000 ____D C:UsersRogerAppDataRoamingIObit
2021-07-19 20:15 – 2019-10-04 00:35 – 000000000 ___HD C:UsersPublicDocumentsAdobeGCData
2021-07-19 20:07 – 2018-11-16 21:52 – 000000000 ____D C:Program Files (x86)Mozilla Maintenance Service
2021-07-19 19:30 – 2020-10-14 00:32 – 000001960 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes.lnk
2021-07-19 19:30 – 2019-08-20 09:17 – 000001948 _____ C:UsersPublicDesktopMalwarebytes.lnk
2021-07-19 19:29 – 2019-08-20 09:17 – 000199128 _____ (Malwarebytes) C:Windowssystem32Driversmbae64.sys
2021-07-19 16:10 – 2018-07-13 15:24 – 000000836 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsNotepad++.lnk
2021-07-19 16:10 – 2018-04-24 12:21 – 000000000 ____D C:Program FilesNotepad++
2021-07-19 15:50 – 2020-02-14 10:13 – 000000871 _____ C:UsersPublicDesktopVLC media player.lnk
2021-07-19 14:07 – 2018-04-23 08:50 – 000000000 ____D C:ProgramDataSophos
2021-07-19 13:54 – 2019-03-07 19:15 – 000000000 ____D C:WindowsSysWOW64SophosAV
2021-07-19 13:54 – 2019-03-07 19:15 – 000000000 ____D C:Windowssystem32SophosAV
2021-07-19 13:52 – 2018-04-22 18:55 – 000000000 ____D C:UsersRogerAppDataLocalGoogle
2021-07-19 13:52 – 2014-06-25 15:51 – 000000000 ____D C:Program Files (x86)Google
2021-07-19 13:45 – 2015-10-31 00:29 – 000000000 ____D C:ProgramDataProductData
2021-07-19 13:44 – 2018-12-16 16:08 – 000000000 __SHD C:$360Section
2021-07-19 13:43 – 2018-12-24 10:44 – 000000000 ____D C:UsersRogerAppDataRoaming360DesktopLite
2021-07-19 13:42 – 2015-10-31 00:29 – 000000000 ____D C:ProgramDataIObit
2021-07-18 05:57 – 2018-08-01 06:28 – 000000000 ____D C:WindowsMicrosoft Antimalware
2021-07-17 19:20 – 2021-05-21 11:56 – 000000398 __RSH C:ProgramDatantuser.pol
2021-07-17 15:34 – 2015-10-31 00:28 – 000003428 _____ C:Windowssystem32Tasksgoogleupdatetaskmachineua
2021-07-17 15:34 – 2015-10-31 00:28 – 000003300 _____ C:Windowssystem32Tasksgoogleupdatetaskmachinecore
2021-07-17 13:42 – 2018-11-11 07:13 – 000002059 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsAcrobat Reader DC.lnk
2021-07-17 13:41 – 2018-11-11 07:13 – 000004478 _____ C:Windowssystem32Tasksadobe acrobat update task
2021-07-14 20:50 – 2018-11-17 11:23 – 000000000 ____D C:Windowssystem32MRT
2021-07-14 20:43 – 2019-06-20 09:50 – 133422552 ____C (Microsoft Corporation) C:Windowssystem32MRT.exe
2021-07-14 17:22 – 2021-05-02 20:48 – 000000000 ____D C:UsersRogerAppDataRoamingXnViewMP
2021-07-14 17:10 – 2021-05-02 16:03 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsXnViewMP
2021-07-14 17:10 – 2021-05-02 16:03 – 000000000 ____D C:Program FilesXnViewMP
2021-07-14 06:11 – 2021-05-26 18:28 – 000000000 ____D C:UsersRogerDocumentsSocial Security Administration
2021-07-12 20:51 – 2021-05-24 20:23 – 000000000 ____D C:UsersRogerDocumentsCalibre Library
2021-07-12 18:51 – 2018-04-22 20:13 – 000000000 _____ C:UsersRogerAppDataRoamingFileOut.cns
2021-07-12 18:51 – 2018-04-22 20:13 – 000000000 _____ C:UsersRogerAppDataRoamingFileIn.cns
2021-07-12 16:55 – 2020-07-29 05:41 – 000000000 ____D C:Program FilesCalibre2
2021-07-11 11:31 – 2019-06-18 19:30 – 000000000 ____D C:UsersRoger
2021-07-11 09:43 – 2018-05-05 17:58 – 000000000 ____D C:ProgramDataCanonIJPLM
2021-07-07 09:24 – 2018-04-24 12:21 – 000000000 ____D C:UsersRogerAppDataRoamingNotepad++
2021-07-06 04:49 – 2018-04-23 08:52 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSophos
2021-07-05 16:15 – 2018-11-16 19:53 – 000002080 _____ C:UsersRogerAppDataRoamingMicrosoftWindowsStart MenuProgramsf.lux.lnk
2021-07-05 06:54 – 2018-04-22 18:55 – 000000000 ____D C:UsersRogerAppDataLocalIE Tab
2021-07-04 11:55 – 2018-04-23 18:13 – 000000000 ____D C:UsersRogerAppDataRoamingXnView
2021-07-04 11:55 – 2018-04-23 09:57 – 000000000 ____D C:UsersRogerAppDataRoamingMediaMonkey
2021-07-04 10:02 – 2018-04-23 06:47 – 000000000 ____D C:UsersRogerDesktope-books
2021-07-04 09:59 – 2018-05-06 09:21 – 000000000 ____D C:Temp
2021-07-04 07:18 – 2020-05-01 16:37 – 000000000 ____D C:UsersRogerAppDataRoamingAnki2
2021-07-03 16:01 – 2018-04-23 18:13 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsXnView
2021-07-03 16:01 – 2018-04-23 18:13 – 000000000 ____D C:Program Files (x86)XnView
2021-07-03 13:39 – 2018-06-29 16:42 – 000000000 ____D C:UsersRogerAppDataRoamingHandBrake
2021-07-01 10:13 – 2018-04-22 19:11 – 000000000 ____D C:UsersRogerDocumentsTricare Claims
2021-06-23 03:29 – 2018-04-22 12:05 – 000000000 ____D C:ProgramDataNVIDIA Corporation
2021-06-23 03:26 – 2019-08-27 12:03 – 000001374 _____ C:UsersPublicDesktopGeForce Experience.lnk
2021-06-23 03:16 – 2019-08-27 12:03 – 000003800 _____ C:Windowssystem32Tasksnvnodelauncher_b2fe1952-0186-46c3-baec-a80aa35ac5b8
2021-06-23 03:14 – 2020-02-28 07:15 – 000003706 _____ C:Windowssystem32Tasksnvtmrep_crashreport4_b2fe1952-0186-46c3-baec-a80aa35ac5b8
2021-06-23 03:14 – 2019-08-27 12:02 – 000003706 _____ C:Windowssystem32Tasksnvtmrep_crashreport3_b2fe1952-0186-46c3-baec-a80aa35ac5b8
2021-06-23 03:14 – 2019-08-27 12:02 – 000003706 _____ C:Windowssystem32Tasksnvtmrep_crashreport2_b2fe1952-0186-46c3-baec-a80aa35ac5b8
2021-06-23 03:14 – 2019-08-27 12:02 – 000003706 _____ C:Windowssystem32Tasksnvtmrep_crashreport1_b2fe1952-0186-46c3-baec-a80aa35ac5b8
2021-06-23 03:13 – 2019-08-27 12:02 – 000003740 _____ C:Windowssystem32Tasksnvprofileupdaterdaily_b2fe1952-0186-46c3-baec-a80aa35ac5b8
2021-06-23 03:13 – 2019-08-27 12:02 – 000003496 _____ C:Windowssystem32Tasksnvprofileupdateronlogon_b2fe1952-0186-46c3-baec-a80aa35ac5b8
2021-06-23 03:13 – 2019-06-18 19:28 – 000000000 ____D C:Program FilesNVIDIA Corporation
2021-06-23 03:13 – 2019-06-18 19:28 – 000000000 ____D C:Program Files (x86)NVIDIA Corporation

==================== Files in the root of some directories ========

2020-04-15 09:03 – 2020-04-15 09:03 – 000000982 _____ () C:UsersRogerAppDataRoaming..emacs.un~
2020-04-14 18:11 – 2020-04-15 09:32 – 000001270 _____ () C:UsersRogerAppDataRoaming.emacs
2020-04-14 18:11 – 2020-04-15 09:29 – 000001270 _____ () C:UsersRogerAppDataRoaming.emacs~
2020-04-15 09:07 – 2020-04-15 08:31 – 000000260 _____ () C:UsersRogerAppDataRoaming.sbclrc
2018-09-08 18:27 – 2020-04-15 05:18 – 000000269 _____ () C:UsersRogerAppDataRoaming.slime-history.eld
2019-04-27 19:46 – 2019-04-27 19:46 – 000000025 _____ () C:UsersRogerAppDataRoamingalsoft.ini
2018-04-22 20:13 – 2021-07-12 18:51 – 000000000 _____ () C:UsersRogerAppDataRoamingFileIn.cns
2018-04-22 20:13 – 2021-07-12 18:51 – 000000000 _____ () C:UsersRogerAppDataRoamingFileOut.cns
2018-04-22 18:55 – 2014-06-27 17:48 – 000000119 _____ () C:UsersRogerAppDataRoamingNetwork Monitor II_Traffic.ini
2021-03-15 12:43 – 2021-03-15 12:51 – 000001130 _____ () C:UsersRogerAppDataRoamingOpen Rails_ns local freightSpeed.csv
2021-03-15 12:43 – 2021-03-15 12:43 – 000000064 _____ () C:UsersRogerAppDataRoamingOpen Rails_ns local freightStops.csv
2020-09-13 07:47 – 2020-09-13 07:48 – 000000218 _____ () C:UsersRogerAppDataRoamingOpen Rails_Protective Service – Yard Duty – San BernadinoSpeed.csv
2020-09-13 07:47 – 2020-09-13 07:47 – 000000064 _____ () C:UsersRogerAppDataRoamingOpen Rails_Protective Service – Yard Duty – San BernadinoStops.csv
2021-05-21 11:39 – 2021-05-21 11:39 – 000036202 _____ () C:UsersRogerAppDataRoamingvivodriver.log
2019-06-19 16:05 – 2021-07-19 20:15 – 000000205 _____ () C:UsersRogerAppDataLocaloobelibMkey.log
2021-06-10 13:57 – 2021-06-10 13:57 – 000009522 _____ () C:UsersRogerAppDataLocalrecently-used.xbel
2019-09-08 13:31 – 2019-09-13 20:01 – 000007635 _____ () C:UsersRogerAppDataLocalResmon.ResmonCfg
2019-10-25 12:34 – 2019-10-25 14:14 – 000000093 _____ () C:UsersRogerAppDataLocalX-Plane 11 Preferences.prf
2019-10-25 14:02 – 2019-10-25 14:02 – 000000037 _____ () C:UsersRogerAppDataLocalX-Plane Installer.prf
2019-10-25 14:03 – 2019-10-25 14:05 – 000000015 _____ () C:UsersRogerAppDataLocalX-Plane_drm_11.prf
2019-10-25 12:35 – 2019-10-25 12:35 – 000000016 _____ () C:UsersRogerAppDataLocalx-plane_install_11.txt

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2021-07-21 15:01
==================== End of FRST.txt ========================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-07-2021 01
Ran by Roger (23-07-2021 13:37:33)
Running from C:UsersRogerDownloads
Windows 7 Ultimate Service Pack 1 (X64) (2019-06-18 13:57:31)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2753872946-3147176540-3625591976-500 – Administrator – Disabled) => C:UsersAdministrator
Guest (S-1-5-21-2753872946-3147176540-3625591976-501 – Limited – Disabled)
HomeGroupUser$ (S-1-5-21-2753872946-3147176540-3625591976-1010 – Limited – Enabled)
Roger (S-1-5-21-2753872946-3147176540-3625591976-1000 – Administrator – Enabled) => C:UsersRoger
SophosSAUMR-6S29Uaaa (S-1-5-21-2753872946-3147176540-3625591976-1001 – Limited – Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Antivirus (Enabled – Up to date) 18A975F9-A60C-37D8-E30B-4BEF31AD3411
AS: AVG Antivirus (Enabled – Up to date) A3C8941D-8036-3856-D9BB-709D4A2A7EAC
AS: Windows Defender (Disabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3D Pinball (HKLM-x32…C342E30B-52F9-4657-96B6-32E399B9DEB2) (Version: 5.1.2600.5512 – Microsoft Coprporation)
4K Video Downloader (HKLM…50F633D3-DE52-4709-AD1B-A09B5B0D86C1) (Version: 4.16.4.4300 – Open Media LLC) Hidden
4K Video Downloader (HKLM-x32…33a1766b-73d6-42ce-b3ff-317e5db3e9a7) (Version: 4.14.1.4020 – Open Media LLC)
7-Zip 19.00 (HKLM-x32…7-Zip) (Version: 19.00 – Igor Pavlov)
AceIt v1.3.1 (HKLM-x32…AceIt_is1) (Version:  – Scott M. Miller)
Adobe Acrobat Reader DC (HKLM-x32…AC76BA86-7AD7-1033-7B44-AC0F074E4100) (Version: 21.005.20058 – Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32…2D99B50E-431D-4AA8-85C1-172A6F8BCF09) (Version: 14.0 – Adobe Systems Incorporated)
aerosoft’s – Cambrian Route 1.0 (HKLM-x32…6EBEFBFC-05C6-4472-8E97-7DD2ABF9341E) (Version:  – )
AMD Install Manager (HKLM…AMD Catalyst Install Manager) (Version: 5.00 – Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM…E9EED4AE-682B-4501-9574-D09A21717599_is1) (Version: 4.0.0.0 – AppEx Networks)
Anki (HKLM-x32…Anki) (Version: 2.1.43 – )
AOMEI Backupper Standard (HKLM-x32…A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D_is1) (Version:  – AOMEI Technology Co., Ltd.)
Audacity 2.3.2 (HKLM-x32…Audacity_is1) (Version: 2.3.2 – Audacity Team)
AVG AntiVirus FREE (HKLM-x32…AVG Antivirus) (Version: 21.5.3185 – AVG Technologies)
AVG Secure Browser (HKLM-x32…AVG Secure Browser) (Version: 91.1.10935.166 – AVG Technologies)
Battle for Wesnoth 1.14.2 (HKLM-x32…Battle for Wesnoth 1.14.2) (Version: 1.14.2 – )
Blender (HKLM…71FBA2D9-83C5-4817-88ED-FB6F28342FF3) (Version: 2.83.4 – Blender Foundation)
BLLW FP7 pack (HKLM-x32…BLLW FP7 pack) (Version:  – )
BlueGriffon version 3.1 (HKLM…A9015334-10BE-4D64-A776-203336EFE806_is1) (Version: 3.1 – Disruptive Innovations SAS)
BP Summer3 Environment for KOSMOS (HKLM-x32…471BE53D-1CEE-4826-88BF-EB1AF8D45F9B) (Version: 3.0 – BP)
Branding64 (HKLM…EE2AFCE4-0238-4DE0-A140-1647021627C1) (Version: 1.00.0001 – Advanced Micro Devices, Inc.) Hidden
calibre 64bit (HKLM…40539A18-5471-4A0D-91BB-D0E5274B9D41) (Version: 3.48.0 – Kovid Goyal)
Canon driver for DR-M200 Series (x64) (HKLM…BD2C4201-393C-42EA-BCC4-099DFFC2A218) (Version: 1.1.6919 – Canon Electronics Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32…Easy-PhotoPrint EX) (Version:  – )
Canon Easy-WebPrint EX (HKLM-x32…Easy-WebPrint EX) (Version: 1.7.0.0 – Canon Inc.)
Canon G2000 series MP Drivers (HKLM…1199FAD5-9546-44f3-81CF-FFDB8040B7BF_Canon_G2000_series) (Version: 1.02 – Canon Inc.)
Canon G2010 series MP Drivers (HKLM…1199FAD5-9546-44f3-81CF-FFDB8040B7BF_Canon_G2010_series) (Version: 1.01 – Canon Inc.)
Canon G2010 series On-screen Manual (HKLM-x32…Canon G2010 series On-screen Manual) (Version: 1.0.0 – Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32…Canon IJ Printer Assistant Tool) (Version: 1.05.1.51 – Canon Inc.)
Canon IJ Scan Utility (HKLM-x32…Canon_IJ_Scan_Utility) (Version: 1.4.0.16 – Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32…CANONIJPLM100) (Version: 6.3.0 – Canon Inc.)
Canon MP Navigator EX 4.0 (HKLM-x32…MP Navigator EX 4.0) (Version:  – )
Canon My Image Garden (HKLM-x32…Canon My Image Garden) (Version: 3.6.4 – Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32…Canon My Image Garden Design Files) (Version: 3.6.0 – Canon Inc.)
Canon My Printer (HKLM-x32…CanonMyPrinter) (Version:  – )
Canon Quick Menu (HKLM-x32…CanonQuickMenu) (Version: 2.8.5 – Canon Inc.)
CCleaner (HKLM…CCleaner) (Version: 5.83 – Piriform)
Class_50_Content_Update (HKLM-x32…53A7E07-3D44-4CDB-B79C-EE8755BFD7D6) (Version: 1.00.0000 – Microsoft)
CN Blackfoot Vegreville Subs v2 Route (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…CN Blackfoot Vegreville Subs v2 Route) (Version:  – )
CN Blackfoot Vegreville v2 Equipment Pack (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…CN Blackfoot Vegreville v2 Equipment Pack) (Version:  – )
Columbus Locomotive Works Alco PA Locomotive Set (HKLM-x32…Columbus Locomotive Works Alco PA Locomotive Set) (Version:  – )
Columbus Locomotive Works Alco PB Add-on Locomotives (HKLM-x32…Columbus Locomotive Works Alco PB Add-on Locomotives) (Version:  – )
Crusader Kings II Holy Fury (HKLM-x32…Crusader Kings II Holy Fury_is1) (Version:  – )
Data Lifeguard Diagnostic version 1.36 (HKLM-x32…519C4DB6-B53B-4F5C-8297-89B2BE949FA5_is1) (Version:  – Western Digital Corporation)
Dekosoft Trains Common Files v.1.8 (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…Dekosoft Trains Common Files v.1.8) (Version:  – )
Dekosoft Trains Tank Car Set v.1.0 (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…Dekosoft Trains Tank Car Set v.1.0) (Version:  – )
Dekosoft Trains Union Pacific Freight Car Set v.2.5.1 (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…Dekosoft Trains Union Pacific Freight Car Set v.2.5.1) (Version:  – )
Dekosoft Trains Union Pacific Super Set v.2.5.1 (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…Dekosoft Trains Union Pacific Super Set v.2.5.1) (Version:  – )
DVD Flick 1.3.0.7 (HKLM-x32…DVD Flick_is1) (Version: 1.3.0.7 – Dennis Meuwissen)
East Coast Express Part 1 (HKLM-x32…East Coast Express Part 1) (Version:  – )
Epic Games Launcher Prerequisites (x64) (HKLM…66C5838F-B854-4A55-89E6-A6138747A4DF) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden
Evernote v. 6.25.1 (HKLM-x32…CA92FF58-B652-11EA-A23A-42010A401FD0) (Version: 6.25.1.9091 – Evernote Corp.)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32…AC76BA86-7AD7-2530-0000-AC13154E5A00) (Version: 19.021.20058 – Adobe Systems Incorporated)
f.lux (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…Flux) (Version:  – f.lux Software LLC)
Freeware EMD F/E Series Cabview (HKLM-x32…Freeware EMD F/E Series Cabview) (Version:  – )
gImageReader (HKLM-x32…gImageReader) (Version: 3.3.1 – Sandro Mani)
GIMP 2.10.0 (HKLM…GIMP-2_is1) (Version: 2.10.0 – The GIMP Team)
GoldWave v6.47 (HKLM…GoldWave v6.47) (Version: 6.47 – GoldWave Inc.)
Google Chrome (HKLM-x32…Google Chrome) (Version: 91.0.4472.164 – Google LLC)
Google Drive (HKLM-x32…459CE109-4E46-4340-92BC-054642BC3BC2) (Version: 1.31.2873.2758 – Google, Inc.)
Google Update Helper (HKLM-x32…A92DAB39-4E2C-4304-9AB6-BC44E68B55E2) (Version: 1.3.24.15 – Google Inc.) Hidden
HandBrake 1.2.2 (HKLM-x32…HandBrake) (Version: 1.2.2 – )
ImageMagick 7.0.7-28 Q16 (64-bit) (2018-03-25) (HKLM…ImageMagick 7.0.7 Q16 (64-bit)_is1) (Version: 7.0.7 – ImageMagick Studio LLC)
ImgBurn (HKLM-x32…ImgBurn) (Version: 2.5.8.0 – LIGHTNING UK!)
Java 8 Update 231 (64-bit) (HKLM…26A24AE4-039D-4CA4-87B4-2F64180231F0) (Version: 8.0.2310.11 – Oracle Corporation)
Java SE Development Kit 8 Update 171 (64-bit) (HKLM…64A3A4F4-B792-11D6-A78A-00B0D0180171) (Version: 8.0.1710.11 – Oracle Corporation)
K-Lite Codec Pack 15.3.5 Standard (HKLM-x32…KLiteCodecPack_is1) (Version: 15.3.5 – KLCP)
Kosmos 1.0 (HKLM-x32…Kosmos 1.0) (Version:  – )
Launcher Prerequisites (x64) (HKLM-x32…c6c5a357-c7ca-4a5f-9789-3bb1af579253) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden
LayoutEditor (HKLM…459A2BA8-D3EE-4A06-848E-486855B853E8) (Version: 20.2.2 – juspertor)
Leela – the Go Program (HKLM-x32…Leela) (Version: 0.11.0 – Sjeng.Org)
LibreOffice 7.0 Help Pack (English (United States)) (HKLM…24C4DE03-4A0C-4E0F-AF41-D8FFAB656183) (Version: 7.0.6.2 – The Document Foundation)
LibreOffice 7.0.6.2 (HKLM…9F9A9C01-5A65-4C2E-A243-FC88C81BC35F) (Version: 7.0.6.2 – The Document Foundation)
LINE (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…LINE) (Version: 6.7.4.2508 – LINE Corporation)
Malwarebytes version 4.4.3.125 (HKLM…35065F43-4BB2-439A-BFF7-0F1014F2E0CD_is1) (Version: 4.4.3.125 – Malwarebytes)
MediaMonkey 4.1 (HKLM-x32…MediaMonkey_is1) (Version: 4.1 – Ventis Media Inc.)
Medieval – Total War – Gold Edition (HKLM-x32…A10F7877-4276-416C-9F22-CB56C0CB2700) (Version: 2.0 – The Creative Assembly)
Microsoft .NET Framework 4.8 (HKLM…92FB6C44-E685-45AD-9B20-CADF4CABA132 – 1033) (Version: 4.8.03761 – Microsoft Corporation)
Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 83.0.478.50 – Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32…90120000-00D1-0409-0000-0000000FF1CE) (Version: 12.0.4518.1031 – Microsoft Corporation)
Microsoft Silverlight (HKLM-x32…89F4137D-6C26-4A84-BDB8-2E5A4BB71E00) (Version: 5.1.30214.0 – Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32…710f4c1c-cc18-4c49-8cbf-51240c89a1a2) (Version: 8.0.61001 – Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32…7299052b-02a4-4627-81f2-1818da5d550d) (Version: 8.0.56336 – Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32…837b34e3-7c30-493c-8f6a-2b0f04e2912c) (Version: 8.0.59193 – Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…71c9b48-7c32-4621-a0ac-3f809523288f) (Version: 8.0.56336 – Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc) (Version: 8.0.59192 – Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…ad8a2fa1-06e7-4b0d-927d-6e54b3d31028) (Version: 8.0.61000 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x64 9.0.21022 (HKLM…350AA351-21FA-3270-8B7A-835434E766AD) (Version: 9.0.21022 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4) (Version: 9.0.30729.6161 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x86 9.0.21022 (HKLM-x32…FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4) (Version: 9.0.21022 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.17 (HKLM-x32…9A25302D-30C0-39D9-BD6F-21E6EC160475) (Version: 9.0.30729 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.4148 (HKLM-x32…1F1C2DFC-2D24-3E06-BCB8-725134ADF989) (Version: 9.0.30729.4148 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…9BE518E6-ECC6-35A9-88E4-87755C07200F) (Version: 9.0.30729.6161 – Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…1D8E6291-B0D5-35EC-8441-6616F567A0F7) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…F0C3E5D1-1ADE-321E-8167-68EF0DE699A5) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…ca67548a-5ebe-413a-b50c-4b9ceb6d66c6) (Version: 11.0.61030.0 – Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…33d1fd90-4274-48a1-9bc1-97e33d9c2d6f) (Version: 11.0.61030.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…50d4fc8-5d48-4b8f-8972-47c82c46020f) (Version: 12.0.30501.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…f65db027-aff3-4070-886a-0d87064aabb1) (Version: 12.0.30501.0 – Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.26.28808 (HKLM-x32…78079cc3-1f6e-47f6-b4d6-105f08b89409) (Version: 14.26.28808.1 – Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.25.28508 (HKLM-x32…65e650ff-30be-469d-b63a-418d71ea1765) (Version: 14.25.28508.3 – Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…771FD6B0-FA20-440A-A002-3B3BAC16DC50_is1) (Version: 1.30.2 – Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32…19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20) (Version: 3.1.10527.0 – Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM…Mozilla Firefox 90.0 (x64 en-US)) (Version: 90.0 – Mozilla)
Mozilla Maintenance Service (HKLM…MozillaMaintenanceService) (Version: 60.8.0 – Mozilla)
mp3splt-gtk (HKLM-x32…mp3splt-gtk) (Version:  – )
MSTS APK Extractor v3 (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…MSTS APK Extractor v3) (Version:  – )
MSTS Patch 1.8.0521 EN (HKLM-x32…587A2120-41D3-11DB-3D6C-00E19E4D4AE1) (Version: 1.8.052113 – George)
MSTS_ActMan (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…MSTS_ActMan) (Version:  – )
MSXML 4.0 SP3 Parser (HKLM-x32…196467F1-C11F-4F76-858B-5812ADC83B94) (Version: 4.30.2100.0 – Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32…1D95BA90-F4F8-47EC-A882-441C99D30C1E) (Version: 4.30.2117.0 – Microsoft Corporation)
NEC Equipment Mega Pack # 1 (HKLM-x32…NEC Equipment Mega Pack # 1) (Version:  – NORTH AMERICAN LOCOMOTIVE WORKS)
Nero 7 Ultra Edition (HKLM-x32…293C9DF5-7669-4826-BBB2-E1F182D71033) (Version: 7.02.8631 – Nero AG)
NetBeans IDE 8.2 (HKLM…nbi-nb-base-8.2.0.0.201609300101) (Version: 8.2 – NetBeans.org)
Notepad++ (64-bit x64) (HKLM…Notepad++) (Version: 8.1.2 – Notepad++ Team)
NVIDIA GeForce Experience 3.23.0.74 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.GFExperience) (Version: 3.23.0.74 – NVIDIA Corporation)
NVIDIA Graphics Driver 466.63 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.Driver) (Version: 466.63 – NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.60 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_HDAudio.Driver) (Version: 1.3.38.60 – NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.PhysX) (Version: 9.19.0218 – NVIDIA Corporation)
OpenAL (HKLM-x32…OpenAL) (Version:  – )
OpenShot Video Editor version 2.5.1 (HKLM…4BB0DCDC-BC24-49EC-8937-72956C33A470_is1) (Version: 2.5.1 – OpenShot Studios, LLC)
OpenSSL 1.1.0L Light (64-bit) (HKLM…OpenSSL Light (64-bit)_is1) (Version:  – OpenSSL Win64 Installer Team)
PageEdit 1.5.0 (HKLM…PageEdit_is1) (Version:  – Sigil-Ebook)
paint.net (HKLM…1A59F8A6-6AB4-4522-9340-F420B9155A31) (Version: 4.2.16 – dotPDN LLC)
PDF Settings CC (HKLM-x32…1FBAE18D-4DE4-47AA-83EC-D1B046F262DC) (Version: 12.0 – Adobe Systems Incorporated) Hidden
PharoLauncher (HKLM-x32…D3DA6941-B593-48BB-AFF1-C4EE4901BEC5) (Version: 1.7.2 – Pharo project)
Prepare Engine Activity (HKLM-x32…Prepare Engine Activity) (Version:  – )
Printer Registration (HKLM-x32…Canon EISRegistration) (Version: 1.7.0 – Canon Inc.)
Python 3.7.1 (Anaconda3 2018.12 64-bit) (HKLM…Python 3.7.1 (Anaconda3 2018.12 64-bit)) (Version: 2018.12 – Anaconda, Inc.)
Python 3.8.2 (32-bit) (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…3182483d-078b-48fa-92c2-798baa1fe27d) (Version: 3.8.2150.0 – Python Software Foundation)
Python 3.8.2 Core Interpreter (32-bit) (HKLM-x32…6BA6203C-85AB-4B9E-8582-CE31B1B5C0ED) (Version: 3.8.2150.0 – Python Software Foundation) Hidden
Python 3.8.2 Development Libraries (32-bit) (HKLM-x32…12B4F371-ACE2-435B-BCF1-623F36C4E176) (Version: 3.8.2150.0 – Python Software Foundation) Hidden
Python 3.8.2 Documentation (32-bit) (HKLM-x32…45CEE0C6-5BB2-4A8B-B83C-58559A1CA424) (Version: 3.8.2150.0 – Python Software Foundation) Hidden
Python 3.8.2 Executables (32-bit) (HKLM-x32…FE5BE50D-21D5-44FB-9A97-5010E68608DA) (Version: 3.8.2150.0 – Python Software Foundation) Hidden
Python 3.8.2 pip Bootstrap (32-bit) (HKLM-x32…2E818780-AC79-4BC0-8023-C1CC46EAC9B6) (Version: 3.8.2150.0 – Python Software Foundation) Hidden
Python 3.8.2 Standard Library (32-bit) (HKLM-x32…9CC0C6D-0822-491E-A10E-2A8443DDF170) (Version: 3.8.2150.0 – Python Software Foundation) Hidden
Python 3.8.2 Tcl/Tk Support (32-bit) (HKLM-x32…B1528EAE-7E64-49DB-8CE1-514EB30BB38B) (Version: 3.8.2150.0 – Python Software Foundation) Hidden
Python 3.8.2 Test Suite (32-bit) (HKLM-x32…EE21EEE7-9D5A-4ECE-B60F-4BFA63BDA937) (Version: 3.8.2150.0 – Python Software Foundation) Hidden
Python 3.8.2 Utility Scripts (32-bit) (HKLM-x32…E284B869-7701-4A91-82C2-D3E66974A0F9) (Version: 3.8.2150.0 – Python Software Foundation) Hidden
Python 3.8.6 (64-bit) (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…fef707d7-d438-4dd9-bb0f-5788ee658f4f) (Version: 3.8.6150.0 – Python Software Foundation)
Python 3.8.6 Core Interpreter (64-bit) (HKLM…DE282FFC-F4AD-416A-8479-F3C72F94C967) (Version: 3.8.6150.0 – Python Software Foundation) Hidden
Python 3.8.6 Development Libraries (64-bit) (HKLM…59704C10-77A1-4D72-A97B-8FB2A933985B) (Version: 3.8.6150.0 – Python Software Foundation) Hidden
Python 3.8.6 Documentation (64-bit) (HKLM…558E2EFE-87D5-4E3F-B050-D4DEC548EA02) (Version: 3.8.6150.0 – Python Software Foundation) Hidden
Python 3.8.6 Executables (64-bit) (HKLM…7F55BD37-4437-47EE-8C82-3103E19DB114) (Version: 3.8.6150.0 – Python Software Foundation) Hidden
Python 3.8.6 pip Bootstrap (64-bit) (HKLM…28B1EC39-1C9F-482C-BFF7-4D347CE5ADED) (Version: 3.8.6150.0 – Python Software Foundation) Hidden
Python 3.8.6 Standard Library (64-bit) (HKLM…4BA74DE-13BE-477C-8FE5-19F247C0D555) (Version: 3.8.6150.0 – Python Software Foundation) Hidden
Python 3.8.6 Tcl/Tk Support (64-bit) (HKLM…79C40B8F-BC99-4FFF-8E1E-F05D246E772C) (Version: 3.8.6150.0 – Python Software Foundation) Hidden
Python 3.8.6 Test Suite (64-bit) (HKLM…3968C4C7-904D-4571-BC22-1CD8B87549D7) (Version: 3.8.6150.0 – Python Software Foundation) Hidden
Python 3.8.6 Utility Scripts (64-bit) (HKLM…A041F8F-4124-46CC-B021-AB8E70A873EC) (Version: 3.8.6150.0 – Python Software Foundation) Hidden
Python Launcher (HKLM-x32…3B82A91D-DB48-4160-94D2-0B8C6D2B1710) (Version: 3.8.7205.0 – Python Software Foundation)
qBittorrent 4.3.6 (HKLM-x32…qBittorrent) (Version: 4.3.6 – The qBittorrent project)
realMyst –  Masterpiece Edition (HKLM-x32…GOGPACKREALMYSTMASTERPIECEEDITION_is1) (Version: 2.0.0.3 – GOG.com)
Realtek High Definition Audio Driver (HKLM-x32…F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC) (Version: 6.0.1.6383 – Realtek Semiconductor Corp.)
Rome – Total War (HKLM-x32…51D386C4-0227-46A9-AC45-61F0A50E7AFF) (Version: 1.5 – The Creative Assembly)
Route_Riter v7.6.xx (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…Route_Riter v7.6.xx) (Version:  – )
Royal Canadian Pacific Luxury Train (HKLM-x32…C120D99B-6628-4974-86A9-94FB4724A2F1) (Version: 1.0.0 – Canadian Pacific Railway)
Samsung USB Driver for Mobile Phones (HKLM…D0795B21-0CDA-4a92-AB9E-6E92D8111E44) (Version: 1.7.11.0 – Samsung Electronics Co., Ltd.)
ScaleRail (HKLM-x32…ScaleRail1.77) (Version: 1.77 – 3DTrains)
ScaleRoad (HKLM-x32…ScaleRoad1.77) (Version: 1.77 – 3DTrains)
SD40-2_Content_Update (HKLM-x32…BF7C1B99-A250-45EF-B186-0C33B7308F95) (Version: 1.00.0000 – Microsoft)
Shape Viewer (HKLM-x32…88DA244E-4CEA-49E4-AD6A-301B65131E25) (Version: 2.2.0.237 – )
Sigil 1.5.1 (HKLM…Sigil_is1) (Version:  – Sigil-Ebook)
Sophos Diagnostic Utility (HKLM-x32…8078549C-CFF0-48C5-9B77-6BA48A14673D) (Version: 6.5.238.0 – Sophos Limited) Hidden
Sophos Network Threat Protection (HKLM…2D2A1891-4657-4E6F-9373-BFCE4C9AC5BA) (Version: 1.11.194.0 – Sophos Limited) Hidden
SP WEST COLTON (HKLM-x32…SP WEST COLTON1.0) (Version: 1.0 – 3D Train Stuff Llc.)
SP WEST COLTON FREE ACTIVITIES (HKLM-x32…SP WEST COLTON FREE ACTIVITIES1.0) (Version: 1.0 – 3D Train Stuff Llc.)
Speccy (HKLM…Speccy) (Version: 1.32 – Piriform)
SpyHunter 5 (HKLM-x32…SpyHunter5) (Version: 5.10.10.233 – EnigmaSoft Limited)
Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)
Steel Bank Common Lisp 1.1.4.0.mswin.1288-90ab477 (X86-64) (HKLM…BBE9DE63-3453-463A-B83A-3243C38218AA) (Version: 1.1.4.0 – hxxp://www.sbcl.org)
SumatraPDF (HKLM…SumatraPDF) (Version: 3.2 – Krzysztof Kowalczyk)
Super Chief for Train Simulator (HKLM-x32…Super Chief for Train Simulatorv3.04.14.15) (Version: v3.04.14.15 – 3DTrains)
Surfliner Mega Pack V1 (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…Surfliner Mega Pack V1) (Version:  – )
TGATool2A version 4.00.34 (HKLM-x32…TGATool2A_is1) (Version:  – Martin Wright)
The CPR Canadian – 1955 (HKLM-x32…1FE78F4C-6088-478C-9B46-EBB9042F90EB) (Version: 1.0.0 – Canadian Pacific Railway)
The CPR Empress (HKLM-x32…69122487-668B-4CA1-B001-CD363506EE6C) (Version: 1.0.0 – Canadian Pacific Railway)
Train Artisan SD70s Locomotive Add-on for MSTS (HKLM-x32…Train Artisan SD70s Locomotive Add-on for MSTS) (Version:  – )
Unlocker (HKLM-x32…5577A25D-E4FE-4BFB-A660-E0D766BC4EDD) (Version: 1.9.2 – ajua Custom Installers)
USB Disk Security (HKLM-x32…USB Disk Security_is1) (Version:  – Zbshareware Lab)
Vim 8.2 (HKLM…Vim 8.2) (Version: 8.2 – Bram Moolenaar et al.)
vivo_usb_driver_lite_en version 1.1.0 (HKLM…vivo_usb_driver_lite_en_is1) (Version: 1.1.0 – Guangdong vivo Software Technology Co.,Ltd.)
VLC media player (HKLM…VLC media player) (Version: 3.0.16 – VideoLAN)
Wagn/NSE Facelifted  Class 365 AC EMU (HKLM-x32…Wagn/NSE Facelifted  Class 365 AC EMU) (Version:  – )
Winamp Detector Plug-in (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…Winamp Detect) (Version: 1.0.0.1 – Nullsoft, Inc)
WinCDEmu (HKLM-x32…WinCDEmu) (Version: 4.1 – Sysprogs)
Windows Media Player Firefox Plugin (HKLM-x32…69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4) (Version: 1.0.0.8 – Microsoft Corp)
WinRAR 5.10 (64-bit) (HKLM…WinRAR archiver) (Version: 5.10.0 – win.rar GmbH)
Wise Program Uninstaller 2.5.1 (HKLM-x32…Wise Program Uninstaller_is1) (Version: 2.5.1 – WiseCleaner.com, Inc.)
Wupper Express 11 Actpack 1.0 (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…Wupper Express 11 Actpack 1.0) (Version:  – )
XnConvert 1.90.0 (HKLM…XnConvert_is1) (Version: 1.90.0 – Gougelet Pierre-e)
XnView 2.50 (HKLM-x32…XnView_is1) (Version: 2.50 – Gougelet Pierre-e)
XnViewMP 0.98.4 (HKLM…XnViewMP_is1) (Version: 0.98.4 – Gougelet Pierre-e)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKUS-1-5-21-2753872946-3147176540-3625591976-1000_ClassesCLSID83f5ae0-2b0a-11dd-bd0b-0800200c9a66InprocServer32 -> C:Program FilesWindows SidebarGadgetsAll_CPU_Meter.gadgetCoreTempReader.dll (AddGadgets IT -> )
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> 81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42 => C:Program Files (x86)GoogleDrivegoogledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> 81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40 => C:Program Files (x86)GoogleDrivegoogledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> 81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41 => C:Program Files (x86)GoogleDrivegoogledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [00asw] -> 472083B0-C522-11CF-8763-00608CC02F24 =>  -> No File
ShellIconOverlayIdentifiers: [00avg] -> 472083B1-C522-11CF-8763-00608CC02F24 => C:Program FilesAVGAntivirusashShell.dll [2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers-x32: [00avg] -> 472083B1-C522-11CF-8763-00608CC02F24 => C:Program FilesAVGAntivirusashShell.dll [2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [ANotepad++64] -> B298D29A-A6ED-11DE-BA8C-A68E55D89593 => C:Program FilesNotepad++NppShell_06.dll [2021-07-16] (Notepad++ -> )
ContextMenuHandlers1: [AVG] -> 472083B1-C522-11CF-8763-00608CC02F24 => C:Program FilesAVGAntivirusashShell.dll [2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1-x32: [Cover Designer] -> 73FCA462-9BD5-4065-A73F-A8E5F6904EF7 => C:Program Files (x86)NeroNero 7Nero CoverDesignerCoverEdExtension.dll [2007-05-04] (Nero AG -> Nero AG)
ContextMenuHandlers1: [GDContextMenu] -> BB02B294-8425-42E5-983F-41A1FA970CD6 => C:Program Files (x86)GoogleDrivecontextmenu64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers1: [IObitUnstaler] -> 836AB26C-2DE4-41D3-AC24-4C6C2699B960 => C:Program Files (x86)IObitIObit UninstallerIUMenuRight.dll -> No File
ContextMenuHandlers1: [WinCDEmu] -> D0E37FD2-F675-426F-B09A-2CF37BA46FD5 => C:Program Files (x86)WinCDEmux64WinCDEmuContextMenu.dll [2015-09-29] (Sysprogs OU) [File not signed]
ContextMenuHandlers1: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext.dll [2014-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext32.dll [2014-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [WinCDEmu] -> A9901FCD-B4DF-43A1-BD5D-6C9F88679497 => C:Program Files (x86)WinCDEmux64WinCDEmuContextMenu.dll [2015-09-29] (Sysprogs OU) [File not signed]
ContextMenuHandlers3: [00avg] -> 472083B1-C522-11CF-8763-00608CC02F24 => C:Program FilesAVGAntivirusashShell.dll [2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers3: [MBAMShlExt] -> 57CE581A-0CB6-4266-9CA0-19364C90A0B3 => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2020-03-02] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> 23170F69-40C1-278A-1000-000100020000 => C:Program Files7-Zip7-zip.dll [2010-11-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> BB02B294-8425-42E5-983F-41A1FA970CD6 => C:Program Files (x86)GoogleDrivecontextmenu64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers4: [IObitUnstaler] -> 836AB26C-2DE4-41D3-AC24-4C6C2699B960 => C:Program Files (x86)IObitIObit UninstallerIUMenuRight.dll -> No File
ContextMenuHandlers5: [ACE] -> 5E2121EE-0300-11D4-8D3B-444553540000 => C:Program FilesAMDCNextCNextatiacm64.dll [2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> 3D1975AF-48C6-4f8e-A182-BE0E08FA86A9 => C:Windowssystem32nvshext.dll [2021-05-28] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> 23170F69-40C1-278A-1000-000100020000 => C:Program Files7-Zip7-zip.dll [2010-11-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AVG] -> 472083B1-C522-11CF-8763-00608CC02F24 => C:Program FilesAVGAntivirusashShell.dll [2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [IObitUnstaler] -> 836AB26C-2DE4-41D3-AC24-4C6C2699B960 => C:Program Files (x86)IObitIObit UninstallerIUMenuRight.dll -> No File
ContextMenuHandlers6: [MBAMShlExt] -> 57CE581A-0CB6-4266-9CA0-19364C90A0B3 => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2020-03-02] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinCDEmu] -> A9901FCD-B4DF-43A1-BD5D-6C9F88679497 => C:Program Files (x86)WinCDEmux64WinCDEmuContextMenu.dll [2015-09-29] (Sysprogs OU) [File not signed]
ContextMenuHandlers6: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext.dll [2014-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext32.dll [2014-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription__FilterToConsumerBinding->CommandLineEventConsumer.Name=”BVTConsumer””,Filter=”__EventFilter.Name=”BVTFilter”::
WMI:subscription__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA “Win32_Processor” AND TargetInstance.LoadPercentage > 99]
WMI:subscriptionCommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\tools\kernrate]
Shortcut: C:UsersRogerDesktoplispbox.lnk -> C:lispbox-0.7lispbox.bat ()
Shortcut: C:UsersRogerAppDataRoamingMicrosoftWindowsStart MenuProgramsVirgin VoyagerRenumber to 220 001.lnk -> C:MSTSTRAINSTRAINSETVoyager220001.bat ()
Shortcut: C:UsersRogerAppDataRoamingMicrosoftWindowsStart MenuProgramsVirgin VoyagerRenumber to 220 003.lnk -> C:MSTSTRAINSTRAINSETVoyager220003.bat ()
Shortcut: C:UsersRogerAppDataRoamingMicrosoftWindowsStart MenuProgramsVirgin VoyagerRenumber to 220 004.lnk -> C:MSTSTRAINSTRAINSETVoyager220004.bat ()
Shortcut: C:UsersRogerAppDataRoamingMicrosoftWindowsStart MenuProgramsVirgin VoyagerRenumber to 220 005.lnk -> C:MSTSTRAINSTRAINSETVoyager220005.bat ()
Shortcut: C:UsersRogerAppDataRoamingMicrosoftWindowsStart MenuProgramsVirgin VoyagerRenumber to 220 006.lnk -> C:MSTSTRAINSTRAINSETVoyager220006.bat ()
Shortcut: C:UsersRogerAppDataRoamingMicrosoftWindowsStart MenuProgramsVirgin VoyagerRenumber to 220 025.lnk -> C:MSTSTRAINSTRAINSETVoyager220025.bat ()

==================== Loaded Modules (Whitelisted) =============

2016-02-26 16:29 – 2016-02-26 16:29 – 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:Program FilesAMDCNextCNextatiamenu.dll
2016-12-27 09:04 – 2016-12-27 09:04 – 000160256 _____ (Canon Electronics Inc.) [File not signed] C:Program Files (x86)Canon ElectronicsShared Filesceiinfolog.dll
2018-11-22 13:50 – 2018-11-22 13:50 – 000645120 _____ (Canon Electronics Inc.) [File not signed] C:Program Files (x86)Canon ElectronicsShared FilesCeiStin.dll
2016-11-14 11:08 – 2016-11-14 11:08 – 000186368 _____ (Canon Electronics Inc.) [File not signed] C:Program FilesCanon ElectronicsShared Filesceiinfolog.dll
2015-10-16 15:44 – 2015-10-16 15:44 – 000271360 _____ (Canon Electronics Inc.) [File not signed] C:Program FilesCanon ElectronicsShared Filescsdloc.dll
2018-05-05 18:16 – 2012-03-14 05:00 – 000385024 _____ (CANON INC.) [File not signed] C:WindowsSystem32CNMLMAA.DLL
2010-11-19 11:08 – 2010-11-19 11:08 – 000086016 _____ (Igor Pavlov) [File not signed] C:Program Files7-Zip7-zip.dll
2021-07-22 06:44 – 2021-07-22 06:44 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirus1033avg.local_vc142.crtapi-ms-win-core-file-l1-2-0.dll
2021-07-22 06:44 – 2021-07-22 06:44 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirus1033avg.local_vc142.crtapi-ms-win-core-file-l2-1-0.dll
2021-07-22 06:44 – 2021-07-22 06:44 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirus1033avg.local_vc142.crtapi-ms-win-core-localization-l1-2-0.dll
2021-07-22 06:44 – 2021-07-22 06:44 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirus1033avg.local_vc142.crtapi-ms-win-core-processthreads-l1-1-1.dll
2021-07-22 06:44 – 2021-07-22 06:44 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirus1033avg.local_vc142.crtapi-ms-win-core-synch-l1-2-0.dll
2021-07-22 06:44 – 2021-07-22 06:44 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirus1033avg.local_vc142.crtapi-ms-win-core-timezone-l1-1-0.dll
2021-07-22 06:44 – 2021-07-22 06:44 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirus1033avg.local_vc142.crtapi-ms-win-crt-convert-l1-1-0.dll
2021-07-22 06:44 – 2021-07-22 06:44 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirus1033avg.local_vc142.crtapi-ms-win-crt-heap-l1-1-0.dll
2021-07-22 06:44 – 2021-07-22 06:44 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirus1033avg.local_vc142.crtapi-ms-win-crt-runtime-l1-1-0.dll
2021-07-22 06:44 – 2021-07-22 06:44 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirus1033avg.local_vc142.crtapi-ms-win-crt-stdio-l1-1-0.dll
2021-07-22 06:44 – 2021-07-22 06:44 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirus1033avg.local_vc142.crtapi-ms-win-crt-string-l1-1-0.dll
2021-07-22 06:44 – 2021-07-22 06:44 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirus1033avg.local_vc142.crtucrtbase.DLL
2021-07-22 06:44 – 2021-07-22 06:44 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirus1033avg.local_vc142.crtVCRUNTIME140.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-core-file-l1-2-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-core-file-l2-1-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-core-localization-l1-2-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-core-processthreads-l1-1-1.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-core-synch-l1-2-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-core-timezone-l1-1-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-crt-convert-l1-1-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-crt-environment-l1-1-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-crt-filesystem-l1-1-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-crt-heap-l1-1-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-crt-locale-l1-1-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-crt-math-l1-1-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-crt-multibyte-l1-1-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-crt-runtime-l1-1-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-crt-stdio-l1-1-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-crt-string-l1-1-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-crt-time-l1-1-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-crt-utility-l1-1-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtMSVCP140.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtucrtbase.DLL
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtVCRUNTIME140.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtVCRUNTIME140_1.dll
2015-09-26 04:34 – 2015-09-29 01:08 – 000255488 _____ (Sysprogs OU) [File not signed] C:Program Files (x86)WinCDEmux64WinCDEmuContextMenu.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalavgSP.sys => “”=”Driver”
HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => “”=”Service”
HKLMSYSTEMCurrentControlSetControlSafeBootNetworkavgSP.sys => “”=”Driver”
HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => “”=”Service”
HKLMSYSTEMCurrentControlSetControlSafeBootNetworkSntpService => “”=”service”

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKUS-1-5-21-2753872946-3147176540-3625591976-1000SoftwareMicrosoftInternet ExplorerMain,Start Page = hxxps://www.google.co.th/
HKUS-1-5-21-2753872946-3147176540-3625591976-500SoftwareMicrosoftInternet ExplorerMain,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKUS-1-5-21-2753872946-3147176540-3625591976-1000 -> DefaultScope 6BECBB53-5E56-427D-9EF8-B96E1462C6C3 URL = hxxps://www.google.com/search?q=searchTerms&sourceid=ie7&rls=com.microsoft:language:referrer:source&ie=inputEncoding?&oe=outputEncoding?
SearchScopes: HKUS-1-5-21-2753872946-3147176540-3625591976-1000 -> 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =
SearchScopes: HKUS-1-5-21-2753872946-3147176540-3625591976-1000 -> 6BECBB53-5E56-427D-9EF8-B96E1462C6C3 URL = hxxps://www.google.com/search?q=searchTerms&sourceid=ie7&rls=com.microsoft:language:referrer:source&ie=inputEncoding?&oe=outputEncoding?
SearchScopes: HKUS-1-5-21-2753872946-3147176540-3625591976-1000 -> 849BAD7E-D841-4C99-BD61-066491A304F8 URL = hxxps://www.google.com/search?q=searchTerms&sourceid=ie7&rls=com.microsoft:language:referrer:source&ie=inputEncoding?&oe=outputEncoding?
SearchScopes: HKUS-1-5-21-2753872946-3147176540-3625591976-1000 -> 9975CEFB-2FE2-4007-B332-525A9B4A70E1 URL = hxxps://duckduckgo.com/?q=searchTerms
BHO: ExplorerWnd Helper -> 10921475-03CE-4E04-90CE-E2E7EF20C814 -> C:Program Files (x86)IObitIObit UninstallerUninstallExplorer.dll => No File
BHO: Canon Easy-WebPrint EX BHO -> 3785D0AD-BFFF-47F6-BF5B-A587C162FED9 -> C:Program FilesCanonEasy-WebPrint EXewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: SteadyVideoBHO Class -> 6C680BAE-655C-4E3D-8FC4-E6A520C3D928 -> C:Program FilesAMDSteadyVideoSteadyVideo.dll [2012-02-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
BHO: Java™ Plug-In SSV Helper -> 761497BB-D6F0-462C-B6EB-D4DAF1D92D43 -> C:Program FilesJavajre1.8.0_231binssv.dll [2019-10-24] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> DBC80044-A445-435b-BC74-9C25C1C588A9 -> C:Program FilesJavajre1.8.0_231binjp2ssv.dll [2019-10-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> 3785D0AD-BFFF-47F6-BF5B-A587C162FED9 -> C:Program Files (x86)CanonEasy-WebPrint EXewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: SteadyVideoBHO Class -> 6C680BAE-655C-4E3D-8FC4-E6A520C3D928 -> C:Program Files (x86)amdSteadyVideoSteadyVideo.dll [2012-02-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
BHO-x32: Evernote extension -> 92EF2EAD-A7CE-4424-B0DB-499CF856608E -> C:Program Files (x86)EvernoteEvernoteEvernoteIE.dll [2020-06-24] (Evernote Corporation -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Toolbar: HKLM – Canon Easy-WebPrint EX – 759D9886-0C6F-4498-BAB6-4A5F47C6C72F – C:Program FilesCanonEasy-WebPrint EXewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 – Canon Easy-WebPrint EX – 759D9886-0C6F-4498-BAB6-4A5F47C6C72F – C:Program Files (x86)CanonEasy-WebPrint EXewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Filter: video/mp4 – 20C75730-7C25-476B-95DC-C65810F9E489 – C:Program FilesAMDSteadyVideoVideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter-x32: video/mp4 – 20C75730-7C25-476B-95DC-C65810F9E489 – C:Program Files (x86)amdSteadyVideoVideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter: video/x-flv – 20C75730-7C25-476B-95DC-C65810F9E489 – C:Program FilesAMDSteadyVideoVideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter-x32: video/x-flv – 20C75730-7C25-476B-95DC-C65810F9E489 – C:Program Files (x86)amdSteadyVideoVideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-11-15 22:25 – 2021-07-07 09:42 – 000000828 _____ C:Windowssystem32driversetchosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKUS-1-5-21-2753872946-3147176540-3625591976-1000Control PanelDesktop\Wallpaper -> C:UsersRogerAppDataRoamingMicrosoftWindowsThemesTranscodedWallpaper.jpg
HKUS-1-5-21-2753872946-3147176540-3625591976-500Control PanelDesktop\Wallpaper -> C:WindowsWebWallpaperLandscapesimg8.jpg
DNS Servers: 8.8.8.8 – 8.8.4.4
HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIGServices: QHActiveDefense =>
MSCONFIGstartupreg: AdobeGCInvoker-1.0 => “C:Program Files (x86)Common FilesAdobeAdobeGCClientAGCInvokerUtility.exe”

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [E27995A1-4F24-4DB3-A99D-EE4508961CCF] => (Allow) C:Program FilesCCleanerCCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [DC944233-2C99-455C-871D-E9999C61CAF0] => (Allow) C:Program FilesCCleanerCCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [UDP Query User12DC29A7-E0F7-4D4C-AD03-6F0B612A73C0C:program filesvideolanvlcvlc.exe] => (Allow) C:program filesvideolanvlcvlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User930F515E-FE4A-4CAF-A274-97037E70B9DDC:program filesvideolanvlcvlc.exe] => (Allow) C:program filesvideolanvlcvlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [BD1C8098-8190-4E76-8C80-392A42685CEB] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [146D71CB-E9A3-49A6-9974-4EE599D461E4] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [D25973EE-36E5-44BC-B38F-94B038B8B176] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [61405EC8-8292-478C-992F-1C1FEC1160A6] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [837010A2-9FD5-4C3C-AAC1-0E28ECA962ED] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [470C298B-665F-4FCA-88D0-5023E28B7740] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [730250E3-9ADD-430E-A5F5-A4D9BBB562A7] => (Allow) C:Program Files (x86)AOMEI BackupperABService.exe (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.)
FirewallRules: [7EA6A63D-6966-47D8-B01B-5571E3318723] => (Allow) C:Program Files (x86)AOMEI BackupperABService.exe (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.)
FirewallRules: [15E9B1E3-306D-450D-AC82-710D09F0B3E3] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [BB7D667A-E555-4FCE-A513-CACE784884E7] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User43EFD5A3-5A3D-4BD2-90A4-919273D9CB13C:program filesqbittorrentqbittorrent.exe] => (Allow) C:program filesqbittorrentqbittorrent.exe () [File not signed]
FirewallRules: [UDP Query UserA6A89E1D-CB73-43E2-ABEB-78BF51F97382C:program filesqbittorrentqbittorrent.exe] => (Allow) C:program filesqbittorrentqbittorrent.exe () [File not signed]
FirewallRules: [TCP Query UserC8A363EB-98C9-451A-AA4E-A7817A674468D:x-plane 11x-plane.exe] => (Allow) D:x-plane 11x-plane.exe (Laminar Research, LLC -> Laminar Research)
FirewallRules: [UDP Query UserA0216D38-8E18-41DC-A259-6CA0ED36DBDCD:x-plane 11x-plane.exe] => (Allow) D:x-plane 11x-plane.exe (Laminar Research, LLC -> Laminar Research)
FirewallRules: [EA68B5D9-9F4D-4B42-AFDF-7FC9D1B025FC] => (Allow) C:Program FilesNetBeans 8.2binnetbeans64.exe (Oracle Corporation) [File not signed]
FirewallRules: [10155254-8AFD-4395-976D-D81A9BE8A844] => (Allow) C:Program FilesNetBeans 8.2binnetbeans64.exe (Oracle Corporation) [File not signed]
FirewallRules: [D1879F6C-7704-4B2E-A080-CFA783A30255] => (Allow) C:Program FilesNetBeans 8.2binnetbeans64.exe (Oracle Corporation) [File not signed]
FirewallRules: [0FB64524-CBA9-45B2-99E0-AA8A9E74B2AB] => (Allow) C:Program FilesNetBeans 8.2binnetbeans64.exe (Oracle Corporation) [File not signed]
FirewallRules: [7EB1FDC4-CD9C-40DE-A74E-4554A3BAF5C8] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)
FirewallRules: [1DE33E15-53E2-4EC4-A793-702C9CF3E660] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)
FirewallRules: [EBFF86FA-BBFB-465E-8974-6ED53617E093] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [CE92BC77-77E1-45CA-AA35-99B07BF9CE40] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [774A2121-6A34-4E31-AF1B-AEE6168BB87A] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [E0239EB9-E461-4FC5-84E2-C678317BE001] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [3A6A4A6B-CCB8-4302-BAF4-09F9DC302653] => (Allow) C:Program FilesOpenShot Video Editoropenshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [88B9C847-177B-48D1-BC60-99869A7BBB79] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [FE6EBFF6-D10C-4DBB-A576-CB84F29361BE] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [D0CE2BE1-084B-4BDF-91FC-46995106814D] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [7CEA6CCD-B059-4FE4-A278-C9FDBC25C2A9] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [BA7C9D4B-261D-4CB2-A5C7-B33DA7510550] => (Allow) C:Program FilesqBittorrentqbittorrent.exe () [File not signed]
FirewallRules: [F50200A4-EF95-4DB5-B57A-92D795435D65] => (Allow) C:Program FilesqBittorrentqbittorrent.exe () [File not signed]
FirewallRules: [53C9F76A-3CC1-4DB4-9B85-BD15AA30EBBD] => (Allow) C:Program FilesGoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)
FirewallRules: [527F3939-0794-466E-AFDD-214B326BB041] => (Allow) C:Program Files (x86)AOMEI BackupperABService.exe (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.)
FirewallRules: [47E98F92-685A-46B2-A3AB-8BD8B885F6E7] => (Allow) C:Program Files (x86)AOMEI BackupperABService.exe (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.)
FirewallRules: [E72D2A8D-B67E-4AF0-B787-A0A8F90D8173] => (Allow) C:Program Files (x86)AVGBrowserApplicationAVGBrowser.exe (AVG Technologies USA, LLC -> AVG Technologies)

==================== Restore Points =========================

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (07/23/2021 01:02:33 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: AVG Update Helper — Error 1316. The specified account already exists.

Error: (07/23/2021 12:19:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AUEPMaster.exe, version: 1850.27.1.302, time stamp: 0x5c7af155
Faulting module name: AUEPMaster.exe, version: 1850.27.1.302, time stamp: 0x5c7af155
Exception code: 0xc0000005
Fault offset: 0x0000000000006b42
Faulting process id: 0x1658
Faulting application start time: 0x01d77f81e378bbad
Faulting application path: C:Program FilesAMDPerformance Profile ClientAUEPMaster.exe
Faulting module path: C:Program FilesAMDPerformance Profile ClientAUEPMaster.exe
Report Id: 7d6733eb-eb75-11eb-ab39-e0d55e33c7c4

Error: (07/23/2021 12:14:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query “SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA “Win32_Processor” AND TargetInstance.LoadPercentage > 99″ could not be reactivated in namespace “//./root/CIMV2” because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/23/2021 12:14:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: InstallManagerApp.exe, version: 9.0.0.1, time stamp: 0x56d0b346
Faulting module name: InstallManagerApp.exe, version: 9.0.0.1, time stamp: 0x56d0b346
Exception code: 0xc0000005
Fault offset: 0x00000000000b64f1
Faulting process id: 0xaa8
Faulting application start time: 0x01d77f818863c905
Faulting application path: C:Program FilesAMDCIMBin64InstallManagerApp.exe
Faulting module path: C:Program FilesAMDCIMBin64InstallManagerApp.exe
Report Id: dc8a4285-eb74-11eb-ab39-e0d55e33c7c4

Error: (07/23/2021 11:59:46 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: AVG Update Helper — Error 1316. The specified account already exists.

Error: (07/23/2021 10:56:14 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: AVG Update Helper — Error 1316. The specified account already exists.

Error: (07/23/2021 10:45:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AUEPMaster.exe, version: 1850.27.1.302, time stamp: 0x5c7af155
Faulting module name: AUEPMaster.exe, version: 1850.27.1.302, time stamp: 0x5c7af155
Exception code: 0xc0000005
Fault offset: 0x0000000000006b42
Faulting process id: 0x1544
Faulting application start time: 0x01d77f74f7320414
Faulting application path: C:Program FilesAMDPerformance Profile ClientAUEPMaster.exe
Faulting module path: C:Program FilesAMDPerformance Profile ClientAUEPMaster.exe
Report Id: 5d117d7e-eb68-11eb-a15c-e0d55e33c7c4

Error: (07/23/2021 10:44:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: nvcontainer.exe, version: 1.33.2988.2648, time stamp: 0x6082bd2b
Faulting module name: ntdll.dll, version: 6.1.7601.24545, time stamp: 0x5e0eb67f
Exception code: 0xc000041d
Fault offset: 0x0000000000032ad4
Faulting process id: 0x6ec
Faulting application start time: 0x01d77f74b15d4f66
Faulting application path: C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe
Faulting module path: C:WindowsSYSTEM32ntdll.dll
Report Id: 597ac462-eb68-11eb-a15c-e0d55e33c7c4

System errors:
=============
Error: (07/23/2021 12:19:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AMD User Experience Program Launcher service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/23/2021 12:17:22 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (07/23/2021 12:17:05 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
Overlapped I/O operation is in progress.

Error: (07/23/2021 12:17:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
Overlapped I/O operation is in progress.

Error: (07/23/2021 12:17:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
Overlapped I/O operation is in progress.

Error: (07/23/2021 12:17:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
Overlapped I/O operation is in progress.

Error: (07/23/2021 12:17:05 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x800703e5.

Error: (07/23/2021 12:17:04 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x800703e5.

Windows Defender:
================
Date: 2018-12-17 04:54:47.930
Description:
Windows Defender scan has been stopped before completion.
Scan Type:AntiSpyware
Scan Parameters:Full Scan

==================== Memory info ===========================

BIOS: American Megatrends Inc. FD 12/07/2016
Motherboard: Gigabyte Technology Co., Ltd. F2A68HM-DS2
Processor: AMD A10-5800K APU with Radeon™ HD Graphics
Percentage of memory in use: 81%
Total physical RAM: 8138.01 MB
Available physical RAM: 1519.89 MB
Total Virtual: 16274.16 MB
Available Virtual: 8524.13 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:310 GB) (Free:74.29 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:310.84 GB) (Free:105.64 GB) NTFS
Drive e: () (Fixed) (Total:310.67 GB) (Free:218.8 GB) NTFS
Drive g: (Backup) (Fixed) (Total:931.48 GB) (Free:305 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 783CAA8B)
Partition 1: (Active) – (Size=310 GB) – (Type=07 NTFS)
Partition 2: (Not Active) – (Size=621.5 GB) – (Type=0F Extended)

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 16F2A91F)

Partition: GPT.

==================== End of Addition.txt =======================Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-07-2021 01
Ran by Roger (23-07-2021 13:37:33)
Running from C:UsersRogerDownloads
Windows 7 Ultimate Service Pack 1 (X64) (2019-06-18 13:57:31)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2753872946-3147176540-3625591976-500 – Administrator – Disabled) => C:UsersAdministrator
Guest (S-1-5-21-2753872946-3147176540-3625591976-501 – Limited – Disabled)
HomeGroupUser$ (S-1-5-21-2753872946-3147176540-3625591976-1010 – Limited – Enabled)
Roger (S-1-5-21-2753872946-3147176540-3625591976-1000 – Administrator – Enabled) => C:UsersRoger
SophosSAUMR-6S29Uaaa (S-1-5-21-2753872946-3147176540-3625591976-1001 – Limited – Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Antivirus (Enabled – Up to date) 18A975F9-A60C-37D8-E30B-4BEF31AD3411
AS: AVG Antivirus (Enabled – Up to date) A3C8941D-8036-3856-D9BB-709D4A2A7EAC
AS: Windows Defender (Disabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3D Pinball (HKLM-x32…C342E30B-52F9-4657-96B6-32E399B9DEB2) (Version: 5.1.2600.5512 – Microsoft Coprporation)
4K Video Downloader (HKLM…50F633D3-DE52-4709-AD1B-A09B5B0D86C1) (Version: 4.16.4.4300 – Open Media LLC) Hidden
4K Video Downloader (HKLM-x32…33a1766b-73d6-42ce-b3ff-317e5db3e9a7) (Version: 4.14.1.4020 – Open Media LLC)
7-Zip 19.00 (HKLM-x32…7-Zip) (Version: 19.00 – Igor Pavlov)
AceIt v1.3.1 (HKLM-x32…AceIt_is1) (Version:  – Scott M. Miller)
Adobe Acrobat Reader DC (HKLM-x32…AC76BA86-7AD7-1033-7B44-AC0F074E4100) (Version: 21.005.20058 – Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32…2D99B50E-431D-4AA8-85C1-172A6F8BCF09) (Version: 14.0 – Adobe Systems Incorporated)
aerosoft’s – Cambrian Route 1.0 (HKLM-x32…6EBEFBFC-05C6-4472-8E97-7DD2ABF9341E) (Version:  – )
AMD Install Manager (HKLM…AMD Catalyst Install Manager) (Version: 5.00 – Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM…E9EED4AE-682B-4501-9574-D09A21717599_is1) (Version: 4.0.0.0 – AppEx Networks)
Anki (HKLM-x32…Anki) (Version: 2.1.43 – )
AOMEI Backupper Standard (HKLM-x32…A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D_is1) (Version:  – AOMEI Technology Co., Ltd.)
Audacity 2.3.2 (HKLM-x32…Audacity_is1) (Version: 2.3.2 – Audacity Team)
AVG AntiVirus FREE (HKLM-x32…AVG Antivirus) (Version: 21.5.3185 – AVG Technologies)
AVG Secure Browser (HKLM-x32…AVG Secure Browser) (Version: 91.1.10935.166 – AVG Technologies)
Battle for Wesnoth 1.14.2 (HKLM-x32…Battle for Wesnoth 1.14.2) (Version: 1.14.2 – )
Blender (HKLM…71FBA2D9-83C5-4817-88ED-FB6F28342FF3) (Version: 2.83.4 – Blender Foundation)
BLLW FP7 pack (HKLM-x32…BLLW FP7 pack) (Version:  – )
BlueGriffon version 3.1 (HKLM…A9015334-10BE-4D64-A776-203336EFE806_is1) (Version: 3.1 – Disruptive Innovations SAS)
BP Summer3 Environment for KOSMOS (HKLM-x32…471BE53D-1CEE-4826-88BF-EB1AF8D45F9B) (Version: 3.0 – BP)
Branding64 (HKLM…EE2AFCE4-0238-4DE0-A140-1647021627C1) (Version: 1.00.0001 – Advanced Micro Devices, Inc.) Hidden
calibre 64bit (HKLM…40539A18-5471-4A0D-91BB-D0E5274B9D41) (Version: 3.48.0 – Kovid Goyal)
Canon driver for DR-M200 Series (x64) (HKLM…BD2C4201-393C-42EA-BCC4-099DFFC2A218) (Version: 1.1.6919 – Canon Electronics Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32…Easy-PhotoPrint EX) (Version:  – )
Canon Easy-WebPrint EX (HKLM-x32…Easy-WebPrint EX) (Version: 1.7.0.0 – Canon Inc.)
Canon G2000 series MP Drivers (HKLM…1199FAD5-9546-44f3-81CF-FFDB8040B7BF_Canon_G2000_series) (Version: 1.02 – Canon Inc.)
Canon G2010 series MP Drivers (HKLM…1199FAD5-9546-44f3-81CF-FFDB8040B7BF_Canon_G2010_series) (Version: 1.01 – Canon Inc.)
Canon G2010 series On-screen Manual (HKLM-x32…Canon G2010 series On-screen Manual) (Version: 1.0.0 – Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32…Canon IJ Printer Assistant Tool) (Version: 1.05.1.51 – Canon Inc.)
Canon IJ Scan Utility (HKLM-x32…Canon_IJ_Scan_Utility) (Version: 1.4.0.16 – Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32…CANONIJPLM100) (Version: 6.3.0 – Canon Inc.)
Canon MP Navigator EX 4.0 (HKLM-x32…MP Navigator EX 4.0) (Version:  – )
Canon My Image Garden (HKLM-x32…Canon My Image Garden) (Version: 3.6.4 – Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32…Canon My Image Garden Design Files) (Version: 3.6.0 – Canon Inc.)
Canon My Printer (HKLM-x32…CanonMyPrinter) (Version:  – )
Canon Quick Menu (HKLM-x32…CanonQuickMenu) (Version: 2.8.5 – Canon Inc.)
CCleaner (HKLM…CCleaner) (Version: 5.83 – Piriform)
Class_50_Content_Update (HKLM-x32…53A7E07-3D44-4CDB-B79C-EE8755BFD7D6) (Version: 1.00.0000 – Microsoft)
CN Blackfoot Vegreville Subs v2 Route (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…CN Blackfoot Vegreville Subs v2 Route) (Version:  – )
CN Blackfoot Vegreville v2 Equipment Pack (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…CN Blackfoot Vegreville v2 Equipment Pack) (Version:  – )
Columbus Locomotive Works Alco PA Locomotive Set (HKLM-x32…Columbus Locomotive Works Alco PA Locomotive Set) (Version:  – )
Columbus Locomotive Works Alco PB Add-on Locomotives (HKLM-x32…Columbus Locomotive Works Alco PB Add-on Locomotives) (Version:  – )
Crusader Kings II Holy Fury (HKLM-x32…Crusader Kings II Holy Fury_is1) (Version:  – )
Data Lifeguard Diagnostic version 1.36 (HKLM-x32…519C4DB6-B53B-4F5C-8297-89B2BE949FA5_is1) (Version:  – Western Digital Corporation)
Dekosoft Trains Common Files v.1.8 (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…Dekosoft Trains Common Files v.1.8) (Version:  – )
Dekosoft Trains Tank Car Set v.1.0 (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…Dekosoft Trains Tank Car Set v.1.0) (Version:  – )
Dekosoft Trains Union Pacific Freight Car Set v.2.5.1 (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…Dekosoft Trains Union Pacific Freight Car Set v.2.5.1) (Version:  – )
Dekosoft Trains Union Pacific Super Set v.2.5.1 (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…Dekosoft Trains Union Pacific Super Set v.2.5.1) (Version:  – )
DVD Flick 1.3.0.7 (HKLM-x32…DVD Flick_is1) (Version: 1.3.0.7 – Dennis Meuwissen)
East Coast Express Part 1 (HKLM-x32…East Coast Express Part 1) (Version:  – )
Epic Games Launcher Prerequisites (x64) (HKLM…66C5838F-B854-4A55-89E6-A6138747A4DF) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden
Evernote v. 6.25.1 (HKLM-x32…CA92FF58-B652-11EA-A23A-42010A401FD0) (Version: 6.25.1.9091 – Evernote Corp.)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32…AC76BA86-7AD7-2530-0000-AC13154E5A00) (Version: 19.021.20058 – Adobe Systems Incorporated)
f.lux (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…Flux) (Version:  – f.lux Software LLC)
Freeware EMD F/E Series Cabview (HKLM-x32…Freeware EMD F/E Series Cabview) (Version:  – )
gImageReader (HKLM-x32…gImageReader) (Version: 3.3.1 – Sandro Mani)
GIMP 2.10.0 (HKLM…GIMP-2_is1) (Version: 2.10.0 – The GIMP Team)
GoldWave v6.47 (HKLM…GoldWave v6.47) (Version: 6.47 – GoldWave Inc.)
Google Chrome (HKLM-x32…Google Chrome) (Version: 91.0.4472.164 – Google LLC)
Google Drive (HKLM-x32…459CE109-4E46-4340-92BC-054642BC3BC2) (Version: 1.31.2873.2758 – Google, Inc.)
Google Update Helper (HKLM-x32…A92DAB39-4E2C-4304-9AB6-BC44E68B55E2) (Version: 1.3.24.15 – Google Inc.) Hidden
HandBrake 1.2.2 (HKLM-x32…HandBrake) (Version: 1.2.2 – )
ImageMagick 7.0.7-28 Q16 (64-bit) (2018-03-25) (HKLM…ImageMagick 7.0.7 Q16 (64-bit)_is1) (Version: 7.0.7 – ImageMagick Studio LLC)
ImgBurn (HKLM-x32…ImgBurn) (Version: 2.5.8.0 – LIGHTNING UK!)
Java 8 Update 231 (64-bit) (HKLM…26A24AE4-039D-4CA4-87B4-2F64180231F0) (Version: 8.0.2310.11 – Oracle Corporation)
Java SE Development Kit 8 Update 171 (64-bit) (HKLM…64A3A4F4-B792-11D6-A78A-00B0D0180171) (Version: 8.0.1710.11 – Oracle Corporation)
K-Lite Codec Pack 15.3.5 Standard (HKLM-x32…KLiteCodecPack_is1) (Version: 15.3.5 – KLCP)
Kosmos 1.0 (HKLM-x32…Kosmos 1.0) (Version:  – )
Launcher Prerequisites (x64) (HKLM-x32…c6c5a357-c7ca-4a5f-9789-3bb1af579253) (Version: 1.0.0.0 – Epic Games, Inc.) Hidden
LayoutEditor (HKLM…459A2BA8-D3EE-4A06-848E-486855B853E8) (Version: 20.2.2 – juspertor)
Leela – the Go Program (HKLM-x32…Leela) (Version: 0.11.0 – Sjeng.Org)
LibreOffice 7.0 Help Pack (English (United States)) (HKLM…24C4DE03-4A0C-4E0F-AF41-D8FFAB656183) (Version: 7.0.6.2 – The Document Foundation)
LibreOffice 7.0.6.2 (HKLM…9F9A9C01-5A65-4C2E-A243-FC88C81BC35F) (Version: 7.0.6.2 – The Document Foundation)
LINE (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…LINE) (Version: 6.7.4.2508 – LINE Corporation)
Malwarebytes version 4.4.3.125 (HKLM…35065F43-4BB2-439A-BFF7-0F1014F2E0CD_is1) (Version: 4.4.3.125 – Malwarebytes)
MediaMonkey 4.1 (HKLM-x32…MediaMonkey_is1) (Version: 4.1 – Ventis Media Inc.)
Medieval – Total War – Gold Edition (HKLM-x32…A10F7877-4276-416C-9F22-CB56C0CB2700) (Version: 2.0 – The Creative Assembly)
Microsoft .NET Framework 4.8 (HKLM…92FB6C44-E685-45AD-9B20-CADF4CABA132 – 1033) (Version: 4.8.03761 – Microsoft Corporation)
Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 83.0.478.50 – Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32…90120000-00D1-0409-0000-0000000FF1CE) (Version: 12.0.4518.1031 – Microsoft Corporation)
Microsoft Silverlight (HKLM-x32…89F4137D-6C26-4A84-BDB8-2E5A4BB71E00) (Version: 5.1.30214.0 – Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32…710f4c1c-cc18-4c49-8cbf-51240c89a1a2) (Version: 8.0.61001 – Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32…7299052b-02a4-4627-81f2-1818da5d550d) (Version: 8.0.56336 – Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32…837b34e3-7c30-493c-8f6a-2b0f04e2912c) (Version: 8.0.59193 – Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…71c9b48-7c32-4621-a0ac-3f809523288f) (Version: 8.0.56336 – Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc) (Version: 8.0.59192 – Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…ad8a2fa1-06e7-4b0d-927d-6e54b3d31028) (Version: 8.0.61000 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x64 9.0.21022 (HKLM…350AA351-21FA-3270-8B7A-835434E766AD) (Version: 9.0.21022 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4) (Version: 9.0.30729.6161 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x86 9.0.21022 (HKLM-x32…FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4) (Version: 9.0.21022 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.17 (HKLM-x32…9A25302D-30C0-39D9-BD6F-21E6EC160475) (Version: 9.0.30729 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.4148 (HKLM-x32…1F1C2DFC-2D24-3E06-BCB8-725134ADF989) (Version: 9.0.30729.4148 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…9BE518E6-ECC6-35A9-88E4-87755C07200F) (Version: 9.0.30729.6161 – Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable – 10.0.40219 (HKLM…1D8E6291-B0D5-35EC-8441-6616F567A0F7) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable – 10.0.40219 (HKLM-x32…F0C3E5D1-1ADE-321E-8167-68EF0DE699A5) (Version: 10.0.40219 – Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…ca67548a-5ebe-413a-b50c-4b9ceb6d66c6) (Version: 11.0.61030.0 – Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…33d1fd90-4274-48a1-9bc1-97e33d9c2d6f) (Version: 11.0.61030.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.30501 (HKLM-x32…50d4fc8-5d48-4b8f-8972-47c82c46020f) (Version: 12.0.30501.0 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.30501 (HKLM-x32…f65db027-aff3-4070-886a-0d87064aabb1) (Version: 12.0.30501.0 – Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.26.28808 (HKLM-x32…78079cc3-1f6e-47f6-b4d6-105f08b89409) (Version: 14.26.28808.1 – Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.25.28508 (HKLM-x32…65e650ff-30be-469d-b63a-418d71ea1765) (Version: 14.25.28508.3 – Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…771FD6B0-FA20-440A-A002-3B3BAC16DC50_is1) (Version: 1.30.2 – Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32…19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20) (Version: 3.1.10527.0 – Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM…Mozilla Firefox 90.0 (x64 en-US)) (Version: 90.0 – Mozilla)
Mozilla Maintenance Service (HKLM…MozillaMaintenanceService) (Version: 60.8.0 – Mozilla)
mp3splt-gtk (HKLM-x32…mp3splt-gtk) (Version:  – )
MSTS APK Extractor v3 (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…MSTS APK Extractor v3) (Version:  – )
MSTS Patch 1.8.0521 EN (HKLM-x32…587A2120-41D3-11DB-3D6C-00E19E4D4AE1) (Version: 1.8.052113 – George)
MSTS_ActMan (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…MSTS_ActMan) (Version:  – )
MSXML 4.0 SP3 Parser (HKLM-x32…196467F1-C11F-4F76-858B-5812ADC83B94) (Version: 4.30.2100.0 – Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32…1D95BA90-F4F8-47EC-A882-441C99D30C1E) (Version: 4.30.2117.0 – Microsoft Corporation)
NEC Equipment Mega Pack # 1 (HKLM-x32…NEC Equipment Mega Pack # 1) (Version:  – NORTH AMERICAN LOCOMOTIVE WORKS)
Nero 7 Ultra Edition (HKLM-x32…293C9DF5-7669-4826-BBB2-E1F182D71033) (Version: 7.02.8631 – Nero AG)
NetBeans IDE 8.2 (HKLM…nbi-nb-base-8.2.0.0.201609300101) (Version: 8.2 – NetBeans.org)
Notepad++ (64-bit x64) (HKLM…Notepad++) (Version: 8.1.2 – Notepad++ Team)
NVIDIA GeForce Experience 3.23.0.74 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.GFExperience) (Version: 3.23.0.74 – NVIDIA Corporation)
NVIDIA Graphics Driver 466.63 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.Driver) (Version: 466.63 – NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.60 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_HDAudio.Driver) (Version: 1.3.38.60 – NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM…B2FE1952-0186-46C3-BAEC-A80AA35AC5B8_Display.PhysX) (Version: 9.19.0218 – NVIDIA Corporation)
OpenAL (HKLM-x32…OpenAL) (Version:  – )
OpenShot Video Editor version 2.5.1 (HKLM…4BB0DCDC-BC24-49EC-8937-72956C33A470_is1) (Version: 2.5.1 – OpenShot Studios, LLC)
OpenSSL 1.1.0L Light (64-bit) (HKLM…OpenSSL Light (64-bit)_is1) (Version:  – OpenSSL Win64 Installer Team)
PageEdit 1.5.0 (HKLM…PageEdit_is1) (Version:  – Sigil-Ebook)
paint.net (HKLM…1A59F8A6-6AB4-4522-9340-F420B9155A31) (Version: 4.2.16 – dotPDN LLC)
PDF Settings CC (HKLM-x32…1FBAE18D-4DE4-47AA-83EC-D1B046F262DC) (Version: 12.0 – Adobe Systems Incorporated) Hidden
PharoLauncher (HKLM-x32…D3DA6941-B593-48BB-AFF1-C4EE4901BEC5) (Version: 1.7.2 – Pharo project)
Prepare Engine Activity (HKLM-x32…Prepare Engine Activity) (Version:  – )
Printer Registration (HKLM-x32…Canon EISRegistration) (Version: 1.7.0 – Canon Inc.)
Python 3.7.1 (Anaconda3 2018.12 64-bit) (HKLM…Python 3.7.1 (Anaconda3 2018.12 64-bit)) (Version: 2018.12 – Anaconda, Inc.)
Python 3.8.2 (32-bit) (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…3182483d-078b-48fa-92c2-798baa1fe27d) (Version: 3.8.2150.0 – Python Software Foundation)
Python 3.8.2 Core Interpreter (32-bit) (HKLM-x32…6BA6203C-85AB-4B9E-8582-CE31B1B5C0ED) (Version: 3.8.2150.0 – Python Software Foundation) Hidden
Python 3.8.2 Development Libraries (32-bit) (HKLM-x32…12B4F371-ACE2-435B-BCF1-623F36C4E176) (Version: 3.8.2150.0 – Python Software Foundation) Hidden
Python 3.8.2 Documentation (32-bit) (HKLM-x32…45CEE0C6-5BB2-4A8B-B83C-58559A1CA424) (Version: 3.8.2150.0 – Python Software Foundation) Hidden
Python 3.8.2 Executables (32-bit) (HKLM-x32…FE5BE50D-21D5-44FB-9A97-5010E68608DA) (Version: 3.8.2150.0 – Python Software Foundation) Hidden
Python 3.8.2 pip Bootstrap (32-bit) (HKLM-x32…2E818780-AC79-4BC0-8023-C1CC46EAC9B6) (Version: 3.8.2150.0 – Python Software Foundation) Hidden
Python 3.8.2 Standard Library (32-bit) (HKLM-x32…9CC0C6D-0822-491E-A10E-2A8443DDF170) (Version: 3.8.2150.0 – Python Software Foundation) Hidden
Python 3.8.2 Tcl/Tk Support (32-bit) (HKLM-x32…B1528EAE-7E64-49DB-8CE1-514EB30BB38B) (Version: 3.8.2150.0 – Python Software Foundation) Hidden
Python 3.8.2 Test Suite (32-bit) (HKLM-x32…EE21EEE7-9D5A-4ECE-B60F-4BFA63BDA937) (Version: 3.8.2150.0 – Python Software Foundation) Hidden
Python 3.8.2 Utility Scripts (32-bit) (HKLM-x32…E284B869-7701-4A91-82C2-D3E66974A0F9) (Version: 3.8.2150.0 – Python Software Foundation) Hidden
Python 3.8.6 (64-bit) (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…fef707d7-d438-4dd9-bb0f-5788ee658f4f) (Version: 3.8.6150.0 – Python Software Foundation)
Python 3.8.6 Core Interpreter (64-bit) (HKLM…DE282FFC-F4AD-416A-8479-F3C72F94C967) (Version: 3.8.6150.0 – Python Software Foundation) Hidden
Python 3.8.6 Development Libraries (64-bit) (HKLM…59704C10-77A1-4D72-A97B-8FB2A933985B) (Version: 3.8.6150.0 – Python Software Foundation) Hidden
Python 3.8.6 Documentation (64-bit) (HKLM…558E2EFE-87D5-4E3F-B050-D4DEC548EA02) (Version: 3.8.6150.0 – Python Software Foundation) Hidden
Python 3.8.6 Executables (64-bit) (HKLM…7F55BD37-4437-47EE-8C82-3103E19DB114) (Version: 3.8.6150.0 – Python Software Foundation) Hidden
Python 3.8.6 pip Bootstrap (64-bit) (HKLM…28B1EC39-1C9F-482C-BFF7-4D347CE5ADED) (Version: 3.8.6150.0 – Python Software Foundation) Hidden
Python 3.8.6 Standard Library (64-bit) (HKLM…4BA74DE-13BE-477C-8FE5-19F247C0D555) (Version: 3.8.6150.0 – Python Software Foundation) Hidden
Python 3.8.6 Tcl/Tk Support (64-bit) (HKLM…79C40B8F-BC99-4FFF-8E1E-F05D246E772C) (Version: 3.8.6150.0 – Python Software Foundation) Hidden
Python 3.8.6 Test Suite (64-bit) (HKLM…3968C4C7-904D-4571-BC22-1CD8B87549D7) (Version: 3.8.6150.0 – Python Software Foundation) Hidden
Python 3.8.6 Utility Scripts (64-bit) (HKLM…A041F8F-4124-46CC-B021-AB8E70A873EC) (Version: 3.8.6150.0 – Python Software Foundation) Hidden
Python Launcher (HKLM-x32…3B82A91D-DB48-4160-94D2-0B8C6D2B1710) (Version: 3.8.7205.0 – Python Software Foundation)
qBittorrent 4.3.6 (HKLM-x32…qBittorrent) (Version: 4.3.6 – The qBittorrent project)
realMyst –  Masterpiece Edition (HKLM-x32…GOGPACKREALMYSTMASTERPIECEEDITION_is1) (Version: 2.0.0.3 – GOG.com)
Realtek High Definition Audio Driver (HKLM-x32…F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC) (Version: 6.0.1.6383 – Realtek Semiconductor Corp.)
Rome – Total War (HKLM-x32…51D386C4-0227-46A9-AC45-61F0A50E7AFF) (Version: 1.5 – The Creative Assembly)
Route_Riter v7.6.xx (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…Route_Riter v7.6.xx) (Version:  – )
Royal Canadian Pacific Luxury Train (HKLM-x32…C120D99B-6628-4974-86A9-94FB4724A2F1) (Version: 1.0.0 – Canadian Pacific Railway)
Samsung USB Driver for Mobile Phones (HKLM…D0795B21-0CDA-4a92-AB9E-6E92D8111E44) (Version: 1.7.11.0 – Samsung Electronics Co., Ltd.)
ScaleRail (HKLM-x32…ScaleRail1.77) (Version: 1.77 – 3DTrains)
ScaleRoad (HKLM-x32…ScaleRoad1.77) (Version: 1.77 – 3DTrains)
SD40-2_Content_Update (HKLM-x32…BF7C1B99-A250-45EF-B186-0C33B7308F95) (Version: 1.00.0000 – Microsoft)
Shape Viewer (HKLM-x32…88DA244E-4CEA-49E4-AD6A-301B65131E25) (Version: 2.2.0.237 – )
Sigil 1.5.1 (HKLM…Sigil_is1) (Version:  – Sigil-Ebook)
Sophos Diagnostic Utility (HKLM-x32…8078549C-CFF0-48C5-9B77-6BA48A14673D) (Version: 6.5.238.0 – Sophos Limited) Hidden
Sophos Network Threat Protection (HKLM…2D2A1891-4657-4E6F-9373-BFCE4C9AC5BA) (Version: 1.11.194.0 – Sophos Limited) Hidden
SP WEST COLTON (HKLM-x32…SP WEST COLTON1.0) (Version: 1.0 – 3D Train Stuff Llc.)
SP WEST COLTON FREE ACTIVITIES (HKLM-x32…SP WEST COLTON FREE ACTIVITIES1.0) (Version: 1.0 – 3D Train Stuff Llc.)
Speccy (HKLM…Speccy) (Version: 1.32 – Piriform)
SpyHunter 5 (HKLM-x32…SpyHunter5) (Version: 5.10.10.233 – EnigmaSoft Limited)
Steam (HKLM-x32…Steam) (Version: 2.10.91.91 – Valve Corporation)
Steel Bank Common Lisp 1.1.4.0.mswin.1288-90ab477 (X86-64) (HKLM…BBE9DE63-3453-463A-B83A-3243C38218AA) (Version: 1.1.4.0 – hxxp://www.sbcl.org)
SumatraPDF (HKLM…SumatraPDF) (Version: 3.2 – Krzysztof Kowalczyk)
Super Chief for Train Simulator (HKLM-x32…Super Chief for Train Simulatorv3.04.14.15) (Version: v3.04.14.15 – 3DTrains)
Surfliner Mega Pack V1 (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…Surfliner Mega Pack V1) (Version:  – )
TGATool2A version 4.00.34 (HKLM-x32…TGATool2A_is1) (Version:  – Martin Wright)
The CPR Canadian – 1955 (HKLM-x32…1FE78F4C-6088-478C-9B46-EBB9042F90EB) (Version: 1.0.0 – Canadian Pacific Railway)
The CPR Empress (HKLM-x32…69122487-668B-4CA1-B001-CD363506EE6C) (Version: 1.0.0 – Canadian Pacific Railway)
Train Artisan SD70s Locomotive Add-on for MSTS (HKLM-x32…Train Artisan SD70s Locomotive Add-on for MSTS) (Version:  – )
Unlocker (HKLM-x32…5577A25D-E4FE-4BFB-A660-E0D766BC4EDD) (Version: 1.9.2 – ajua Custom Installers)
USB Disk Security (HKLM-x32…USB Disk Security_is1) (Version:  – Zbshareware Lab)
Vim 8.2 (HKLM…Vim 8.2) (Version: 8.2 – Bram Moolenaar et al.)
vivo_usb_driver_lite_en version 1.1.0 (HKLM…vivo_usb_driver_lite_en_is1) (Version: 1.1.0 – Guangdong vivo Software Technology Co.,Ltd.)
VLC media player (HKLM…VLC media player) (Version: 3.0.16 – VideoLAN)
Wagn/NSE Facelifted  Class 365 AC EMU (HKLM-x32…Wagn/NSE Facelifted  Class 365 AC EMU) (Version:  – )
Winamp Detector Plug-in (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…Winamp Detect) (Version: 1.0.0.1 – Nullsoft, Inc)
WinCDEmu (HKLM-x32…WinCDEmu) (Version: 4.1 – Sysprogs)
Windows Media Player Firefox Plugin (HKLM-x32…69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4) (Version: 1.0.0.8 – Microsoft Corp)
WinRAR 5.10 (64-bit) (HKLM…WinRAR archiver) (Version: 5.10.0 – win.rar GmbH)
Wise Program Uninstaller 2.5.1 (HKLM-x32…Wise Program Uninstaller_is1) (Version: 2.5.1 – WiseCleaner.com, Inc.)
Wupper Express 11 Actpack 1.0 (HKUS-1-5-21-2753872946-3147176540-3625591976-1000…Wupper Express 11 Actpack 1.0) (Version:  – )
XnConvert 1.90.0 (HKLM…XnConvert_is1) (Version: 1.90.0 – Gougelet Pierre-e)
XnView 2.50 (HKLM-x32…XnView_is1) (Version: 2.50 – Gougelet Pierre-e)
XnViewMP 0.98.4 (HKLM…XnViewMP_is1) (Version: 0.98.4 – Gougelet Pierre-e)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKUS-1-5-21-2753872946-3147176540-3625591976-1000_ClassesCLSID83f5ae0-2b0a-11dd-bd0b-0800200c9a66InprocServer32 -> C:Program FilesWindows SidebarGadgetsAll_CPU_Meter.gadgetCoreTempReader.dll (AddGadgets IT -> )
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> 81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42 => C:Program Files (x86)GoogleDrivegoogledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> 81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40 => C:Program Files (x86)GoogleDrivegoogledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> 81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41 => C:Program Files (x86)GoogleDrivegoogledrivesync64.dll [2016-07-29] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [00asw] -> 472083B0-C522-11CF-8763-00608CC02F24 =>  -> No File
ShellIconOverlayIdentifiers: [00avg] -> 472083B1-C522-11CF-8763-00608CC02F24 => C:Program FilesAVGAntivirusashShell.dll [2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers-x32: [00avg] -> 472083B1-C522-11CF-8763-00608CC02F24 => C:Program FilesAVGAntivirusashShell.dll [2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [ANotepad++64] -> B298D29A-A6ED-11DE-BA8C-A68E55D89593 => C:Program FilesNotepad++NppShell_06.dll [2021-07-16] (Notepad++ -> )
ContextMenuHandlers1: [AVG] -> 472083B1-C522-11CF-8763-00608CC02F24 => C:Program FilesAVGAntivirusashShell.dll [2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1-x32: [Cover Designer] -> 73FCA462-9BD5-4065-A73F-A8E5F6904EF7 => C:Program Files (x86)NeroNero 7Nero CoverDesignerCoverEdExtension.dll [2007-05-04] (Nero AG -> Nero AG)
ContextMenuHandlers1: [GDContextMenu] -> BB02B294-8425-42E5-983F-41A1FA970CD6 => C:Program Files (x86)GoogleDrivecontextmenu64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers1: [IObitUnstaler] -> 836AB26C-2DE4-41D3-AC24-4C6C2699B960 => C:Program Files (x86)IObitIObit UninstallerIUMenuRight.dll -> No File
ContextMenuHandlers1: [WinCDEmu] -> D0E37FD2-F675-426F-B09A-2CF37BA46FD5 => C:Program Files (x86)WinCDEmux64WinCDEmuContextMenu.dll [2015-09-29] (Sysprogs OU) [File not signed]
ContextMenuHandlers1: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext.dll [2014-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext32.dll [2014-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [WinCDEmu] -> A9901FCD-B4DF-43A1-BD5D-6C9F88679497 => C:Program Files (x86)WinCDEmux64WinCDEmuContextMenu.dll [2015-09-29] (Sysprogs OU) [File not signed]
ContextMenuHandlers3: [00avg] -> 472083B1-C522-11CF-8763-00608CC02F24 => C:Program FilesAVGAntivirusashShell.dll [2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers3: [MBAMShlExt] -> 57CE581A-0CB6-4266-9CA0-19364C90A0B3 => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2020-03-02] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> 23170F69-40C1-278A-1000-000100020000 => C:Program Files7-Zip7-zip.dll [2010-11-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> BB02B294-8425-42E5-983F-41A1FA970CD6 => C:Program Files (x86)GoogleDrivecontextmenu64.dll [2016-07-29] (Google Inc -> Google)
ContextMenuHandlers4: [IObitUnstaler] -> 836AB26C-2DE4-41D3-AC24-4C6C2699B960 => C:Program Files (x86)IObitIObit UninstallerIUMenuRight.dll -> No File
ContextMenuHandlers5: [ACE] -> 5E2121EE-0300-11D4-8D3B-444553540000 => C:Program FilesAMDCNextCNextatiacm64.dll [2016-02-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> 3D1975AF-48C6-4f8e-A182-BE0E08FA86A9 => C:Windowssystem32nvshext.dll [2021-05-28] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> 23170F69-40C1-278A-1000-000100020000 => C:Program Files7-Zip7-zip.dll [2010-11-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AVG] -> 472083B1-C522-11CF-8763-00608CC02F24 => C:Program FilesAVGAntivirusashShell.dll [2021-07-22] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [IObitUnstaler] -> 836AB26C-2DE4-41D3-AC24-4C6C2699B960 => C:Program Files (x86)IObitIObit UninstallerIUMenuRight.dll -> No File
ContextMenuHandlers6: [MBAMShlExt] -> 57CE581A-0CB6-4266-9CA0-19364C90A0B3 => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2020-03-02] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinCDEmu] -> A9901FCD-B4DF-43A1-BD5D-6C9F88679497 => C:Program Files (x86)WinCDEmux64WinCDEmuContextMenu.dll [2015-09-29] (Sysprogs OU) [File not signed]
ContextMenuHandlers6: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext.dll [2014-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C:Program FilesWinRARrarext32.dll [2014-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription__FilterToConsumerBinding->CommandLineEventConsumer.Name=”BVTConsumer””,Filter=”__EventFilter.Name=”BVTFilter”::
WMI:subscription__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA “Win32_Processor” AND TargetInstance.LoadPercentage > 99]
WMI:subscriptionCommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\tools\kernrate]
Shortcut: C:UsersRogerDesktoplispbox.lnk -> C:lispbox-0.7lispbox.bat ()
Shortcut: C:UsersRogerAppDataRoamingMicrosoftWindowsStart MenuProgramsVirgin VoyagerRenumber to 220 001.lnk -> C:MSTSTRAINSTRAINSETVoyager220001.bat ()
Shortcut: C:UsersRogerAppDataRoamingMicrosoftWindowsStart MenuProgramsVirgin VoyagerRenumber to 220 003.lnk -> C:MSTSTRAINSTRAINSETVoyager220003.bat ()
Shortcut: C:UsersRogerAppDataRoamingMicrosoftWindowsStart MenuProgramsVirgin VoyagerRenumber to 220 004.lnk -> C:MSTSTRAINSTRAINSETVoyager220004.bat ()
Shortcut: C:UsersRogerAppDataRoamingMicrosoftWindowsStart MenuProgramsVirgin VoyagerRenumber to 220 005.lnk -> C:MSTSTRAINSTRAINSETVoyager220005.bat ()
Shortcut: C:UsersRogerAppDataRoamingMicrosoftWindowsStart MenuProgramsVirgin VoyagerRenumber to 220 006.lnk -> C:MSTSTRAINSTRAINSETVoyager220006.bat ()
Shortcut: C:UsersRogerAppDataRoamingMicrosoftWindowsStart MenuProgramsVirgin VoyagerRenumber to 220 025.lnk -> C:MSTSTRAINSTRAINSETVoyager220025.bat ()

==================== Loaded Modules (Whitelisted) =============

2016-02-26 16:29 – 2016-02-26 16:29 – 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:Program FilesAMDCNextCNextatiamenu.dll
2016-12-27 09:04 – 2016-12-27 09:04 – 000160256 _____ (Canon Electronics Inc.) [File not signed] C:Program Files (x86)Canon ElectronicsShared Filesceiinfolog.dll
2018-11-22 13:50 – 2018-11-22 13:50 – 000645120 _____ (Canon Electronics Inc.) [File not signed] C:Program Files (x86)Canon ElectronicsShared FilesCeiStin.dll
2016-11-14 11:08 – 2016-11-14 11:08 – 000186368 _____ (Canon Electronics Inc.) [File not signed] C:Program FilesCanon ElectronicsShared Filesceiinfolog.dll
2015-10-16 15:44 – 2015-10-16 15:44 – 000271360 _____ (Canon Electronics Inc.) [File not signed] C:Program FilesCanon ElectronicsShared Filescsdloc.dll
2018-05-05 18:16 – 2012-03-14 05:00 – 000385024 _____ (CANON INC.) [File not signed] C:WindowsSystem32CNMLMAA.DLL
2010-11-19 11:08 – 2010-11-19 11:08 – 000086016 _____ (Igor Pavlov) [File not signed] C:Program Files7-Zip7-zip.dll
2021-07-22 06:44 – 2021-07-22 06:44 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirus1033avg.local_vc142.crtapi-ms-win-core-file-l1-2-0.dll
2021-07-22 06:44 – 2021-07-22 06:44 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirus1033avg.local_vc142.crtapi-ms-win-core-file-l2-1-0.dll
2021-07-22 06:44 – 2021-07-22 06:44 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirus1033avg.local_vc142.crtapi-ms-win-core-localization-l1-2-0.dll
2021-07-22 06:44 – 2021-07-22 06:44 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirus1033avg.local_vc142.crtapi-ms-win-core-processthreads-l1-1-1.dll
2021-07-22 06:44 – 2021-07-22 06:44 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirus1033avg.local_vc142.crtapi-ms-win-core-synch-l1-2-0.dll
2021-07-22 06:44 – 2021-07-22 06:44 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirus1033avg.local_vc142.crtapi-ms-win-core-timezone-l1-1-0.dll
2021-07-22 06:44 – 2021-07-22 06:44 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirus1033avg.local_vc142.crtapi-ms-win-crt-convert-l1-1-0.dll
2021-07-22 06:44 – 2021-07-22 06:44 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirus1033avg.local_vc142.crtapi-ms-win-crt-heap-l1-1-0.dll
2021-07-22 06:44 – 2021-07-22 06:44 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirus1033avg.local_vc142.crtapi-ms-win-crt-runtime-l1-1-0.dll
2021-07-22 06:44 – 2021-07-22 06:44 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirus1033avg.local_vc142.crtapi-ms-win-crt-stdio-l1-1-0.dll
2021-07-22 06:44 – 2021-07-22 06:44 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirus1033avg.local_vc142.crtapi-ms-win-crt-string-l1-1-0.dll
2021-07-22 06:44 – 2021-07-22 06:44 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirus1033avg.local_vc142.crtucrtbase.DLL
2021-07-22 06:44 – 2021-07-22 06:44 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirus1033avg.local_vc142.crtVCRUNTIME140.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-core-file-l1-2-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-core-file-l2-1-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-core-localization-l1-2-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-core-processthreads-l1-1-1.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-core-synch-l1-2-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-core-timezone-l1-1-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-crt-convert-l1-1-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-crt-environment-l1-1-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-crt-filesystem-l1-1-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-crt-heap-l1-1-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-crt-locale-l1-1-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-crt-math-l1-1-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-crt-multibyte-l1-1-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-crt-runtime-l1-1-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-crt-stdio-l1-1-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-crt-string-l1-1-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-crt-time-l1-1-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtapi-ms-win-crt-utility-l1-1-0.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtMSVCP140.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtucrtbase.DLL
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtVCRUNTIME140.dll
2021-07-23 12:17 – 2021-07-23 12:17 – 000000000 ____L (Microsoft Corporation) C:Program FilesAVGAntivirusdefs21072300avg.local_vc142.crtVCRUNTIME140_1.dll
2015-09-26 04:34 – 2015-09-29 01:08 – 000255488 _____ (Sysprogs OU) [File not signed] C:Program Files (x86)WinCDEmux64WinCDEmuContextMenu.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalavgSP.sys => “”=”Driver”
HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => “”=”Service”
HKLMSYSTEMCurrentControlSetControlSafeBootNetworkavgSP.sys => “”=”Driver”
HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => “”=”Service”
HKLMSYSTEMCurrentControlSetControlSafeBootNetworkSntpService => “”=”service”

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKUS-1-5-21-2753872946-3147176540-3625591976-1000SoftwareMicrosoftInternet ExplorerMain,Start Page = hxxps://www.google.co.th/
HKUS-1-5-21-2753872946-3147176540-3625591976-500SoftwareMicrosoftInternet ExplorerMain,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKUS-1-5-21-2753872946-3147176540-3625591976-1000 -> DefaultScope 6BECBB53-5E56-427D-9EF8-B96E1462C6C3 URL = hxxps://www.google.com/search?q=searchTerms&sourceid=ie7&rls=com.microsoft:language:referrer:source&ie=inputEncoding?&oe=outputEncoding?
SearchScopes: HKUS-1-5-21-2753872946-3147176540-3625591976-1000 -> 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =
SearchScopes: HKUS-1-5-21-2753872946-3147176540-3625591976-1000 -> 6BECBB53-5E56-427D-9EF8-B96E1462C6C3 URL = hxxps://www.google.com/search?q=searchTerms&sourceid=ie7&rls=com.microsoft:language:referrer:source&ie=inputEncoding?&oe=outputEncoding?
SearchScopes: HKUS-1-5-21-2753872946-3147176540-3625591976-1000 -> 849BAD7E-D841-4C99-BD61-066491A304F8 URL = hxxps://www.google.com/search?q=searchTerms&sourceid=ie7&rls=com.microsoft:language:referrer:source&ie=inputEncoding?&oe=outputEncoding?
SearchScopes: HKUS-1-5-21-2753872946-3147176540-3625591976-1000 -> 9975CEFB-2FE2-4007-B332-525A9B4A70E1 URL = hxxps://duckduckgo.com/?q=searchTerms
BHO: ExplorerWnd Helper -> 10921475-03CE-4E04-90CE-E2E7EF20C814 -> C:Program Files (x86)IObitIObit UninstallerUninstallExplorer.dll => No File
BHO: Canon Easy-WebPrint EX BHO -> 3785D0AD-BFFF-47F6-BF5B-A587C162FED9 -> C:Program FilesCanonEasy-WebPrint EXewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: SteadyVideoBHO Class -> 6C680BAE-655C-4E3D-8FC4-E6A520C3D928 -> C:Program FilesAMDSteadyVideoSteadyVideo.dll [2012-02-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
BHO: Java™ Plug-In SSV Helper -> 761497BB-D6F0-462C-B6EB-D4DAF1D92D43 -> C:Program FilesJavajre1.8.0_231binssv.dll [2019-10-24] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> DBC80044-A445-435b-BC74-9C25C1C588A9 -> C:Program FilesJavajre1.8.0_231binjp2ssv.dll [2019-10-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> 3785D0AD-BFFF-47F6-BF5B-A587C162FED9 -> C:Program Files (x86)CanonEasy-WebPrint EXewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: SteadyVideoBHO Class -> 6C680BAE-655C-4E3D-8FC4-E6A520C3D928 -> C:Program Files (x86)amdSteadyVideoSteadyVideo.dll [2012-02-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
BHO-x32: Evernote extension -> 92EF2EAD-A7CE-4424-B0DB-499CF856608E -> C:Program Files (x86)EvernoteEvernoteEvernoteIE.dll [2020-06-24] (Evernote Corporation -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Toolbar: HKLM – Canon Easy-WebPrint EX – 759D9886-0C6F-4498-BAB6-4A5F47C6C72F – C:Program FilesCanonEasy-WebPrint EXewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 – Canon Easy-WebPrint EX – 759D9886-0C6F-4498-BAB6-4A5F47C6C72F – C:Program Files (x86)CanonEasy-WebPrint EXewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Filter: video/mp4 – 20C75730-7C25-476B-95DC-C65810F9E489 – C:Program FilesAMDSteadyVideoVideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter-x32: video/mp4 – 20C75730-7C25-476B-95DC-C65810F9E489 – C:Program Files (x86)amdSteadyVideoVideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter: video/x-flv – 20C75730-7C25-476B-95DC-C65810F9E489 – C:Program FilesAMDSteadyVideoVideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter-x32: video/x-flv – 20C75730-7C25-476B-95DC-C65810F9E489 – C:Program Files (x86)amdSteadyVideoVideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-11-15 22:25 – 2021-07-07 09:42 – 000000828 _____ C:Windowssystem32driversetchosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKUS-1-5-21-2753872946-3147176540-3625591976-1000Control PanelDesktop\Wallpaper -> C:UsersRogerAppDataRoamingMicrosoftWindowsThemesTranscodedWallpaper.jpg
HKUS-1-5-21-2753872946-3147176540-3625591976-500Control PanelDesktop\Wallpaper -> C:WindowsWebWallpaperLandscapesimg8.jpg
DNS Servers: 8.8.8.8 – 8.8.4.4
HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIGServices: QHActiveDefense =>
MSCONFIGstartupreg: AdobeGCInvoker-1.0 => “C:Program Files (x86)Common FilesAdobeAdobeGCClientAGCInvokerUtility.exe”

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [E27995A1-4F24-4DB3-A99D-EE4508961CCF] => (Allow) C:Program FilesCCleanerCCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [DC944233-2C99-455C-871D-E9999C61CAF0] => (Allow) C:Program FilesCCleanerCCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [UDP Query User12DC29A7-E0F7-4D4C-AD03-6F0B612A73C0C:program filesvideolanvlcvlc.exe] => (Allow) C:program filesvideolanvlcvlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User930F515E-FE4A-4CAF-A274-97037E70B9DDC:program filesvideolanvlcvlc.exe] => (Allow) C:program filesvideolanvlcvlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [BD1C8098-8190-4E76-8C80-392A42685CEB] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [146D71CB-E9A3-49A6-9974-4EE599D461E4] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [D25973EE-36E5-44BC-B38F-94B038B8B176] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [61405EC8-8292-478C-992F-1C1FEC1160A6] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [837010A2-9FD5-4C3C-AAC1-0E28ECA962ED] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [470C298B-665F-4FCA-88D0-5023E28B7740] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [730250E3-9ADD-430E-A5F5-A4D9BBB562A7] => (Allow) C:Program Files (x86)AOMEI BackupperABService.exe (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.)
FirewallRules: [7EA6A63D-6966-47D8-B01B-5571E3318723] => (Allow) C:Program Files (x86)AOMEI BackupperABService.exe (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.)
FirewallRules: [15E9B1E3-306D-450D-AC82-710D09F0B3E3] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [BB7D667A-E555-4FCE-A513-CACE784884E7] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User43EFD5A3-5A3D-4BD2-90A4-919273D9CB13C:program filesqbittorrentqbittorrent.exe] => (Allow) C:program filesqbittorrentqbittorrent.exe () [File not signed]
FirewallRules: [UDP Query UserA6A89E1D-CB73-43E2-ABEB-78BF51F97382C:program filesqbittorrentqbittorrent.exe] => (Allow) C:program filesqbittorrentqbittorrent.exe () [File not signed]
FirewallRules: [TCP Query UserC8A363EB-98C9-451A-AA4E-A7817A674468D:x-plane 11x-plane.exe] => (Allow) D:x-plane 11x-plane.exe (Laminar Research, LLC -> Laminar Research)
FirewallRules: [UDP Query UserA0216D38-8E18-41DC-A259-6CA0ED36DBDCD:x-plane 11x-plane.exe] => (Allow) D:x-plane 11x-plane.exe (Laminar Research, LLC -> Laminar Research)
FirewallRules: [EA68B5D9-9F4D-4B42-AFDF-7FC9D1B025FC] => (Allow) C:Program FilesNetBeans 8.2binnetbeans64.exe (Oracle Corporation) [File not signed]
FirewallRules: [10155254-8AFD-4395-976D-D81A9BE8A844] => (Allow) C:Program FilesNetBeans 8.2binnetbeans64.exe (Oracle Corporation) [File not signed]
FirewallRules: [D1879F6C-7704-4B2E-A080-CFA783A30255] => (Allow) C:Program FilesNetBeans 8.2binnetbeans64.exe (Oracle Corporation) [File not signed]
FirewallRules: [0FB64524-CBA9-45B2-99E0-AA8A9E74B2AB] => (Allow) C:Program FilesNetBeans 8.2binnetbeans64.exe (Oracle Corporation) [File not signed]
FirewallRules: [7EB1FDC4-CD9C-40DE-A74E-4554A3BAF5C8] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)
FirewallRules: [1DE33E15-53E2-4EC4-A793-702C9CF3E660] => (Allow) C:Program Files (x86)SteamSteam.exe (Valve -> Valve Corporation)
FirewallRules: [EBFF86FA-BBFB-465E-8974-6ED53617E093] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [CE92BC77-77E1-45CA-AA35-99B07BF9CE40] => (Allow) C:Program Files (x86)Steambincefcef.win7steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [774A2121-6A34-4E31-AF1B-AEE6168BB87A] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [E0239EB9-E461-4FC5-84E2-C678317BE001] => (Allow) C:Program Files (x86)Steambincefcef.win7x64steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [3A6A4A6B-CCB8-4302-BAF4-09F9DC302653] => (Allow) C:Program FilesOpenShot Video Editoropenshot-qt.exe (OpenShot Studios, LLC) [File not signed]
FirewallRules: [88B9C847-177B-48D1-BC60-99869A7BBB79] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [FE6EBFF6-D10C-4DBB-A576-CB84F29361BE] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [D0CE2BE1-084B-4BDF-91FC-46995106814D] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [7CEA6CCD-B059-4FE4-A278-C9FDBC25C2A9] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [BA7C9D4B-261D-4CB2-A5C7-B33DA7510550] => (Allow) C:Program FilesqBittorrentqbittorrent.exe () [File not signed]
FirewallRules: [F50200A4-EF95-4DB5-B57A-92D795435D65] => (Allow) C:Program FilesqBittorrentqbittorrent.exe () [File not signed]
FirewallRules: [53C9F76A-3CC1-4DB4-9B85-BD15AA30EBBD] => (Allow) C:Program FilesGoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)
FirewallRules: [527F3939-0794-466E-AFDD-214B326BB041] => (Allow) C:Program Files (x86)AOMEI BackupperABService.exe (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.)
FirewallRules: [47E98F92-685A-46B2-A3AB-8BD8B885F6E7] => (Allow) C:Program Files (x86)AOMEI BackupperABService.exe (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.)
FirewallRules: [E72D2A8D-B67E-4AF0-B787-A0A8F90D8173] => (Allow) C:Program Files (x86)AVGBrowserApplicationAVGBrowser.exe (AVG Technologies USA, LLC -> AVG Technologies)

==================== Restore Points =========================

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (07/23/2021 01:02:33 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: AVG Update Helper — Error 1316. The specified account already exists.

Error: (07/23/2021 12:19:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AUEPMaster.exe, version: 1850.27.1.302, time stamp: 0x5c7af155
Faulting module name: AUEPMaster.exe, version: 1850.27.1.302, time stamp: 0x5c7af155
Exception code: 0xc0000005
Fault offset: 0x0000000000006b42
Faulting process id: 0x1658
Faulting application start time: 0x01d77f81e378bbad
Faulting application path: C:Program FilesAMDPerformance Profile ClientAUEPMaster.exe
Faulting module path: C:Program FilesAMDPerformance Profile ClientAUEPMaster.exe
Report Id: 7d6733eb-eb75-11eb-ab39-e0d55e33c7c4

Error: (07/23/2021 12:14:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query “SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA “Win32_Processor” AND TargetInstance.LoadPercentage > 99″ could not be reactivated in namespace “//./root/CIMV2” because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (07/23/2021 12:14:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: InstallManagerApp.exe, version: 9.0.0.1, time stamp: 0x56d0b346
Faulting module name: InstallManagerApp.exe, version: 9.0.0.1, time stamp: 0x56d0b346
Exception code: 0xc0000005
Fault offset: 0x00000000000b64f1
Faulting process id: 0xaa8
Faulting application start time: 0x01d77f818863c905
Faulting application path: C:Program FilesAMDCIMBin64InstallManagerApp.exe
Faulting module path: C:Program FilesAMDCIMBin64InstallManagerApp.exe
Report Id: dc8a4285-eb74-11eb-ab39-e0d55e33c7c4

Error: (07/23/2021 11:59:46 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: AVG Update Helper — Error 1316. The specified account already exists.

Error: (07/23/2021 10:56:14 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: AVG Update Helper — Error 1316. The specified account already exists.

Error: (07/23/2021 10:45:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AUEPMaster.exe, version: 1850.27.1.302, time stamp: 0x5c7af155
Faulting module name: AUEPMaster.exe, version: 1850.27.1.302, time stamp: 0x5c7af155
Exception code: 0xc0000005
Fault offset: 0x0000000000006b42
Faulting process id: 0x1544
Faulting application start time: 0x01d77f74f7320414
Faulting application path: C:Program FilesAMDPerformance Profile ClientAUEPMaster.exe
Faulting module path: C:Program FilesAMDPerformance Profile ClientAUEPMaster.exe
Report Id: 5d117d7e-eb68-11eb-a15c-e0d55e33c7c4

Error: (07/23/2021 10:44:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: nvcontainer.exe, version: 1.33.2988.2648, time stamp: 0x6082bd2b
Faulting module name: ntdll.dll, version: 6.1.7601.24545, time stamp: 0x5e0eb67f
Exception code: 0xc000041d
Fault offset: 0x0000000000032ad4
Faulting process id: 0x6ec
Faulting application start time: 0x01d77f74b15d4f66
Faulting application path: C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe
Faulting module path: C:WindowsSYSTEM32ntdll.dll
Report Id: 597ac462-eb68-11eb-a15c-e0d55e33c7c4

System errors:
=============
Error: (07/23/2021 12:19:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AMD User Experience Program Launcher service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/23/2021 12:17:22 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (07/23/2021 12:17:05 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
Overlapped I/O operation is in progress.

Error: (07/23/2021 12:17:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
Overlapped I/O operation is in progress.

Error: (07/23/2021 12:17:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
Overlapped I/O operation is in progress.

Error: (07/23/2021 12:17:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
Overlapped I/O operation is in progress.

Error: (07/23/2021 12:17:05 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x800703e5.

Error: (07/23/2021 12:17:04 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x800703e5.

Windows Defender:
================
Date: 2018-12-17 04:54:47.930
Description:
Windows Defender scan has been stopped before completion.
Scan Type:AntiSpyware
Scan Parameters:Full Scan

==================== Memory info ===========================

BIOS: American Megatrends Inc. FD 12/07/2016
Motherboard: Gigabyte Technology Co., Ltd. F2A68HM-DS2
Processor: AMD A10-5800K APU with Radeon™ HD Graphics
Percentage of memory in use: 81%
Total physical RAM: 8138.01 MB
Available physical RAM: 1519.89 MB
Total Virtual: 16274.16 MB
Available Virtual: 8524.13 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:310 GB) (Free:74.29 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:310.84 GB) (Free:105.64 GB) NTFS
Drive e: () (Fixed) (Total:310.67 GB) (Free:218.8 GB) NTFS
Drive g: (Backup) (Fixed) (Total:931.48 GB) (Free:305 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 783CAA8B)
Partition 1: (Active) – (Size=310 GB) – (Type=07 NTFS)
Partition 2: (Not Active) – (Size=621.5 GB) – (Type=0F Extended)

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 16F2A91F)

Partition: GPT.

==================== End of Addition.txt =======================

Next Post

Kinetic by Windstream home internet review: Results may vary

Igor Golovniov/SOPA Images/LightRocket/Getty Images When you’re shopping for internet in rural areas, options are often limited to either satellite or whatever local provider happens to be available. If Kinetic by Windstream is that wild-card provider, your internet options are likely better than most across the broadband divide. Kinetic (the brand […]