Please check my logs for any issues: Firewall was somehow off

So Farrare

My computer chair arm was stuck on my keyboard when I rebooted. My Windows rebooted on it’s own to safemode. When I returned, I noticed Windows Firewall was off and I couldn’t enable it. I had to use Tweaking.com repair.   I ran SuperAntiSpyware and it found an odd little […]

My computer chair arm was stuck on my keyboard when I rebooted. My Windows rebooted on it’s own to safemode. When I returned, I noticed Windows Firewall was off and I couldn’t enable it. I had to use Tweaking.com repair.

 

I ran SuperAntiSpyware and it found an odd little file something about readerfile and it asked me to remove it.

 

I am attaching my FRST and ADDITION logs here for your review.

 

FRST txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-09-2021

Ran by MeONLY (administrator) on PC (05-09-2021 13:11:32)

Running from E:IDM Downloads

Loaded Profiles: MeONLY

Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)

Default browser: Chrome

Boot Mode: Normal

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:Program Files (x86)AMDATI.ACECore-StaticCCC.exe

(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:Program Files (x86)AMDATI.ACECore-StaticMOM.exe

(ASUSTeK Computer Inc.) [File not signed] C:Program Files (x86)ASUSAsSysCtrlService1.00.03AsSysCtrlService.exe

(ASUSTeK Computer Inc.) [File not signed] C:Program Files (x86)ASUSEPU-6 EngineSixEngine.exe

(Janos Mathe -> H.D.S. Hungary) C:Program Files (x86)Hard Disk SentinelHDSentinel.exe

(Microsoft Windows -> Microsoft Corporation) C:Program FilesWindows Sidebarsidebar.exe

(Microsoft Windows -> Microsoft Corporation) C:WindowsSystem32dllhost.exe

(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:WindowsSystem32atieclxx.exe

(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:WindowsSystem32atiesrxx.exe

(NEC Electronics Corporation) [File not signed] C:Program Files (x86)NEC ElectronicsUSB 3.0 Host Controller DriverApplicationnusb3mon.exe

(Realtek Semiconductor Corp -> Realtek Semiconductor) C:Program FilesRealtekAudioHDARAVCpl64.exe

(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:Program FilesSUPERAntiSpywareSASCore64.exe

(Support.com Inc -> SUPERAntiSpyware) C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe

(Tonec Inc. -> Tonec Inc.) C:Program Files (x86)Internet Download ManagerIEMonitor.exe

(Tonec Inc.) [File not signed] C:Program Files (x86)Internet Download ManagerIDMan.exe

(voidtools -> voidtools) C:Program FilesEverythingEverything.exe <2>

(Windscribe Limited -> Windscribe Limited) C:Program Files (x86)WindscribeWindscribeService.exe

 

==================== Registry (Whitelisted) ===================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM…Run: [RtHDVCpl] => C:Program FilesRealtekAudioHDARAVCpl64.exe [10038304 2010-01-29] (Realtek Semiconductor Corp -> Realtek 

 

Semiconductor)

HKLM…Run: [Everything] => C:Program FilesEverythingEverything.exe [2261600 2021-05-12] (voidtools -> voidtools)

HKLM-x32…Run: [StartCCC] => C:Program Files (x86)AMDATI.ACECore-Staticamd64CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, 

 

Inc. -> Advanced Micro Devices, Inc.)

HKLM-x32…Run: [NUSB3MON] => C:Program Files (x86)NEC ElectronicsUSB 3.0 Host Controller DriverApplicationnusb3mon.exe [106496 2010-01-

 

22] (NEC Electronics Corporation) [File not signed]

HKLM-x32…Run: [M17A] => C:Windowstwain_32Brimm17aCommonTwDsUiLaunch.exe [85928 2020-11-03] (Microsoft Windows Hardware Compatibility 

 

Publisher -> )

HKLM-x32…Run: [ControlCenter4] => C:Program Files (x86)ControlCenter4BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother 

 

Industries, Ltd.)

HKLM-x32…Run: [BrStsMon00] => C:Program Files (x86)Browny02BrotherBrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [File not 

 

signed]

HKLM-x32…Run: [BrotherSoftwareUpdateNotification] => C:Program Files (x86)BrotherSoftwareUpdateNotification

 

SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [File not signed]

HKLM-x32…Run: [masqform.exe] => C:Program Files (x86)PureEdgeViewer 6.5masqform.exe [643072 2005-08-11] (PureEdge™ Solutions Inc.) [File 

 

not signed]

HKUS-1-5-21-4152996346-4113304775-1243249153-1001…Run: [IDMan] => C:Program Files (x86)Internet Download ManagerIDMan.exe [5694464 2021-

 

07-16] (Tonec Inc.) [File not signed]

HKUS-1-5-21-4152996346-4113304775-1243249153-1001…Run: [SUPERAntiSpyware] => C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe 

 

[11224432 2021-08-19] (Support.com Inc -> SUPERAntiSpyware)

HKUS-1-5-21-4152996346-4113304775-1243249153-1001…MountPoints2: ce54d825-c249-11eb-82b9-485b393e06ec – “F:WD SmartWare.exe” autoplay=true

HKLM…PrintMonitorsAdobe PDF Port Monitor: C:Windowssystem32AdobePDF.dll [65496 2021-04-27] (Adobe Inc. -> Adobe Systems Inc)

HKLMSoftwareMicrosoftActive SetupInstalled Components: [8A69D345-D564-463c-AFF1-A69D9E530F96] -> C:Program Files (x86)GoogleChrome

 

Application93.0.4577.63Installerchrmstp.exe [2021-09-05] (Google LLC -> Google LLC)

Startup: C:UsersMeONLYAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupSidebar256.lnk [2021-09-05]

ShortcutTarget: Sidebar256.lnk -> C:Program FilesWindows Sidebarsidebar.exe (Microsoft Windows -> Microsoft Corporation)

GroupPolicy: Restriction ? <==== ATTENTION

GroupPolicyUser: Restriction ? <==== ATTENTION

Policies: C:ProgramDataNTUSER.pol: Restriction <==== ATTENTION

Policies: C:UsersMeONLYNTUSER.pol: Restriction <==== ATTENTION

 

==================== Scheduled Tasks (Whitelisted) ============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: 37A5D6AD-663A-435C-B0A0-15810D8467CD – System32TasksOpen URL by RoboForm => C:Windowssystem32rundll32.exe 

 

url.dll,FileProtocolHandler “https://addons.mozilla.org/en-US/firefox/addon/roboform/”

Task: 40D54E70-E4C7-4CBE-91B7-894DFFB25360 – System32TasksCCleaner Update => E:Program FilesCCleanerCCUpdate.exe [684976 2021-08-16] 

 

(Piriform Software Ltd -> Piriform)

Task: 4FDD120F-7AF3-4045-A416-62DF2DFB59B6 – System32TasksGoogleUpdateTaskUserS-1-5-21-4152996346-4113304775-1243249153-1001UA => C:Users

 

MeONLYAppDataLocalGoogleUpdateGoogleUpdate.exe

Task: 5112382D-2A89-488E-B1B7-E710137FF814 – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe 

 

[153168 2020-12-23] (Google Inc -> Google Inc.)

Task: 5798A62F-D30C-4694-A3A5-49104B7F279F – System32TasksGoogleUpdateTaskUserS-1-5-21-4152996346-4113304775-1243249153-1001Core => C:Users

 

MeONLYAppDataLocalGoogleUpdateGoogleUpdate.exe

Task: 707AB5C5-0839-40FD-8087-4FB5AC9D4B3D – System32TasksPowerENGAGE => Command(1): msiexec -> /f 400A01BF-E908-4393-BD39-31E386377BDA 

 

/quiet /qn

Task: 707AB5C5-0839-40FD-8087-4FB5AC9D4B3D – System32TasksPowerENGAGE => Command(2): PowerENGAGE.exe -> scheduled-run

Task: 75F43331-8D51-4683-B6B2-3168C8556307 – System32Tasksklcp_update => C:Program Files (x86)K-Lite Codec PackToolsCodecTweakTool.exe 

 

[1907712 2021-06-23] () [File not signed]

Task: 86C20CAF-F4EF-41D9-AB9E-FC9F8C8506AD – System32TasksMozillaFirefox Default Browser Agent 308046B0AF4A39CB => C:Program FilesMozilla 

 

Firefoxdefault-browser-agent.exe [673720 2021-08-25] (Mozilla Corporation -> Mozilla Foundation)

Task: 94770247-402D-4F53-934D-82A2BBCAE95E – System32TasksCCleanerSkipUAC – MeONLY => E:Program FilesCCleanerCCleaner.exe [29211264 2021-

 

08-16] (Piriform Software Ltd -> Piriform Software Ltd)

Task: A2C65301-0FFE-4DAC-A498-BAD294D19C2B – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdate

 

GoogleUpdate.exe [153168 2020-12-23] (Google Inc -> Google Inc.)

Task: C4B54CA9-8AEF-45B9-B016-3BB6C6EA24F1 – System32TasksCCleanerSkipUAC => E:Program FilesCCleanerCCleaner.exe [29211264 2021-08-16] 

 

(Piriform Software Ltd -> Piriform Software Ltd)

Task: D30ADCBF-5E77-48CA-AE8C-6AD002BADEB2 – System32TasksHardDiskSentinelHard Disk Sentinel_XX_202021 => C:Program Files (x86)Hard Disk 

 

SentinelHDSentinel.exe [5927816 2020-11-03] (Janos Mathe -> H.D.S. Hungary)

Task: E0F186F3-CE9A-4613-BDD7-1BC117067152 – System32TasksMicrosoftMicrosoft AntimalwareMpIdleTask => c:Program FilesMicrosoft Security 

 

Client\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

Task: E4D3A454-BEC2-4843-BCE6-D27AA6C603A3 – System32TasksASUSASUS SIX Engine => C:Program Files (x86)ASUSEPU-6 EngineSixEngine.exe 

 

[7275008 2009-12-01] (ASUSTeK Computer Inc.) [File not signed]

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

Winsock: Catalog5 08 C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWLIDNSP.DLL => No File 

Winsock: Catalog5 09 C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWLIDNSP.DLL => No File 

Winsock: Catalog5-x64 08 C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDNSP.DLL => No File 

Winsock: Catalog5-x64 09 C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDNSP.DLL => No File 

 

TcpipParameters: [DhcpNameServer] 64.59.144.100 64.59.150.143

Tcpip..Interfaces9CE83D7E-C470-4015-A45C-22874BE6C040: [NameServer] 1.1.1.1,1.0.0.1

Tcpip..Interfaces9CE83D7E-C470-4015-A45C-22874BE6C040: [DhcpNameServer] 64.59.144.100 64.59.150.143

 

FireFox:

========

FF DefaultProfile: bj8heq46.default

FF ProfilePath: C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesbj8heq46.default [2021-08-24]

FF ProfilePath: C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446 [2021-09-05]

FF Extension: (Grammarly for Firefox) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-

 

[email protected]xpi [2021-08-25]

FF Extension: (Facebook Container) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensions

 

@contain-facebook.xpi [2021-08-04]

FF Extension: (Emoji Keyboard – Emojis For Firefox) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-

 

[email protected] [2021-05-26]

FF Extension: (Firefox Multi-Account Containers) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-

 

[email protected] [2021-08-11]

FF Extension: (VPN Unlimited – best extension for your browser Protect all your valuable private data and unblock any Website Add-on free) – C:

 

UsersMeONLYAppDataRoamingMozilla[email protected]vpn-unlimited-secure-proxy.xpi [2021-

 

05-26]

FF Extension: (Windscribe – Free Proxy and Ad Blocker) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-

 

[email protected] [2021-08-04]

FF Extension: (Dark Reader) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensions

 

[email protected] [2021-07-08]

FF Extension: (AdGuard AdBlocker) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensions

 

[email protected] [2021-08-26]

FF Extension: (Bookmark Dupes) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensions

 

[email protected] [2021-05-26]

FF Extension: (Bookmarks Organizer) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensions

 

[email protected] [2021-05-26]

FF Extension: (TunnelBear VPN) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensions

 

[email protected] [2021-05-26]

FF Extension: (Cookie AutoDelete) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensions

 

[email protected] [2021-05-26]

FF Extension: (Disable HTML5 Autoplay) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-

 

[email protected] [2021-05-26]

FF Extension: (Emoji) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensions

 

[email protected] [2021-08-04]

FF Extension: (Enhancer for YouTube™) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-

 

[email protected]a.org.xpi [2021-08-16]

FF Extension: (Ghostery – Privacy Ad Blocker) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-

 

[email protected] [2021-07-03]

FF Extension: (Tampermonkey) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensions

 

[email protected] [2021-05-26]

FF Extension: (iCloud Bookmarks) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensions

 

[email protected] [2021-05-26]

FF Extension: (HTTPS Everywhere) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensions

 

[email protected] [2021-07-14]

FF Extension: (Tab Reloader (page auto refresh)) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-

 

[email protected]xpi [2021-07-20]

FF Extension: (Disable WebRTC) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensionsjid1

 

[email protected] [2021-05-26]

FF Extension: (Honey) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensionsjid1-

 

[email protected] [2021-06-24]

FF Extension: (To Google Translate) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensions

 

[email protected] [2021-06-23]

FF Extension: (Location Guard) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensionsjid1

 

[email protected] [2021-05-26]

FF Extension: (Fast Image Blocker) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensions

 

[email protected] [2021-06-20]

FF Extension: (YouTube Video Downloader – For Context Menu) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-

 

[email protected] [2021-05-26]

FF Extension: (Privacy Badger) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensionsjid1

 

[email protected] [2021-08-22]

FF Extension: (HTML Content Blocker) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-

 

[email protected] [2021-05-26]

FF Extension: (Dark Background and Light Text) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-

 

[email protected] [2021-05-26]

FF Extension: (Custom Page Zoom) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensions

 

[email protected] [2021-05-26]

FF Extension: (Autoplay No More) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensions

 

[email protected] [2021-05-26]

FF Extension: (IDM Integration Module) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-

 

[email protected]pi [2021-05-26]

FF Extension: (NordVPN #1 VPN Extension: Get VPN for Firefox) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-

 

[email protected] [2021-08-06]

FF Extension: (Save Page WE) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensions

 

[email protected] [2021-08-26]

FF Extension: (Auto-Sort Bookmarks) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensions

 

[email protected] [2021-05-26]

FF Extension: (TrafficLight) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensions

 

[email protected] [2021-07-03]

FF Extension: (uBlock Origin) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensions

 

[email protected] [2021-08-04]

FF Extension: (Social Video Downloader) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-

 

1622061914446Extensions0e68183-fc7d-4a91-b5cc-f7f8272386db.xpi [2021-05-26]

FF Extension: (Adblock for Youtube™) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-

 

1622061914446Extensionsac04bdb-d698-452f-8048-bcef1a3f4b0d.xpi [2021-05-26]

FF Extension: (Behave!) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensions17c7f098-

 

dbb8-4f15-ad39-8b578da80f7e.xpi [2021-05-26]

FF Extension: (Disable JavaScript) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensions

 

41f9e51d-35e4-4b29-af66-422ff81c8b41.xpi [2021-05-26]

FF Extension: (Bitwarden – Free Password Manager) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-

 

1622061914446Extensions446900e4-71c2-419f-a6a7-df9c091e268b.xpi [2021-08-22]

FF Extension: (SingleFile) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensions

 

531906d3-e22f-4a6c-a102-8057b88a1a63.xpi [2021-08-23]

FF Extension: (No Coin – Block miners on the web!) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-

 

1622061914446Extensions5657c026-efc3-4860-b43b-16e4eaa8a9aa.xpi [2021-05-26]

FF Extension: (NoScript) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensions73a6fe31-

 

595d-460b-a920-fcc0f8843232.xpi [2021-08-04]

FF Extension: (ClearURLs) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensions74145f27

 

-f039-47ce-a470-a662b129930a.xpi [2021-05-26]

FF Extension: (canvas-defender) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensions

 

94249bf3-29a3-4bb5-aa30-013883e8f2f4.xpi [2021-05-26]

FF Extension: (Tracking Token Stripper) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-

 

1622061914446Extensions9fda17be-849d-4f5b-a326-28d25f0f6d29.xpi [2021-05-26]

FF Extension: (User-Agent Switcher and Manager) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-

 

1622061914446Extensionsa6c4a591-f1b2-4f03-b3ff-767e5bedf4e7.xpi [2021-05-26]

FF Extension: (Feedbro) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-1622061914446Extensionsa9c2ad37-

 

e940-4892-8dce-cd73c6cbbc0c.xpi [2021-08-26]

FF Extension: (Video DownloadHelper) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-

 

1622061914446Extensionsb9db16a4-6edc-47ec-a1f4-b86292ed211d.xpi [2021-07-03]

FF Extension: (Bookmark Manager and Viewer) – C:UsersMeONLYAppDataRoamingMozillaFirefoxProfilesieuo5scu.default-release-

 

1622061914446Extensionsbeb1b1c0-32b9-47d8-bbd1-f65bed4e7c22.xpi [2021-05-26]

FF HKLM…FirefoxExtensions: [[email protected]] – C:Program Files (x86)AdobeAcrobat DCAcrobatBrowserWCFirefoxExtn

 

WebExtnsigned_extnadobe_acrobat-1.0-windows.xpi

FF Extension: (Adobe Acrobat) – C:Program Files (x86)AdobeAcrobat DCAcrobatBrowserWCFirefoxExtnWebExtnsigned_extnadobe_acrobat-1.0-

 

windows.xpi [2021-04-27]

FF HKLM…FirefoxExtensions: [[email protected]] – C:Program Files (x86)Foxit SoftwareFoxit PhantomPDFpluginsCreator

 

FirefoxAddinFFExtnHTML2PDF.xpi => not found

FF HKLM…FirefoxExtensions: [[email protected]] – C:Program Files (x86)Foxit SoftwareFoxit PhantomPDFplugins

 

[email protected]i => not found

FF HKLM-x32…FirefoxExtensions: [[email protected]] – C:Program Files (x86)AdobeAcrobat DCAcrobatBrowser

 

WCFirefoxExtnWebExtnsigned_extnadobe_acrobat-1.0-windows.xpi

FF HKLM-x32…FirefoxExtensions: [[email protected]] – C:Program Files (x86)Foxit SoftwareFoxit PhantomPDFpluginsCreator

 

FirefoxAddinFFExtnHTML2PDF.xpi => not found

FF HKLM-x32…FirefoxExtensions: [[email protected]] – C:Program Files (x86)Foxit SoftwareFoxit PhantomPDF

 

[email protected].com.xpi => not found

FF HKUS-1-5-21-4152996346-4113304775-1243249153-1001…SeaMonkeyExtensions: [[email protected]] – C:UsersMeONLY

 

AppDataRoamingIDMidmmzcc5

FF Extension: (IDM CC) – C:UsersMeONLYAppDataRoamingIDMidmmzcc5 [2021-05-25] [Legacy] [not signed]

FF HKUS-1-5-21-4152996346-4113304775-1243249153-1001…SeaMonkeyExtensions: [[email protected]] – C:Program Files 

 

(x86)Internet Download Manageridmmzcc2.xpi

FF Extension: (IDM integration) – C:Program Files (x86)Internet Download Manageridmmzcc2.xpi [2017-12-19] [Legacy]

FF Plugin: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin: adobe.com/AdobeAAMDetect -> C:Program Files (x86)Common FilesAdobeOOBEPDAppCCMUtilitiesnpAdobeAAMDetect64.dll [2015-01-23] 

 

(Adobe Systems Incorporated -> Adobe Systems)

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:Program Files (x86)Foxit SoftwareFoxit PhantomPDF

 

pluginsnpFoxitPhantomPDFPlugin.dll [No File]

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.cpdf -> C:Program Files (x86)Foxit SoftwareFoxit 

 

PhantomPDFpluginsnpFoxitPhantomPDFPlugin.dll [No File]

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:Program Files (x86)Foxit SoftwareFoxit 

 

PhantomPDFpluginsnpFoxitPhantomPDFPlugin.dll [No File]

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:Program Files (x86)Foxit SoftwareFoxit 

 

PhantomPDFpluginsnpFoxitPhantomPDFPlugin.dll [No File]

FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:Program Files (x86)Foxit SoftwareFoxit 

 

PhantomPDFpluginsnpFoxitPhantomPDFPlugin.dll [No File]

FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin-x32: Adobe Acrobat -> C:Program Files (x86)AdobeAcrobat DCAcrobatAirnppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:Program Files (x86)Common FilesAdobeOOBEPDAppCCMUtilitiesnpAdobeAAMDetect32.dll [2015-01-23] 

 

(Adobe Systems Incorporated -> Adobe Systems)

 

Chrome: 

=======

CHR DefaultProfile: Default

CHR Profile: C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefault [2021-09-05]

CHR HomePage: Default -> hxxp://i.maxthon.com/en-us.htm

CHR Extension: (Delete Social Media Posts, Photos, etc.) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

aefggpbkeofepfhnjcndhfgmbkhodcdb [2021-09-04]

CHR Extension: (Remove YouTube Autoplay) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

afppjndapmkekhnionfccdnajhdnokhj [2021-05-25]

CHR Extension: (Save as MHTML) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsahgakckdonjmnpnegjcamhagackmjpei [2021

 

-08-09]

CHR Extension: (ContentBlockHelper) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsahnpejopbfnjicblkhclaaefhblgkfpd 

 

[2021-05-25]

CHR Extension: (hxxps://login.live.com/login.srf?wa=wsignin1.) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

amgoaffiimojnoodhaefcjppfpehpodc [2020-12-22]

CHR Extension: (Anti Lazy Loading) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsamhbdjjhdcjcpjkjibbhnkkidigbfgmb 

 

[2021-05-25]

CHR Extension: (Docs) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2021-08-09]

CHR Extension: (Hot Deals – RedFlagDeals.com Forums) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

aokpgfjkbmijppgjhbglkmnfkbbdckno [2020-12-22]

CHR Extension: (Google Drive) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2020-

 

12-23]

CHR Extension: (Costco West Fan Blog – Secret Weekly Sale Items for BC, Alberta, Saskatchewan and Manitoba) – C:UsersMeONLYAppDataLocal

 

GoogleChromeUser DataDefaultExtensionsbeghbgmgdpokdpiibifejhfjhnicdnji [2020-12-22]

CHR Extension: (AdGuard AdBlocker) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsbgnkhhnnamicmpeenaelnjfhikgbkllg 

 

[2021-09-05]

CHR Extension: (User-Agent Switcher and Manager) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

bhchdcejhohfmigjafbampogmaanbfkg [2021-05-25]

CHR Extension: (Touch VPN – Secure and unlimited VPN proxy) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

bihmplhobchoageeokmgbdihknkjbknd [2020-12-22]

CHR Extension: (WebRTC Protect – Protect IP Leak) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

bkmmlbllpjdpgcgdohbaghfaecnddhni [2021-08-08]

CHR Extension: (YouTube) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2021-08-09]

CHR Extension: (Honey) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsbmnlcjabgnpnenekpadlanbbkooimhnj [2021-09-05]

CHR Extension: (Disable HTML5 Autoplay (Reloaded)) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

cafckninonjkogajnihihlnnimmkndgf [2021-05-25]

CHR Extension: (Windy.com) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionscboalpccembehmaeigcoelfaegmiknhl [2020-12-

 

22]

CHR Extension: (resizemy.photos) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionscedckdcmlfabmjkangihdbimghccobhp 

 

[2020-12-22]

CHR Extension: (TrafficLight) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionscfnpidifppmenkapgihekkeednfoenal [2021-

 

08-22]

CHR Extension: (Location Guard) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionscfohepagpmnodfdmjliccbbigdkfcgia 

 

[2021-05-25]

CHR Extension: (OneTab) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionschphlpgkkbolifaimnlloiipkdnihall [2021-07-20]

CHR Extension: (Allow right click –  simple copy) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

cinnaghekiafnplijmadmifnoaecefdd [2021-07-17]

CHR Extension: (Bookmarks Organizer) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionscjdenbocfdbjohomdaojaokiffjbnaca 

 

[2020-12-22]

CHR Extension: (uBlock Origin) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionscjpalhdlnbpafiamejdnhcphjbkeiagm [2021

 

-08-09]

CHR Extension: (hxxps://www.redflagdeals.com/) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

cmaikdeglblhpojhbonlfbdacbaenapg [2020-12-22]

CHR Extension: (Export links of all extensions) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

cmeckkgeamghjhkepejgjockldoblhcb [2020-12-22]

CHR Extension: (Adblock for Youtube™) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionscmedhionkhpnakcndndgjdbohmhepckk 

 

[2021-05-25]

CHR Extension: (Image Downloader) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionscnpniohnfphhjihaiiggeabnkjhpaldj 

 

[2021-05-25]

CHR Extension: (Free Avira Phantom VPN – Unblock Websites) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

dfkdflfgjdajbhocmfjolpjbebdkcjog [2020-12-22]

CHR Extension: (Tampermonkey) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsdhdgffkkebhmkfjojejmpbldmpobfkfo [2021-

 

05-26]

CHR Extension: (User-Agent Switcher for Chrome) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

djflhoibgkdhkhhcedjiklpkjnoahfmg [2020-12-22]

CHR Extension: (Old Reddit Redirect) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsdneaehbmnbhcippjikoajpoabadpodje 

 

[2021-07-14]

CHR Extension: (NoScript) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsdoojmbjmlfjjnbmnoijecmcbfeoakpjm [2021-08-

 

09]

CHR Extension: (Adobe Acrobat) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsefaidnbmnnnibpcajpcglclefindmkaj [2021

 

-08-06]

CHR Extension: (Better History) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsegehpkpgpgooebopjihjmnpejnjafefi 

 

[2021-05-25]

CHR Extension: (BlockSite: Block Websites & Stay Focused) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

eiimnmioipafcokbfikbljfdeojpcgbh [2021-07-23]

CHR Extension: (Google Keep) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionseilembjdkfgodjkcjnpgpaenohkicgjd [2020-

 

12-22]

CHR Extension: (Dark Reader) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionseimadpbcbfnmbkopoojfekhnkhdbieeh [2021-

 

07-07]

CHR Extension: (Sprucemarks) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsfakeocdnmmmnokabaiflppclocckihoj [2021-

 

05-25]

CHR Extension: (ZenMate Free VPN–Best VPN for Chrome) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

fdcgdnkidjaadafnichfpabhfomcebme [2021-08-24]

CHR Extension: (Sheets) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2020-12-23]

CHR Extension: (Stay secure with CyberGhost VPN Free Proxy) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

ffbkglfijbcbgblgflchnbphjdllaogb [2021-05-25]

CHR Extension: (Howbsy) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsfkogopahpkkcjjdjniiikmfmgajaecpd [2020-12-22]

CHR Extension: (hxxps://myactivity.google.com/activitycontrol) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

flpcbehmhjncekopjaaifhcoahciljoh [2020-12-22]

CHR Extension: (IBA Opt-out (by Google)) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

gbiekjoijknlhijdjbaadobpkdhmoebb [2020-12-22]

CHR Extension: (HTTPS Everywhere) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsgcbommkclmclpchllfjekcdonpmejbdp 

 

[2021-07-14]

CHR Extension: (Quick Javascript Switcher) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

geddoclleiomckbhadiaipdggiiccfje [2021-06-19]

CHR Extension: (PC Software | Pirate PC) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

gfekpphfgmfoljkpgpepdedahjecfcbd [2020-12-22]

CHR Extension: (URL Revealer) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsggfnchfbbaoedmibmholajghjpfjccae [2020-

 

12-22]

CHR Extension: (Google Docs Offline) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi 

 

[2021-06-24]

CHR Extension: (Simple Apps Launcher) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsghkpjogmachfebfbikjopkdcimjfekdm 

 

[2021-05-25]

CHR Extension: (VPN Free – Betternet Unlimited VPN Proxy) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

gjknjjomckknofjidppipffbpoekiipm [2021-05-25]

CHR Extension: (Change layout to classic for Facebook™) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

haejeocjfoanepijhblcajpingdkjkjg [2021-05-25]

CHR Extension: (Calculator) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionshcpbdjanfepobbkbnhmalalmfdmikmbe [2020-12

 

-22]

CHR Extension: (Read Aloud: A Text to Speech Voice Reader) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

hdhinadidafjejdhmfkjgnolgimiaplp [2021-08-14]

CHR Extension: (Weather Underground) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionshhloacinaafedjelpfeffmmlckblidke 

 

[2020-12-22]

CHR Extension: (SuperSorter) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionshjebfgojnlefhdgmomncgjglmdckngij [2021-

 

05-25]

CHR Extension: (Video Downloader Plus) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

hkdmdpdhfaamhgaojpelccmeehpfljgf [2021-05-25]

CHR Extension: (Windscribe – Free Proxy and Ad Blocker) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

hnmpcagpplmpfojmgmnngilcnanddlhb [2021-06-24]

CHR Extension: (Rakuten Canada Button) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

idpbkophnbfijcnlffdmmppgnncgappc [2021-05-25]

CHR Extension: (Imagus) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsimmpkjjlgappgfkkfieppnmlhakdmaab [2020-12-22]

CHR Extension: (Weather) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsiolcbmjhmpdheggkocibajddahbeiglb [2021-07-02]

CHR Extension: (Emoji Keyboard by JoyPixels®) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

ipdjnhgkpapgippgcgkfcbpdpcgifncb [2021-07-09]

CHR Extension: (Absolute Enable Right Click & Copy) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

jdocbkpgdakpekjlhemmfcncgdjeiika [2020-12-22]

CHR Extension: (Twitter) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsjgeocpdicgmkeemopbanhokmhcgcflmi [2020-12-22]

CHR Extension: (Moderator toolbox for reddit) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

jhjpjhhkcbkmgdkahnckfboefnkgghpo [2021-07-14]

CHR Extension: (Google Maps) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsjifkehijehefdmlocknffgcapliljmlb [2020-

 

12-22]

CHR Extension: (Open link in same tab, pop-up as tab [Free]) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

jmphljmgnagblkombahigniilhnbadca [2020-12-22]

CHR Extension: (Custom Page Zoom) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsjodiabicmogcbbiocceenmeflipeelle 

 

[2021-08-04]

CHR Extension: (Grammarly for Chrome) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionskbfnbcaeplbcioakkpcpgfkobkghlhen 

 

[2021-08-26]

CHR Extension: (Tracking Token Stripper) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

kcpnkledgcbobhkgimpbmejgockkplob [2021-05-25]

CHR Extension: (Google News) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionskfgapjallbhpciobgmlhlhokknljkgho [2020-

 

12-22]

CHR Extension: (Google Calendar) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionskjbdgfilnfhdoflbpgamdcdgpehopbep 

 

[2020-12-22]

CHR Extension: (Anti Adblock Detector) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

kjhdffcfinhkdfbbhjlfoadcdfgihmlp [2020-12-22]

CHR Extension: (Nukem) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionskpogandfndblomniegfaeakkjchmiedi [2021-05-25]

CHR Extension: (Canvas Fingerprint Defender) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

lanfdkkpgfjfdikkncbnojekcppdebfp [2021-05-25]

CHR Extension: (Google Sheets) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionslcahnhkcfaikkapifpaenbabamhfnecc [2020

 

-12-22]

CHR Extension: (Disable Extensions Temporarily) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

lcfdefmogcogicollfebhgjiiakbjdje [2020-12-22]

CHR Extension: (ClearURLs) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionslckanjgmijmafbedllaakclkaicjfmnk [2021-05-

 

25]

CHR Extension: (Decentraleyes) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsldpochfccmkkmhdbclfhpagapcfdljkj [2020

 

-12-22]

CHR Extension: (hxxps://drive.google.com/drive/my-drive) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

lkdnjjllhbbhgjfojnheoooeabjimbka [2020-12-22]

CHR Extension: (User-Agent Switcher) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionslkmofgnohbedopheiphabfhfjgkhfcgf 

 

[2020-12-22]

CHR Extension: (Load Lazyload Images) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsllenpijlflekljkpjnbnmkfeakfmlcmb 

 

[2021-05-25]

CHR Extension: (Video DownloadHelper) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionslmjnegcaeklhafolokijcfjliaokphfk 

 

[2021-07-01]

CHR Extension: (Distance, area, elevation measurement on the map) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

mdkgedmloifjliiinkchplpjnplgddec [2020-12-22]

CHR Extension: (Twean) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsmgdbopghpkjmgnhjfdnfeihnjgndjnbp [2021-06-16]

CHR Extension: (SingleFile) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsmpiodijhokgodhhofbcjdecpffjipkle [2021-09

 

-05]

CHR Extension: (Google Photos) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsncmjhecbjeaamljdfahankockkkdmedg [2020

 

-12-22]

CHR Extension: (hxxps://www.google.com/imghp?hl=EN) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

ndjcpkdpdbkjfknicmlanbdobmcddlgm [2020-12-22]

CHR Extension: (Save Webpages Offline As MHTML) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

nfbcfginnecenjncdjhaminfcienmehn [2021-06-30]

CHR Extension: (Site Blocker) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsngfijcaaocfhkcjjfldacagglibpglio [2020-

 

12-22]

CHR Extension: (IDM Integration Module) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

ngpampappnmepgilojfohadhhmbhlaek [2021-08-04]

CHR Extension: (Gmail Date Time Formatter) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

nkmaeogddfijadboccpafnmhkjhidgeb [2021-05-25]

CHR Extension: (Awesome Screenshot & Screen Recorder) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

nlipoenfbbikpbjkfpfillcgkoblgpmj [2021-09-05]

CHR Extension: (Chrome Web Store Payments) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

nmmhkkegccagdldgiimedpiccmgmieda [2021-05-25]

CHR Extension: (Bitwarden – Free Password Manager) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

nngceckbapebfimnlniiiahkandclblb [2021-08-26]

CHR Extension: (HTML Content Blocker) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsnobnkgabkebhhlgfddbemmefjnjnahoe 

 

[2021-05-25]

CHR Extension: (Switch to Classic design on Facebook™) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

oancckmjgaoejmbedngcoiakblhacbog [2021-05-25]

CHR Extension: (Notepad) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsobdfejfhobmclepnhldnjfmfgejhegnm [2020-12-22]

CHR Extension: (Autoplay No More) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsobiogedpmdnfaldjdjmnbpmhjjfnghnj 

 

[2021-05-25]

CHR Extension: (Neater Bookmarks) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsofgjggbjanlhbgaemjbkiegeebmccifi 

 

[2020-12-22]

CHR Extension: (ScriptSafe) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsoiigbmnaadbkfbmpbfijlflahbdbdgdf [2020-12

 

-22]

CHR Extension: (Grammar and Spell Checker — LanguageTool) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

oldceeleldhonbafppcapldpdifcinji [2021-08-04]

CHR Extension: (TunnelBear VPN) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsomdakjcmkglenbhjadbccaookpfjihpa 

 

[2021-05-25]

CHR Extension: (Bookmarks clean up) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsoncbjlgldmiagjophlhobkogeladjijl 

 

[2020-12-22]

CHR Extension: (LINE) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionsophjlpahpchlmihnnnihgmmeilfjmjjc [2021-08-09]

CHR Extension: (Downloader for OnlyFans.com) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

pdbbabjcnanbkimdgcdfbnghhmchomnh [2021-09-05]

CHR Extension: (Google Translate) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionspiecadaniamnhbcmbljplpjeabingbld 

 

[2020-12-22]

CHR Extension: (Gmail) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2020-12-23]

CHR Extension: (Privacy Badger) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionspkehgijcmpdhfbdbbnkijodmdjhbjlgp 

 

[2021-08-22]

CHR Extension: (RoboForm Password Manager) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensions

 

pnlccmojcmeohlpggmfnbbiapkmbliob [2021-08-22]

CHR Extension: (GeoProxy) – C:UsersMeONLYAppDataLocalGoogleChromeUser DataDefaultExtensionspooljnboifbodgifngpppfklhifechoe [2020-12-

 

22]

CHR Extension: (Download Manager) – C:Extensions Chrome needsDownloader4daoidaoebhfcgccdpgjjcbdginkofmfe [2021-05-26]

CHR Extension: (FBS II : Fast Bookmark Scanner II) – C:Extensions Chrome needsFast bookmarkgjcmklpilmpfhfjpebhnapnglcppdbic-20210509T022840Z-

 

001gjcmklpilmpfhfjpebhnapnglcppdbic [2021-05-26]

CHR Profile: C:UsersMeONLYAppDataLocalGoogleChromeUser DataGuest Profile [2021-09-05]

CHR Profile: C:UsersMeONLYAppDataLocalGoogleChromeUser DataSystem Profile [2021-09-05]

CHR HKLM…ChromeExtension: [cifnddnffldieaamihfkhkdgnbhfmaci] – C:Program Files (x86)Foxit SoftwareFoxit PhantomPDFpluginsCreator

 

ChromeAddinChromeAddin.crx <not found>

CHR HKLM…ChromeExtension: [ngpampappnmepgilojfohadhhmbhlaek] – C:Program Files (x86)Internet Download ManagerIDMGCExt.crx [2021-07-16]

CHR HKUS-1-5-21-4152996346-4113304775-1243249153-1001SOFTWAREGoogleChromeExtensions…ChromeExtension: [ngpampappnmepgilojfohadhhmbhlaek] 

 

– C:Program Files (x86)Internet Download ManagerIDMGCExt.crx [2021-07-16]

CHR HKLM-x32…ChromeExtension: [cifnddnffldieaamihfkhkdgnbhfmaci] – C:Program Files (x86)Foxit SoftwareFoxit PhantomPDFpluginsCreator

 

ChromeAddinChromeAddin.crx <not found>

CHR HKLM-x32…ChromeExtension: [efaidnbmnnnibpcajpcglclefindmkaj]

CHR HKLM-x32…ChromeExtension: [ngpampappnmepgilojfohadhhmbhlaek] – C:Program Files (x86)Internet Download ManagerIDMGCExt.crx [2021-07-

 

16]

 

==================== Services (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 !SASCORE; C:Program FilesSUPERAntiSpywareSASCORE64.EXE [173472 2021-01-09] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)

S4 AdobeARMservice; C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)

S4 AGSService; C:Program Files (x86)Common FilesAdobeAdobeGCClientAGSService.exe [2128872 2018-05-11] (Adobe Systems Incorporated -> Adobe 

 

Systems, Incorporated)

R2 AsSysCtrlService; C:Program Files (x86)ASUSAsSysCtrlService1.00.03AsSysCtrlService.exe [90112 2009-08-19] (ASUSTeK Computer Inc.) [File 

 

not signed]

S3 BrYNSvc; C:Program Files (x86)Browny02BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]

R2 Everything; C:Program FilesEverythingEverything.exe [2261600 2021-05-12] (voidtools -> voidtools)

S4 MsMpSvc; c:Program FilesMicrosoft Security ClientMsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

S3 NisSrv; c:Program FilesMicrosoft Security ClientNisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

S3 USBAppControl; C:Program Files (x86)BrotheriPrint&ScanUSBAppControl.exe [12288 2021-03-01] (Microsoft) [File not signed]

R2 WinDefend; C:Program FilesWindows Defendermpsvc.dll [1011712 2016-03-25] (Microsoft Windows -> Microsoft Corporation)

R2 WindscribeService; C:Program Files (x86)WindscribeWindscribeService.exe [1300352 2021-06-07] (Windscribe Limited -> Windscribe Limited)

S3 WorkflowAppControl; C:Program Files (x86)BrotheriPrint&ScanWorkflowAppControl.exe [20480 2021-03-01] (Microsoft) [File not signed]

 

===================== Drivers (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R1 AsIO; C:WindowsSysWow64driversAsIO.sys [13440 2009-08-03] (ASUSTeK Computer Inc. -> )

R3 KProcessHacker3; C:Program FilesProcess Hacker 2kprocesshacker.sys [45208 2016-03-29] (Wen Jia Liu -> wj32)

R0 MpFilter; C:WindowsSystem32DRIVERSMpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)

R3 MTsensor; C:WindowsSystem32DRIVERSASACPI.sys [15416 2009-07-15] (ASUSTeK Computer Inc. -> )

S3 NisDrv; C:WindowsSystem32DRIVERSNisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)

R3 nusb3hub; C:WindowsSystem32DRIVERSnusb3hub.sys [77824 2010-01-22] (Microsoft Windows Hardware Compatibility Publisher -> NEC Electronics 

 

Corporation)

R3 nusb3xhc; C:WindowsSystem32DRIVERSnusb3xhc.sys [180224 2010-01-22] (Microsoft Windows Hardware Compatibility Publisher -> NEC Electronics 

 

Corporation)

R1 SASDIFSV; C:Program FilesSUPERAntiSpywareSASDIFSV64.SYS [14928 2021-01-09] (Support.com, Inc. -> SUPERAdBlocker.com and 

 

SUPERAntiSpyware.com)

R1 SASKUTIL; C:Program FilesSUPERAntiSpywareSASKUTIL64.SYS [12368 2021-01-09] (Support.com, Inc. -> SUPERAdBlocker.com and 

 

SUPERAntiSpyware.com)

R3 tapwindscribe0901; C:WindowsSystem32DRIVERStapwindscribe0901.sys [48544 2021-05-25] (Windscribe Limited -> The OpenVPN Project)

U5 VWiFiFlt; C:WindowsSystem32DriversVWiFiFlt.sys [60416 2016-03-25] (Microsoft Windows -> Microsoft Corporation)

S3 WDC_SAM; C:WindowsSystem32DRIVERSwdcsam64.sys [14464 2011-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital 

 

Technologies)

S3 WindscribeSplitTunnel; C:WindowsSystem32DRIVERSWindscribeSplitTunnel.sys [25384 2021-06-07] (Windscribe Limited -> )

R3 windtun420; C:WindowsSystem32DRIVERSwindtun420.sys [38312 2021-06-07] (Windscribe Limited -> WireGuard LLC)

R1 YSDrv; C:Program Files (x86)BignoxBigNoxVMRTYSDrv.sys [340880 2021-07-16] (Nox Limited -> Nox Limited Corporation)

R3 yukonw7; C:WindowsSystem32DRIVERSyk62x64.sys [395264 2009-09-28] (Microsoft Windows Hardware Compatibility Publisher -> )

S3 MpKsld5f4f8b3; ??c:ProgramDataMicrosoftMicrosoft AntimalwareDefinition UpdatesD29BC46D-FDE1-4E5C-87CE-DC1BB2B92636MpKslDrv.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One month (created) (Whitelisted) =========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-09-05 13:11 – 2021-09-05 13:12 – 000000000 ____D C:FRST

2021-09-05 13:09 – 2021-09-05 13:09 – 000001808 _____ C:UsersPublicDesktopSUPERAntiSpyware Free Edition.lnk

2021-09-05 13:09 – 2021-09-05 13:09 – 000000000 ____D C:UsersMeONLYAppDataRoamingSUPERAntiSpyware.com

2021-09-05 13:09 – 2021-09-05 13:09 – 000000000 ____D C:ProgramDataSUPERAntiSpyware.com

2021-09-05 13:09 – 2021-09-05 13:09 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsSUPERAntiSpyware

2021-09-05 13:09 – 2021-09-05 13:09 – 000000000 ____D C:Program FilesSUPERAntiSpyware

2021-09-05 12:38 – 2021-09-05 12:38 – 000002163 _____ C:UsersMeONLYDesktopTweaking.com – Windows Repair.lnk

2021-09-05 12:38 – 2021-09-05 12:38 – 000000207 _____ C:Windowstweaking.com-regbackup-XXXX-PC-Windows-7-Professional-(64-bit).dat

2021-09-05 12:38 – 2021-09-05 12:38 – 000000000 ____D C:RegBackup

2021-09-05 12:37 – 2021-09-05 12:38 – 000346791 _____ C:WindowsTweaking.com – Windows Repair Setup Log.txt

2021-09-05 12:37 – 2021-09-05 12:37 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsTweaking.com

2021-09-05 12:37 – 2021-09-05 12:37 – 000000000 ____D C:Program Files (x86)Tweaking.com

 

 

2021-09-05 12:14 – 2020-04-17 07:23 – 000002935 _____ C:Windowsflcact.bat

2021-09-05 12:12 – 2020-04-17 07:23 – 000025088 _____ () C:Windowsflcreg.exe

2021-09-05 02:46 – 2021-09-05 02:47 – 000604869 ____H C:UsersMeONLYDownloads.a2837ed8720343c6330480a4b82dc8322836de39.parts

 

 

(MOD) APK

2021-09-05 01:16 – 2021-09-05 01:16 – 000000000 ____D C:WindowsWget

2021-09-05 01:16 – 2021-09-05 01:16 – 000000000 ____D C:Windowssleep

2021-09-05 01:16 – 2021-09-05 01:16 – 000000000 ____D C:Windowscurl

2021-09-05 00:11 – 2021-09-05 00:11 – 000000224 _____ C:UsersMINE

2021-08-26 20:13 – 2021-08-26 20:16 – 000000108 _____ C:UsersMeONLYDesktopChrome incognito.bat

2021-08-26 19:14 – 2021-08-26 19:16 – 000049426 _____ C:UsersMeONLYDesktopStatement_1959756486.089_166.pdf

2021-08-25 00:55 – 2021-08-25 00:55 – 000000000 ____D C:Windowssystem32TasksMozilla

2021-08-25 00:19 – 2021-08-25 00:19 – 000734982 _____ C:UsersMeONLYDesktopFull page photo.pdf

2021-08-24 14:21 – 2021-08-24 14:21 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsqBittorrent

2021-08-24 14:21 – 2021-08-24 14:21 – 000000000 ____D C:Program FilesqBittorrent

 

 

 

champagne

2021-08-22 23:48 – 2021-08-22 23:48 – 000001945 _____ C:UsersPublicDesktopPDFsam Basic.lnk

2021-08-22 23:48 – 2021-08-22 23:48 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsPDFsam Basic

2021-08-22 23:48 – 2021-08-22 23:48 – 000000000 ____D C:Program FilesPDFsam Basic

2021-08-22 22:22 – 2021-08-22 22:22 – 000000000 ____D C:UsersMeONLYDocumentsGrids

2021-08-22 22:10 – 2021-08-22 22:10 – 000003259 _____ C:UsersMeONLYDesktopdrive-download-20210823T041005Z-001.zip

2021-08-22 22:10 – 2021-04-03 13:30 – 000005010 _____ C:UsersMeONLYDesktopgrids_bookmarks.json

2021-08-22 22:10 – 2019-12-26 01:34 – 000001940 _____ C:UsersMeONLYDesktopzeiss grids_bookmarks.json

2021-08-22 22:10 – 2019-12-26 01:30 – 000001940 _____ C:UsersMeONLYDesktopMaky grids_bookmarks.json

2021-08-22 21:53 – 2021-08-22 21:53 – 000000794 _____ C:UsersMeONLYDesktopGrids.lnk

2021-08-22 21:53 – 2021-08-22 21:53 – 000000000 ____D C:UsersMeONLYAppDataRoamingMicrosoftWindowsStart MenuProgramsGrids

2021-08-22 21:53 – 2021-08-22 21:53 – 000000000 ____D C:UsersMeONLYAppDataLocalThinkTimeCreations

2021-08-22 21:53 – 2021-08-22 21:53 – 000000000 ____D C:UsersMeONLYAppDataLocalcache

2021-08-22 21:52 – 2021-08-22 21:53 – 000000000 ____D C:Program FilesGrids

2021-08-22 21:36 – 2021-08-22 21:36 – 000001143 _____ C:UsersMeONLYAppDataRoamingMicrosoftWindowsStart MenuLINE.lnk

2021-08-22 21:36 – 2021-08-22 21:36 – 000001141 _____ C:UsersMeONLYDesktopLINE.lnk

2021-08-22 19:24 – 2021-08-22 19:24 – 000000882 _____ C:UsersMeONLYDesktopLinks for Favorites – Shortcut.lnk

2021-08-22 15:54 – 2021-08-22 15:54 – 000000078 _____ C:UsersMeONLYDesktopTGx-Hot Picks – New Movies.url

2021-08-22 14:00 – 2021-08-22 14:00 – 000000000 ____D C:UsersMeONLYAppDataRoamingLearnpulse

2021-08-22 14:00 – 2021-08-22 14:00 – 000000000 ____D C:UsersMeONLYAppDataLocalLearnpulse

2021-08-22 14:00 – 2021-07-29 03:54 – 016882416 _____ (Learnpulse) C:UsersMeONLYDesktopScreenpresso.exe

2021-08-22 14:00 – 2015-09-13 10:58 – 000110592 _____ C:UsersMeONLYDesktopscreenpresso_keygen.exe

2021-08-22 13:31 – 2021-08-22 13:31 – 000002814 _____ C:Windowssystem32TasksCCleanerSkipUAC – MeONLY

2021-08-15 21:52 – 2021-08-15 21:51 – 001194552 _____ C:UsersMeONLYDesktopPhotos_7.zip

2021-08-15 15:13 – 2021-09-05 12:38 – 000000000 ____D C:UsersMeONLYAppDataLocalEverything

2021-08-15 14:27 – 2021-09-05 12:38 – 000000000 ____D C:UsersMeONLYAppDataRoamingEverything

2021-08-15 14:27 – 2021-08-15 14:27 – 000001005 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsEverything.lnk

2021-08-15 14:27 – 2021-08-15 14:27 – 000000993 _____ C:UsersPublicDesktopEverything.lnk

2021-08-15 14:27 – 2021-08-15 14:27 – 000000000 ____D C:Program FilesEverything

2021-08-10 14:24 – 2021-08-26 18:19 – 000000000 ____D C:UsersMeONLYAppDataLocalLowMozilla

2021-08-09 20:59 – 2021-08-09 20:59 – 000000000 ____D C:Cache

2021-08-09 18:23 – 2021-08-09 18:23 – 000147905 _____ C:UsersMeONLYDownloadsReports.pdf

2021-08-09 12:42 – 2021-08-09 12:42 – 000002176 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Earth Pro.lnk

2021-08-09 12:42 – 2021-08-09 12:42 – 000002164 _____ C:UsersPublicDesktopGoogle Earth Pro.lnk

2021-08-09 12:42 – 2021-08-09 12:42 – 000000000 ____D C:Program FilesGoogle

2021-08-08 15:13 – 2021-08-08 15:13 – 000001035 _____ C:ProgramDataMicrosoftWindowsStart MenuWinRAR.lnk

2021-08-07 16:58 – 2021-08-07 16:58 – 000000069 _____ C:UsersMeONLYDesktop[BE ORIGINAL] SOMI(전소미) ‘DUMB DUMB’ (4K) – YouTube.url

2021-08-07 16:34 – 2021-08-07 16:34 – 000001134 _____ C:UsersMeONLYDesktopOperaPortable.lnk

2021-08-07 15:34 – 2021-08-10 19:06 – 000008192 ___SH C:UsersMeONLYThumbs.db

 

2021-08-06 16:06 – 2021-08-06 16:07 – 000002690 _____ C:UsersMeONLYDesktophttps   www.waze.com en-GB live-map direction.lnk

 

 

==================== One month (modified) ==================

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2021-09-05 13:05 – 2021-05-25 23:24 – 000017209 _____ C:UsersMeONLYIP_Log_Data.js

2021-09-05 13:04 – 2009-07-13 22:45 – 000037520 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-

 

601632D005A0

2021-09-05 13:04 – 2009-07-13 22:45 – 000037520 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-

 

601632D005A0

2021-09-05 13:03 – 2020-12-23 00:11 – 000000000 ____D C:Program Files (x86)Google

2021-09-05 13:00 – 2009-07-13 23:13 – 000781790 _____ C:Windowssystem32PerfStringBackup.INI

2021-09-05 13:00 – 2009-07-13 21:20 – 000000000 ____D C:Windowsinf

2021-09-05 12:56 – 2011-04-12 02:28 – 000000000 ___RD C:UsersPublicRecorded TV

2021-09-05 12:56 – 2009-07-13 23:08 – 000000006 ____H C:WindowsTasksSA.DAT

2021-09-05 12:55 – 2020-12-23 00:09 – 000058520 _____ C:UsersMeONLYAppDataLocalGDIPFONTCACHEV1.DAT

2021-09-05 12:53 – 2011-04-12 02:28 – 000000000 ____D C:WindowsCSC

2021-09-05 12:53 – 2009-07-13 22:45 – 000273256 _____ C:Windowssystem32FNTCACHE.DAT

2021-09-05 12:38 – 2021-05-25 21:37 – 000000000 ____D C:UsersMeONLYAppDataRoamingDMCache

2021-09-05 12:37 – 2021-05-25 23:01 – 000004128 _____ C:Windowssystem32TasksCCleaner Update

2021-09-05 12:20 – 2020-12-23 00:11 – 000001413 _____ C:UsersPublicDesktopGoogle Chrome.lnk

2021-09-05 02:49 – 2021-05-27 21:56 – 000000000 ____D C:UsersMeONLYAppDataRoamingqBittorrent

2021-09-05 01:19 – 2021-07-16 18:18 – 000000000 ____D C:Program Files (x86)Bandicut

2021-09-05 01:17 – 2021-07-16 18:18 – 000000992 _____ C:UsersMeONLYDesktopBandicut.lnk

2021-09-05 01:10 – 2021-06-04 19:18 – 000002337 _____ C:UsersMeONLYAppDataLocalBFR6lastusedsettings.dpt6

2021-09-05 00:30 – 2020-12-23 01:45 – 000000000 ____D C:Program Files (x86)Hard Disk Sentinel

2021-09-05 00:04 – 2021-05-26 16:33 – 000000000 ____D C:Program Files (x86)PowerENGAGE

2021-09-05 00:04 – 2020-12-23 00:11 – 000002224 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2021-08-30 14:45 – 2010-11-20 21:27 – 000803176 ____N (Microsoft Corporation) C:Windowssystem32MpSigStub.exe

2021-08-26 23:29 – 2020-12-22 01:52 – 000006656 _____ C:Windowssystem32lpcio.dll

2021-08-25 23:32 – 2021-05-27 17:35 – 000000000 ____D C:UsersMeONLYAppDataRoamingeM Client

2021-08-25 12:54 – 2021-05-25 22:28 – 000000000 ____D C:Program FilesMozilla Firefox

2021-08-24 00:05 – 2021-05-26 00:03 – 000003242 _____ C:Windowssystem32Tasksklcp_update

2021-08-24 00:05 – 2021-05-26 00:02 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsK-Lite Codec Pack

2021-08-24 00:05 – 2021-05-26 00:02 – 000000000 ____D C:Program Files (x86)K-Lite Codec Pack

2021-08-23 15:44 – 2021-07-09 00:10 – 000000000 ____D C:UsersMeONLYAppDataLocalCrashDumps

2021-08-22 21:36 – 2021-05-29 14:27 – 000000000 ____D C:UsersMeONLYAppDataRoamingMicrosoftWindowsStart MenuProgramsLINE

2021-08-16 23:02 – 2021-05-29 14:46 – 000000000 ____D C:UsersMeONLYAppDataRoamingCSVQuickViewer

2021-08-16 22:56 – 2021-06-22 20:37 – 000000000 ____D C:UsersMeONLYAppDataRoamingModern CSV

2021-08-16 22:36 – 2021-05-29 14:46 – 000000000 ____D C:UsersMeONLYAppDataLocalCSVQuickViewer

2021-08-14 17:35 – 2021-05-25 21:37 – 000000000 ____D C:UsersMeONLYAppDataRoamingIDM

2021-08-11 15:51 – 2020-12-22 23:58 – 000000000 ____D C:UsersMeONLY

2021-08-10 14:24 – 2020-12-23 01:53 – 000000000 ____D C:UsersMeONLYAppDataRoamingMozilla

2021-08-09 22:54 – 2021-07-23 01:04 – 000028750 _____ C:UsersMeONLYDesktopetrex legend waypoints_edited.txt

2021-08-08 15:13 – 2020-12-23 01:39 – 000000000 ____D C:Program FilesWinRAR

2021-08-07 16:46 – 2021-05-29 14:27 – 000000000 ____D C:UsersMeONLYAppDataLocalLINE

2021-08-07 15:34 – 2021-06-17 01:46 – 000000000 ____D C:UsersMeONLYAppDataRoamingHandBrake

2021-08-07 01:17 – 2021-05-29 01:00 – 000000000 ____D C:UsersMeONLYAppDataRoamingFoxit Software

2021-08-07 00:41 – 2021-08-04 15:53 – 000000000 ____D C:UsersMeONLYAppDataLocalLowFoxit

2021-08-06 16:07 – 2021-07-03 17:20 – 000000000 ____D C:UsersMeONLYAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome Apps

2021-08-06 14:59 – 2021-05-28 01:21 – 000001809 _____ C:UsersMeONLYDesktopsata.txt

 

==================== Files in the root of some directories ========

 

2021-05-25 23:24 – 2021-09-05 13:05 – 000017209 _____ () C:UsersMeONLYIP_Log_Data.js

2021-05-25 23:26 – 2021-05-27 00:46 – 000001166 _____ () C:UsersMeONLYAppDataRoamingNetwork Meter_Settings.ini

2021-05-25 23:24 – 2021-05-25 23:24 – 000000012 _____ () C:UsersMeONLYAppDataRoamingNetwork Meter_Usage.ini

2021-06-04 19:18 – 2021-09-05 01:10 – 000002337 _____ () C:UsersMeONLYAppDataLocalBFR6lastusedsettings.dpt6

 

==================== SigCheck ============================

 

(There is no automatic fix for files that do not pass verification.)

 

 

LastRegBack: 2021-08-22 23:06

==================== End of FRST.txt ========================

 

ADDITION.TXT

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-09-2021

Ran by MeeONLY (05-09-2021 13:12:42)

Running from E:IDM Downloads

Windows 7 Professional Service Pack 1 (X64) (2020-12-23 05:57:57)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

 

(If an entry is included in the fixlist, it will be removed.)

 

Administrator (S-1-5-21-4152996346-4113304775-1243249153-500 – Administrator – Disabled)

Guest (S-1-5-21-4152996346-4113304775-1243249153-501 – Limited – Disabled)

HomeGroupUser$ (S-1-5-21-4152996346-4113304775-1243249153-1002 – Limited – Enabled)

MeeONLY (S-1-5-21-4152996346-4113304775-1243249153-1001 – Administrator – Enabled) => C:UsersMeeONLY

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Microsoft Security Essentials (Disabled – Up to date) 71A27EC9-3DA6-45FC-60A7-004F623C6189

AS: Microsoft Security Essentials (Disabled – Up to date) CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34

AS: Windows Defender (Disabled – Up to date) D68DDC3A-831F-4fae-9E44-DA132C1ACF46

 

==================== Installed Programs ======================

 

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

µTorrent (HKUS-1-5-21-4152996346-4113304775-1243249153-1001…uTorrent) (Version: 3.5.5.46038 – BitTorrent Inc.)

7-Zip 19.00 (x64) (HKLM…7-Zip) (Version: 19.00 – Igor Pavlov)

8GadgetPack (HKLM-x32…2C6DC07C-5D68-4E32-B6C6-EF5F24DA9FDF) (Version: 33.0.0 – 8GadgetPack.net)

Adobe Acrobat DC (HKLM-x32…AC76BA86-1033-FFFF-7760-0C0F074E4100) (Version: 21.001.20155 – Adobe Systems Incorporated)

AMD Catalyst Install Manager (HKLM…8C1DA63E-3B80-46B5-64CC-8BE27A0C3FB4) (Version: 8.0.916.0 – Advanced Micro Devices, Inc.)

AppLogLibSetup (HKLM-x32…52FB0C8F-DF05-4C61-AEB6-18C55F8C385F) (Version: 1.0.3.0 – Brother Industries Ltd.) Hidden

Auslogics Duplicate File Finder (HKLM-x32…6845255F-15CC-4DD1-94D5-D38F370118B3_is1) (Version: 9.1.0.0 – Auslogics Labs Pty Ltd)

Bandicam (HKLM-x32…Bandicam) (Version: 5.2.0.1855 – Bandicam.com)

Bandicam MPEG-1 Decoder (HKLM-x32…BandiMPEG1) (Version:  – Bandicam.com)

Bandicut (HKLM-x32…Bandicut) (Version: 1.2.2.65 – Bandisoft.com)

BandicutVideoCutter 3.1.3.454 (HKLM-x32…BandicutVideoCutter 3.1.3.454) (Version: 3.1.3.454 – Bandicam Company)

Belkin USB 3.0 Hub + Gigabit Ethernet (HKLM-x32…49949739-F85A-43CD-AAB4-C901F975D61A) (Version: 1.07.01 – Belkin International, Inc.)

Better File Rename 6.23 (HKLM…Better File Rename 6_is1) (Version:  – publicspace.net)

BrLauncher (HKLM-x32…42D26B47-887C-45FC-BCAE-0BE485C5C0BB) (Version: 2.0.11.0 – Brother Industries Ltd.) Hidden

BrLogRx (HKLM-x32…190861E7-09C5-42D8-BB4B-0AFB234BCFC1) (Version: 1.0.3.1 – Brother Industries Ltd.) Hidden

Brother iPrint&Scan (HKLM-x32…42D72ABA-773E-467A-8A64-4765E990EB75) (Version: 9.0.0.123 – Brother Industries, Ltd.) Hidden

Brother iPrint&Scan (HKLM-x32…85f204b0-595c-4801-8648-a69062f9ce1b) (Version: 9.0.0.123 – Brother Industries, Ltd.)

Brother PCFax Driver (HKLM-x32…79262B43-9E15-4732-A034-BFD29D9BD077) (Version: 1.4.1.0 – Brother Industries Ltd.) Hidden

Brother PowerENGAGE (HKLM-x32…3CE8B8E8-B33B-453C-BB7A-821ED6E18A24) (Version: 1.0.27 – Aviata, Inc.)

Brother Printer Driver (HKLM-x32…EAD4E66C-102F-4ED0-85B5-A1C9037A6E8B) (Version: 1.7.0.0 – Brother Industries Ltd.) Hidden

Brother Scanner Driver (HKLM-x32…CE1E9BB4-0414-4541-A4A9-1578D8E53F21) (Version: 1.0.24.1 – Brother Industries Ltd.) Hidden

BrSupportTools (HKLM-x32…32F47565-84B1-42CC-B09A-4CDDD9A32F94) (Version: 1.0.20.0 – Brother Industries Ltd.) Hidden

CalcTape (HKLM-x32…FC6C4F5C-9539-40F4-999F-5586697DA327) (Version: 6.0.4 – schoettler Software GmbH)

ControlCenter4 (HKLM-x32…9091B952-8719-49C3-9CC7-6E20EC61081F) (Version: 4.6.6.1 – Brother Industries, Ltd.) Hidden

ControlCenter4 CSDK (HKLM-x32…FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0) (Version: 4.6.1.1 – Brother Industries, Ltd.) Hidden

CPUID HWMonitor Pro 1.43 (HKLM…CPUID HWMonitorPro_is1) (Version: 1.43 – CPUID, Inc.)

Defraggler (HKLM…Defraggler) (Version: 2.22 – Piriform)

Duplicate File Finder version 2102 (HKLM-x32…Duplicate File Finder_is1) (Version: 2102 – PrivacyRoot IFG)

Duplicate Photos Fixer Pro (HKLM-x32…Duplicate Photos Fixer Pro_is1) (Version: 1.1.1086.12249 – Systweak Software) <==== ATTENTION

eM Client (HKLM-x32…72E2073D-5CB8-4219-9973-90D650BE7876) (Version: 8.2.1466.0 – eM Client Inc.)

EPU-6 Engine (HKLM-x32…56B83336-FBC1-4C46-8613-90A9E3B440D6) (Version: 1.03.03 – )

eReg (HKLM-x32…3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C) (Version: 1.20.138.34 – Logitech, Inc.) Hidden

Everything 1.4.1.1009 (x64) (HKLM…Everything) (Version: 1.4.1.1009 – voidtools)

File Shredder 2.5 (HKLM…File Shredder_is1) (Version:  – Pow Tools)

Foxit PhantomPDF (HKLM-x32…184b2d46-2d0f-4830-ae16-0dc1b3aa3057) (Version: 9.7.0.29478 – Foxit Software Inc.)

Foxit PhantomPDF (HKLM-x32…dee6199e-eeb2-11e9-81ff-54bf64a63c26) (Version: 9.7.0.29478 – Foxit Software Inc.) Hidden

FreeFileSync 11.11 (HKLM-x32…FreeFileSync_is1) (Version: 11.11 – FreeFileSync.org)

Garmin MapSource (HKLM-x32…AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B) (Version: 6.16.3 – Garmin Ltd or its subsidiaries)

Google Chrome (HKLM-x32…Google Chrome) (Version: 93.0.4577.63 – Google LLC)

Google Earth Pro (HKLM…9BFB06CD-3925-49E2-BAB7-EA695821CE4C) (Version: 7.3.4.8248 – Google)

Google Update Helper (HKLM-x32…60EC980A-BDA2-4CB6-A427-B07A5498B4CA) (Version: 1.3.36.51 – Google LLC) Hidden

Grids 7.0.13 (HKLM…Grids) (Version:  – )

Hard Disk Sentinel PRO (HKLM-x32…Hard Disk Sentinel_is1) (Version: 5.61 – Janos Mathe)

HowToGuide (HKLM-x32…36580EEB-4EDF-4880-BBD4-097E2C645ECD) (Version: 1.0.1.0 – Brother Industries Ltd.) Hidden

HttpToUsbBridge (HKLM-x32…2316FF8E-7DEC-4EB9-A50D-64C304A25469) (Version: 1.5.30.1 – Brother Industries Ltd.)

Internet Download Manager (HKLM-x32…Internet Download Manager) (Version: 6.39.2 – Tonec Inc.)

K-Lite Codec Pack 16.3.8 Standard (HKLM-x32…KLiteCodecPack_is1) (Version: 16.3.8 – KLCP)

LINE (HKUS-1-5-21-4152996346-4113304775-1243249153-1001…LINE) (Version: 6.7.4.2508 – LINE Corporation)

LockHunter 3.2, 32/64 bit (HKLM…LockHunter_is1) (Version:  – Crystal Rich Ltd)

MenuMaid 1.0.1 (HKLM-x32…MenuMaid) (Version: 1.0.1 – Sound Doctrine Ministries)

Microsoft .NET Framework 4.8 (HKLM…92FB6C44-E685-45AD-9B20-CADF4CABA132 – 1033) (Version: 4.8.03761 – Microsoft Corporation)

Microsoft Security Essentials (HKLM…Microsoft Security Client) (Version: 4.10.209.0 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32…710f4c1c-cc18-4c49-8cbf-51240c89a1a2) (Version: 8.0.61001 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc) (Version: 8.0.59192 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM…ad8a2fa1-06e7-4b0d-927d-6e54b3d31028) (Version: 8.0.61000 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.17 (HKLM…8220EEFE-38CD-377E-8595-13398D740ACE) (Version: 9.0.30729 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.4048 (HKLM…91415F19-4C22-3609-A105-92ED3522D83C) (Version: 9.0.30729.4048 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.4048 (HKLM-x32…5B1F2843-B379-3FF2-B0D3-64DD143ED53A) (Version: 9.0.30729.4048 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…9BE518E6-ECC6-35A9-88E4-87755C07200F) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable – 10.0.30319 (HKLM…DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E) (Version: 10.0.30319 – Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable – 10.0.30319 (HKLM-x32…196BB40D-1578-3D01-B289-BEFC77A11A1E) (Version: 10.0.30319 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.50727 (HKLM-x32…15134cb0-b767-4960-a911-f2d16ae54797) (Version: 11.0.50727.1 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.50727 (HKLM-x32…22154f09-719a-4619-bb71-5b3356999fbf) (Version: 11.0.50727.1 – Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) – 14.0.24215 (HKLM-x32…e2803110-78b3-4664-a479-3611a381656a) (Version: 14.0.24215.1 – Microsoft Corporation)

Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.28.29914 (HKLM-x32…43d1ce82-6f55-4860-a938-20e5deb28b98) (Version: 14.28.29914.0 – Microsoft Corporation)

Modern CSV (HKLM-x32…6E55FF90-31BC-46E6-ACDA-501750C23F93) (Version: 1.3.26 – PFOJ Enterprises LLC)

Movavi Photo Editor 6 (HKUS-1-5-21-4152996346-4113304775-1243249153-1001…Movavi Photo Editor 6) (Version: 6.7.1 – Movavi)

Mozilla Firefox (x64 en-CA) (HKLM…Mozilla Firefox 91.0.2 (x64 en-CA)) (Version: 91.0.2 – Mozilla)

NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32…D7BF9739-8A68-4335-BBEE-37752AD9E86B) (Version: 1.0.19.0 – NEC Electronics Corporation) Hidden

NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32…InstallShield_D7BF9739-8A68-4335-BBEE-37752AD9E86B) (Version: 1.0.19.0 – NEC Electronics Corporation)

NetworkRepairTool (HKLM-x32…86E68F57-FAFE-4052-BDD4-3B90C38236AE) (Version: 1.2.16.0 – Brother Industries, Ltd.) Hidden

NoxPlayer (HKLM-x32…Nox) (Version: 7.0.1.3 – Duodian Technology Co. Ltd.)

PC-FAXReceive (HKLM-x32…65EA2C86-30CD-444C-ADAB-8762BE4E2E8C) (Version: 1.8.003.0 – Brother Insutries Ltd.) Hidden

PCFaxTx (HKLM-x32…3BF5A21-6363-410C-B3BE-0946B0012704) (Version: 3.7.3.1 – Brother Industries Ltd.) Hidden

PDFsam Basic (HKLM…4307C5BE-ED8C-4204-97B8-DEDFD42986C7) (Version: 4.2.6.0 – Sober Lemur S.a.s. di Vacondio Andrea)

PowerENGAGE (HKLM-x32…400A01BF-E908-4393-BD39-31E386377BDA) (Version: 3.2.16 – Aviata, Inc.) Hidden

Process Hacker 2.39 (r124) (HKLM…Process_Hacker2_is1) (Version: 2.39.0.124 – wj32)

PureEdge Viewer 6.5 (HKLM-x32…E0000650-0650-0650-0650-000000000650) (Version:  – )

qBittorrent 4.3.7 (HKLM-x32…qBittorrent) (Version: 4.3.7 – The qBittorrent project)

Realtek High Definition Audio Driver (HKLM-x32…F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC) (Version: 6.0.1.6037 – Realtek Semiconductor Corp.)

Recover Keys (HKLM…Recover Keys_is1) (Version: 11.0.4.235 – Recover Keys)

RemoteSetup (HKLM-x32…FAB8A30A-B074-48F9-9D73-5E9A757403F8) (Version: 3.10.2.0 – Brother Industries Ltd.) Hidden

Revo Uninstaller Pro 4.4.8 (HKLM…67579783-0FB7-4F7B-B881-E5BE47C9DBE0_is1) (Version: 4.4.8 – VS Revo Group, Ltd.)

RoboForm 7-9-32-2 (HKUS-1-5-21-4152996346-4113304775-1243249153-1001…AI RoboForm) (Version: 7-9-32-2 – Siber Systems)

ScannerUtilityInstaller (HKLM-x32…D65C0754-7790-427F-AD73-D7C644260F57) (Version: 1.19.9.1 – Brother) Hidden

SES Driver (HKLM…D8CC254C-C671-4664-9A38-FA368D1E2C97) (Version: 1.0.0 – Western Digital)

SoftwareUpdateNotification (HKLM-x32…34F12379-C924-41E6-921D-51C71217F58C) (Version: 1.0.9.0 – Brother Industries, Ltd.) Hidden

StatusMonitor (HKLM-x32…40578A7A-6E36-457F-A4F0-45BC37EB61FD) (Version: 1.20.1.0 – Brother Insutries Ltd.) Hidden

SUPERAntiSpyware (HKLM…CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA) (Version: 10.0.1238 – SUPERAntiSpyware.com)

Total Commander 64-bit (Remove or Repair) (HKLM…Totalcmd64) (Version: 10.00 – Ghisler Software GmbH)

TreeSize V8.0.3 (64 bit) (HKLM…TreeSize_is1) (Version: 8.0.3 – JAM Software)

Tweaking.com – Windows Repair (HKLM-x32…Tweaking.com – Windows Repair) (Version: 4.9.0 – Tweaking.com)

Universal Viewer Pro version 6.7.8.0 (HKLM-x32…Universal Viewer Pro_is1) (Version: 6.7.8.0 – UVviewsoft)

UsbRepairTool (HKLM-x32…F8762A81-32B5-4144-9F3C-9274F515A651) (Version: 1.4.0.0 – Brother Industries, Ltd.) Hidden

VueScan x64 (HKLM…VueScan x64) (Version: 9.7.55 – Hamrick Software)

Windows Driver Package – Western Digital Technologies (WDC_SAM) WDC_SAM  (01/19/2011 1.0.0009.0) (HKLM…4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20) (Version: 01/19/2011 1.0.0009.0 – Western Digital Technologies)

Windscribe (HKLM-x32…fa690e90-ddb0-4f0c-b3f1-136c084e5fc7_is1) (Version: 2.2 Build 10 – Windscribe Limited)

WinRAR 6.00 (64-bit) (HKLM…WinRAR archiver) (Version: 6.00.0 – win.rar GmbH)

 

==================== Custom CLSID (Whitelisted): ==============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKUS-1-5-21-4152996346-4113304775-1243249153-1001_ClassesCLSID0020420-0000-0000-C000-000000000046InprocServer32 -> C:Windowssystem32oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-4152996346-4113304775-1243249153-1001_ClassesCLSID0020421-0000-0000-C000-000000000046InprocServer32 -> C:Windowssystem32oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-4152996346-4113304775-1243249153-1001_ClassesCLSID0020422-0000-0000-C000-000000000046InprocServer32 -> C:Windowssystem32oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-4152996346-4113304775-1243249153-1001_ClassesCLSID0020423-0000-0000-C000-000000000046InprocServer32 -> C:Windowssystem32oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-4152996346-4113304775-1243249153-1001_ClassesCLSID0020424-0000-0000-C000-000000000046InprocServer32 -> C:Windowssystem32oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-4152996346-4113304775-1243249153-1001_ClassesCLSID0020425-0000-0000-C000-000000000046InprocServer32 -> C:Windowssystem32oleaut32.dll (Microsoft Windows -> Microsoft Corporation)

CustomCLSID: HKUS-1-5-21-4152996346-4113304775-1243249153-1001_ClassesCLSID25815CC0-43F4-3C75-8C3A-A139D9ADE740InprocServer32 -> C:UsersMeeONLYAppDataLocalMicrosoftWindows SidebarGadgetsNetwork_Meter_V8.4.gadgetnetlib.dll (AddGadgets IT -> Jonathan Abbott)

ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> CDC95B92-E27C-4745-A8C5-64A52A78855D => C:Program Files (x86)Internet Download ManagerIDMShellExt64.dll [2021-03-02] (Tonec Inc. -> Tonec FZE)

ContextMenuHandlers1: [7-Zip] -> 23170F69-40C1-278A-1000-000100020000 => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> A6595CD1-BF77-430A-A452-18696685F7C7 => C:Program Files (x86)AdobeAcrobat DCAcrobat ElementsContextMenuShim64.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)

ContextMenuHandlers1: [EPP] -> 09A47860-11B0-4DA5-AFA5-26D86198A780 => c:Program FilesMicrosoft Security Clientshellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers1: [Foxit_ConvertToPDF] -> C5269811-4A29-4818-A4BB-111F9FC63A5F =>  -> No File

ContextMenuHandlers1: [LockHunterShellExt] -> 0BB27CDA-7029-4C0E-9C56-D922B229F0EB => C:Program FilesLockHunterLHShellExt64.dll [2017-07-20] (Crystal Rich Ltd -> Crystal Rich Ltd)

ContextMenuHandlers1: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C:program fileswinrarrarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C:program fileswinrarrarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers2: [EPP] -> 09A47860-11B0-4DA5-AFA5-26D86198A780 => c:Program FilesMicrosoft Security Clientshellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers2: [LockHunterShellExt] -> 0BB27CDA-7029-4C0E-9C56-D922B229F0EB => C:Program FilesLockHunterLHShellExt64.dll [2017-07-20] (Crystal Rich Ltd -> Crystal Rich Ltd)

ContextMenuHandlers3: [DeleteFiles] -> 736AF091-C361-49B4-A928-87C586130D33 => C:Program FilesFile Shredderfsshell.dll [2012-04-01] () [File not signed]

ContextMenuHandlers4: [7-Zip] -> 23170F69-40C1-278A-1000-000100020000 => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

ContextMenuHandlers4: [EPP] -> 09A47860-11B0-4DA5-AFA5-26D86198A780 => c:Program FilesMicrosoft Security Clientshellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)

ContextMenuHandlers4: [LockHunterShellExt] -> 0BB27CDA-7029-4C0E-9C56-D922B229F0EB => C:Program FilesLockHunterLHShellExt64.dll [2017-07-20] (Crystal Rich Ltd -> Crystal Rich Ltd)

ContextMenuHandlers5: [ACE] -> 5E2121EE-0300-11D4-8D3B-444553540000 => C:Program Files (x86)AMDATI.ACECore-Staticatiacm64.dll [2015-08-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

ContextMenuHandlers6: [7-Zip] -> 23170F69-40C1-278A-1000-000100020000 => C:Program Files7-Zip7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> A6595CD1-BF77-430A-A452-18696685F7C7 => C:Program Files (x86)AdobeAcrobat DCAcrobat ElementsContextMenuShim64.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)

ContextMenuHandlers6: [Foxit_ConvertToPDF] -> C5269811-4A29-4818-A4BB-111F9FC63A5F =>  -> No File

ContextMenuHandlers6: [RUShellExt] -> 2C5515DC-2A7E-4BFD-B813-CACC2B685EB7 => C:Program FilesVS Revo GroupRevo Uninstaller ProRUExt.dll [2020-09-28] (VS Revo Group Ltd. -> VS Revo Group)

ContextMenuHandlers6: [WinRAR] -> B41DB860-64E4-11D2-9906-E49FADC173CA => C:program fileswinrarrarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> B41DB860-8EE4-11D2-9906-E49FADC173CA => C:program fileswinrarrarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

 

==================== Codecs (Whitelisted) ====================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM…Drivers32: [vidc.mjpg] => C:Windowssystem32bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )

HKLM…Drivers32: [vidc.mpeg] => C:Windowssystem32bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )

HKLM…Drivers32: [msacm.bdmpeg] => C:Windowssystem32bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )

HKLM…Drivers32: [vidc.mjpg] => C:WindowsSysWOW64bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )

HKLM…Drivers32: [vidc.mpeg] => C:WindowsSysWOW64bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )

HKLM…Drivers32: [msacm.bdmpeg] => C:WindowsSysWOW64bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )

 

==================== Shortcuts & WMI ========================

 

(The entries could be listed to be restored or removed.)

 

WMI:subscription__FilterToConsumerBinding->CommandLineEventConsumer.Name=”BVTConsumer””,Filter=”__EventFilter.Name=”BVTFilter”::

WMI:subscription__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA “Win32_Processor” AND TargetInstance.LoadPercentage > 99]

WMI:subscriptionCommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\tools\kernrate]

ShortcutWithArgument: C:UsersMeeONLYDesktophttps   www.bicfic.com.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome_proxy.exe (Google LLC) ->  –profile-directory=Default –app-id=iaomcgoepihhllomehdfifbbahjpfldh

ShortcutWithArgument: C:UsersMeeONLYDesktophttps   www.waze.com en-GB live-map direction.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome_proxy.exe (Google LLC) ->  –profile-directory=Default –app-id=pmdcghlpikokkblnoefipaokmomoahbn

ShortcutWithArgument: C:UsersMeeONLYAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome Appshttps   www.bicfic.com.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome_proxy.exe (Google LLC) ->  –profile-directory=Default –app-id=iaomcgoepihhllomehdfifbbahjpfldh

ShortcutWithArgument: C:UsersMeeONLYAppDataRoamingMicrosoftWindowsStart MenuProgramsChrome Appshttps   www.waze.com en-GB live-map direction.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome_proxy.exe (Google LLC) ->  –profile-directory=Default –app-id=pmdcghlpikokkblnoefipaokmomoahbn

ShortcutWithArgument: C:UsersMeeONLYAppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser PinnedImplicitAppShortcuts7fcfd17cd9e61859LINE.lnk -> C:Program Files (x86)GoogleChromeApplicationchrome_proxy.exe (Google LLC) -> –profile-directory=Default –app-id=ophjlpahpchlmihnnnihgmmeilfjmjjc

 

==================== Loaded Modules (Whitelisted) =============

 

2020-12-22 00:17 – 2009-08-27 21:41 – 000053248 _____ () [File not signed] C:Program Files (x86)ASUSEPU-6 EngineAsSpindownTimeout.dll

2020-12-22 00:17 – 2009-04-22 22:20 – 000179712 _____ () [File not signed] C:Program Files (x86)ASUSEPU-6 EngineASUSSERVICE.DLL

2020-12-22 00:17 – 2009-08-27 21:41 – 000565248 _____ () [File not signed] C:Program Files (x86)ASUSEPU-6 Enginepngio.dll

2021-07-18 23:07 – 2012-04-01 01:06 – 002689536 _____ () [File not signed] C:Program FilesFile Shredderfsshell.dll

2021-05-26 16:09 – 2005-04-22 14:36 – 000143360 _____ () [File not signed] C:Windowssystem32BrSNMP64.dll

2020-12-22 02:28 – 2020-12-22 02:28 – 000031232 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64A4.Foundation7588b4c9036a571683b7f5807e33af27A4.Foundation.ni.dll

2020-12-22 02:29 – 2020-12-22 02:29 – 000022528 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64AEM.Actions5dc83b46#19a2526f23cea41d6e9f68facb87b9dAEM.Actions.CCAA.Shared.ni.dll

2020-12-22 02:29 – 2020-12-22 02:29 – 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64AEM.Plugin.0a1309f7#63c254c751ea2d8f2d4825cfa32e4284AEM.Plugin.EEU.Shared.ni.dll

2020-12-22 02:29 – 2020-12-22 02:29 – 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64AEM.Plugin.2b6a6775#839a1b5dd727ca43c1b632a9ba3d744bAEM.Plugin.Hotkeys.Shared.ni.dll

2020-12-22 02:29 – 2020-12-22 02:29 – 000281600 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64AEM.Plugin.5d945b6b#2d71f1e7a45ab07a54ff90b0f0685dbdAEM.Plugin.Source.Kit.Server.ni.dll

2020-12-22 02:29 – 2020-12-22 02:29 – 000014848 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64AEM.Plugin.674d2b8a#d29c90e6a8b805851a14cf6d430c3b2aAEM.Plugin.WinMessages.Shared.ni.dll

2020-12-22 02:29 – 2020-12-22 02:29 – 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64AEM.Plugin.88aba5d2#8c5805137e7e8b10d466e0f521e5056eAEM.Plugin.REG.Shared.ni.dll

2020-12-22 02:29 – 2020-12-22 02:29 – 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64AEM.Plugin.GD.Shared9ee52225fc22b2410331a09f44548251AEM.Plugin.GD.Shared.ni.dll

2020-12-22 02:29 – 2020-12-22 02:29 – 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64AEM.Server.Sharedd5cba25a1c6a64e8c7fa5a9f31cec231AEM.Server.Shared.ni.dll

2020-12-22 02:29 – 2020-12-22 02:29 – 000267776 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64AEM.Servere07245a6e7c600468974919a1f69c9ddAEM.Server.ni.dll

2020-12-22 02:29 – 2020-12-22 02:29 – 000055808 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64APM.Foundatione33914cb907a7cc5c95935861ee9e076APM.Foundation.ni.dll

2020-12-22 02:31 – 2020-12-22 02:31 – 000122880 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64ATICCCome7d9bc8b53ca1cc29685c72ec84d6cecATICCCom.ni.dll

2020-12-22 02:29 – 2020-12-22 02:29 – 000204288 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CCC.Implementationb4fea844170a08ddc6c431eea93e3d6aCCC.Implementation.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000128000 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.3399d0ec#221951dbfaaf884dca9bfbeace69d4e4CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.37d3d968#b889f25f6860153f1b4b46f7bc11612fCLI.Aspect.AMDHome.Graphics.Shared.ni.dll

2020-12-22 02:31 – 2020-12-22 02:31 – 000045568 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.382a3def#f90a201efe17d2d1da88221d1f6e8d1fCLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000107008 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.3a6f1658#73fd736cf49ed7b6c548e7dd4bd733b7CLI.Aspect.TransCode.Graphics.Shared.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000209920 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.4542c692#36c7a7fb33999f948769224c8795733cCLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.4bbb0755#7c69f84ae884a1a19cdc66663c48b6dfCLI.Aspect.TransCode.Graphics.Dashboard.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.52c6dbaa#d056cb645fea2c0a3a99565b385ca338CLI.Aspect.FPS.Graphics.Shared.ni.dll

2020-12-22 02:31 – 2020-12-22 02:31 – 000263168 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.73911eb5#b5450c9cf28cf8e4a35e7659d1191a36CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000365056 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.7ec2db45#73325bc0b1b8d0ba1a3201c43716349bCLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000064000 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.8350f5c6#fd7adc4267f87bd0c4208e8e3b03b594CLI.Aspect.UpdateNotification.Graphics.Runtime.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000678912 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.846fa813#411ce6b58232fea2b2aa2f5c84af6c6fCLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000320512 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.87ad5c75#ebe9648ed46275077be1103c63cae20aCLI.Aspect.OverDrive5.Graphics.Dashboard.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000745472 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.8d333b6b#e0d9b1aae1dc641d9f176c9c78873eafCLI.Aspect.Radeon3D.Graphics.Shared.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000449024 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.8e996306#98d3a3d1bf9b589ac73cd4f2af6858b4CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.9cd1e9e7#1bc74af4595f7d4bb14dba08b398f202CLI.Aspect.FPS.Graphics.Dashboard.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000158208 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.a0ae52bc#6f6076a09f11da2851c3307519a0f101CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000057856 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.a6cd7fff#3744857021d8101b5210d22c860c4327CLI.Aspect.FPS.Graphics.Runtime.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000082944 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.a765109e#662f96cd34ee44039f2daef6c9690d04CLI.Aspect.UpdateNotification.Graphics.Dashboard.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000462336 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.acb9d930#ef7c45342fd8e6ceaa362984f5f93611CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000086528 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.ae5e117c#af96fdf26092113e59decdf8be5ab4edCLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000067072 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.b0a7c1fb#3e21ad0f6a8894bed67d8502be9c1df9CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000340992 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.c7aaa0f8#b1a65725e974542589e37b125f7d7451CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000017920 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.c854b457#bbf02bda177ca3a7b84bb2569624623CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000276480 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.e8635fc7#e41de46d0e4024f3555702356a8f2ca6CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 003312640 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.e9fd7406#45799d4f52fc1baf50fb7daa4da37449CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000240640 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.eda8935e#4d90236c99dd27f8d3ab76b51c4cc78bCLI.Aspect.MMVideo.Graphics.Shared.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000047616 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.ef3eaa4d#8aa73981fe14b1169ae744249b49ebc4CLI.Aspect.TransCode.Graphics.Runtime.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.f480a2f3#5b4378a0e07ace571758b30de14b73d5CLI.Aspect.UpdateNotification.Graphics.Shared.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000051200 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Caste.A4.Runtimee14d9dd065cb4ca4f4a9f15b22d80a72CLI.Caste.A4.Runtime.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Caste.A4.Sharedbbb18c203d447a3d164533b79bfe8b63CLI.Caste.A4.Shared.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Caste.Af820fedc#7d1976a67d7feec95e59eabf618297e0CLI.Caste.A4.Dashboard.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Caste.F24de14fe#55fae9c0031ec7cf7b0c0bd87e9ed6afCLI.Caste.Fuel.Shared.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000311296 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Caste.F36b07a2b#6de7e27e7bdf3258a4a1e67a835e88aaCLI.Caste.Fuel.Runtime.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Caste.Ff3085433#8f74b65cde0a90f1f555936b0789bcd3CLI.Caste.Fuel.Dashboard.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Caste.G60338cc0#b9da81a3b3902ae8ac3de35b279e3fbfCLI.Caste.Graphics.Runtime.Shared.Private.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 001555456 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Caste.Gd9d9b43b#9f777e1371667aee33b444579e488331CLI.Caste.Graphics.Dashboard.Shared.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000587776 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Caste.Gee7d2dbc#7190220bcbcd8f6004440ffdbfb10a31CLI.Caste.Graphics.Dashboard.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Caste.H18c99613#bf9007de074c15128c42d9e66c3e548aCLI.Caste.HydraVision.Runtime.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Caste.H92ba4e46#e92846c25595b0153e743001a11a6cb1CLI.Caste.HydraVision.Shared.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Caste.Hbb906c0b#a54d5067e24f3e8bb50c3d941b293835CLI.Caste.HydraVision.Dashboard.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Caste.Pac40511b#b574f371c97f0b70872f4b6466f75ebCLI.Caste.Platform.Shared.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000044032 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Caste.Pdb36d56e#54fd89f72062d55a9afef3084daa6d6fCLI.Caste.Platform.Runtime.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000024064 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Caste.Pfeefa2b6#3140b1a228b955f43d88936cac28de17CLI.Caste.Platform.Dashboard.ni.dll

2020-12-22 02:29 – 2020-12-22 02:29 – 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Compone1b4a8c97#fea89b95b344d2ebe320f10a94ab4e48CLI.Component.Runtime.Shared.ni.dll

2020-12-22 02:31 – 2020-12-22 02:31 – 000901632 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Compone26c9c557#da748716ec86deaa760e20181d1a619cCLI.Component.Systemtray.ni.dll

2020-12-22 02:31 – 2020-12-22 02:31 – 000173568 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Compone29e547cc#e36c082efa2466d7b250a51ff0438117CLI.Component.Dashboard.ProfileManager2.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Compone59f353b4#cd96790b7a550e83ed394fa9e5844672CLI.Component.Runtime.Shared.Private.ni.dll

2020-12-22 02:31 – 2020-12-22 02:31 – 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Componeb4d0485c#6850d3d4b5eb2b7fe353760abb5b2a04CLI.Component.Runtime.Extension.EEU.ni.dll

2020-12-22 02:29 – 2020-12-22 02:29 – 001609728 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Componec89c3bec#41cc25eff0e3d8edf1821df8498c8deeCLI.Component.Dashboard.Shared.Private.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Componef1fd67b2#c3bc2c11a319e69d797337b2cc3587adCLI.Component.Client.Shared.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Componef4cf054f#273c82b8f75aa9a50df83826fb26be5CLI.Component.Dashboard.Shared.ni.dll

2020-12-22 02:29 – 2020-12-22 02:29 – 000089600 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Foundat3d5d3945#2aec8615458cf942c0e2028f92d88b12CLI.Foundation.Private.ni.dll

2020-12-22 02:31 – 2020-12-22 02:31 – 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Foundat60cdf5df#38821c827083bc34f72bccdb0757d696CLI.Foundation.XManifest.ni.dll

2020-12-22 02:29 – 2020-12-22 02:29 – 000091136 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Foundat619559bd#dee3b70a4046d047575cdf95d09bb8c4CLI.Foundation.CoreAudioAPI.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 001079296 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Foundatd3771151#fd0264f191dc3c5e5a2e573fe8769d5cCLI.Foundation.Client.ni.dll

2020-12-22 02:29 – 2020-12-22 02:29 – 000301568 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Foundation6f296ece52b7593d404229e421fee706CLI.Foundation.ni.dll

2020-12-22 02:29 – 2020-12-22 02:29 – 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64DEM.Foundationb799a8aa0290c014a50b485ec4518ba1DEM.Foundation.ni.dll

2020-12-22 02:29 – 2020-12-22 02:29 – 000115200 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64DEM.Graphics.I060197f5dd517e1b54c950b1f62c1172f593DEM.Graphics.I0601.ni.dll

2020-12-22 02:29 – 2020-12-22 02:29 – 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64DEM.Graphicscf73a32e0fd9188ffcf89b05ed5bd8a4DEM.Graphics.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64Fuel.Foundationbfe2a7e89d34afe293fb5d26816fe2f2Fuel.Foundation.ni.dll

2020-12-22 02:31 – 2020-12-22 02:31 – 000296960 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64LOG.Foundat03490438#467f27fa881e9eee9938168f95dc6e17LOG.Foundation.Implementation.ni.dll

2020-12-22 02:28 – 2020-12-22 02:28 – 000150016 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64LOG.Foundat5023f8e7#58f64e3662d5697ba6ad38611a27e297LOG.Foundation.Private.ni.dll

2020-12-22 02:29 – 2020-12-22 02:29 – 000087552 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64LOG.Foundatcaafa75b#76ee3197f92e46c4cc38b66d2d5595beLOG.Foundation.Implementation.Private.ni.dll

2020-12-22 02:28 – 2020-12-22 02:28 – 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64LOG.Foundation2f1f9cdcfda600aa16f01e782ef0c7b7LOG.Foundation.ni.dll

2020-12-22 02:29 – 2020-12-22 02:29 – 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64MOM.Foundationd6f8cbc0a19dae825e2ca119e7016d2cMOM.Foundation.ni.dll

2020-12-22 02:31 – 2020-12-22 02:31 – 000402944 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64MOM.Implementationb9455d2a4b125a9d7e3d6637781d805dMOM.Implementation.ni.dll

2020-12-22 02:29 – 2020-12-22 02:29 – 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64NEWAEM.Foundationda39baa62f53888d047f806d04ced8ecNEWAEM.Foundation.ni.dll

2020-12-22 02:29 – 2020-12-22 02:29 – 000897024 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64ADL.Foundationc16b11e04389e5ba0d99cecfc307efc8ADL.Foundation.ni.dll

2020-12-22 02:29 – 2020-12-22 02:29 – 000256000 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64APM.Serverc7a7c988826890798bbc742c9864090aAPM.Server.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000298496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.9b707b25#a37f3de8f54c67d3bce8a4672dc11e37CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 001654272 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.aa59351a#a538e3df64b89ac3db691171226e7845CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 006336512 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.e6d9f3a8#6b00eff566823d6135e3b93a1cbdf8ddCLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll

2020-12-22 02:31 – 2020-12-22 02:31 – 008027648 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Combine0616f305#ac8eb6f3c4ba1eb7fd0f91a34f8e8a45CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll

2020-12-22 02:31 – 2020-12-22 02:31 – 001159680 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Combine7332395e#621758585a73cfd74ab55f5f95d78852CLI.Combined.Graphics.Aspects2.Runtime.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000136704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Compone168638d1#40d424fc6a16594519daa1c689c89e50CLI.Component.Client.Shared.Private.ni.dll

2020-12-22 02:31 – 2020-12-22 02:31 – 000234496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Compone6692ca50#8da37d6cb8a205c82ae13d47ebad5ed0CLI.Component.Runtime.ni.dll

2020-12-22 02:31 – 2020-12-22 02:31 – 000929280 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Compone6bf88b08#754d3a7c5a1a4926b9f1135776a8c1fCLI.Component.Dashboard.ni.dll

2020-12-22 02:31 – 2020-12-22 02:31 – 000016896 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64DEM.Graphics.I07039d4ddaf3de969fda425ac69f13dba963DEM.Graphics.I0703.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64DEM.Graphics.I0706c25fa3a043afdf24b320131aa7b94af0DEM.Graphics.I0706.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000084480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64DEM.Graphics.I07097234dedea2336b99a9a5d0683afdd2f3DEM.Graphics.I0709.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000012288 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64DEM.Graphics.I0712a81b5967c5677f9df28ad5a6aa350bc7DEM.Graphics.I0712.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000018432 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64DEM.Graphics.I08048736bd1276a5b25a28d6d0c1e774bed0DEM.Graphics.I0804.ni.dll

2020-12-22 02:31 – 2020-12-22 02:31 – 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64DEM.Graphics.I080524c713fb7e27db9423067a526369684DEM.Graphics.I0805.ni.dll

2020-12-22 02:31 – 2020-12-22 02:31 – 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64DEM.Graphics.I08121ea55cb3e0e9eb8d22b1ce938834673DEM.Graphics.I0812.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64DEM.Graphics.I0906c4028bdc6e21646bb914aff5f5fcf6a6DEM.Graphics.I0906.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64DEM.Graphics.I0912e281200b255768cf133cdd28a9b76bbeDEM.Graphics.I0912.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000035840 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64DEM.Graphics.I1010700f1d3c7f1acfce2b1d50a06fb62308DEM.Graphics.I1010.ni.dll

2020-12-22 02:29 – 2020-12-22 02:29 – 001139200 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64Localizatio01dbc1c0#b4b1658b4b990236add1fdc4f881be4Localization.Foundation.Private.ni.dll

2020-12-22 02:31 – 2020-12-22 02:31 – 000244224 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64ResourceMan446ca0e5#41432a0338c479832c26b1573387fbb6ResourceManagement.Foundation.Implementation.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000023552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64ResourceManf163905a#868862dbc53fb7230ad4b87a09d34a15ResourceManagement.Foundation.Private.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000091648 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Aspect.ec8786e5#d346ccd31b9fba7f6d0c37fcb47bdc29CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll

2020-12-22 02:29 – 2020-12-22 02:29 – 002845696 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Caste.G60a7b4d1#17b3d8779e8932fe7c972a7121ecff53CLI.Caste.Graphics.Shared.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 003268096 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64CLI.Caste.G962aa464#eb508a50337ae084981276a067fbf4adCLI.Caste.Graphics.Runtime.ni.dll

2020-12-08 20:12 – 2009-03-05 07:28 – 000102400 ____R (ASUS) [File not signed] C:Program Files (x86)ASUSAsSysCtrlService1.00.03AsAcpi.dll

2020-12-22 00:17 – 2009-06-29 18:25 – 000069632 _____ (ASUS) [File not signed] C:Program Files (x86)ASUSEPU-6 EngineASACPI.DLL

2020-12-22 00:17 – 2009-08-27 21:41 – 000208896 _____ (AsusTek Inc.) [File not signed] C:Program Files (x86)ASUSEPU-6 EngineAiGear.dll

2021-05-26 16:09 – 2016-11-01 12:27 – 000090112 _____ (Brother Industries, Ltd.) [File not signed] C:Windowssystem32BrNetSti.dll

2021-05-25 22:58 – 2020-06-23 10:54 – 000660480 _____ (Helmut Buhler) [File not signed] C:Program FilesWindows Sidebardwmapi.dll

2021-05-25 21:56 – 2019-02-21 10:00 – 000078336 _____ (Igor Pavlov) [File not signed] C:Program Files7-Zip7-zip.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 000335360 _____ (Microsoft) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64Microsoft.W8090224c#d08f94aa74361f555a8348e097ca37bfMicrosoft.WindowsAPICodePack.ni.dll

2020-12-22 02:30 – 2020-12-22 02:30 – 002546688 _____ (Microsoft) [File not signed] C:WindowsassemblyNativeImages_v4.0.30319_64Microsoft.Wfbf9373c#21d6de9013f3886311cf40d9e69aa8d8Microsoft.WindowsAPICodePack.Shell.ni.dll

2010-01-22 13:29 – 2010-01-22 13:29 – 000086016 _____ (NEC Electronics Corporation) [File not signed] C:Program Files (x86)NEC ElectronicsUSB 3.0 Host Controller DriverApplicationnusb3mon.dll

2021-06-04 19:17 – 2020-10-29 09:31 – 000089088 _____ (publicspace.net) [File not signed] C:Program FilesBetter File Series 6BfrExt6.dll

 

==================== Alternate Data Streams (Whitelisted) ========

 

==================== Safe Mode (Whitelisted) ==================

 

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

 

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalAppXSvc => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalBFE => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalBITS => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalcamsvc => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalClipSvc => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimaldps => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimallfsvc => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMpsSvc => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalmsiserver => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalsemgrsvc => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalSharedAccess => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalshellhwdetection => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalTokenBroker => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalTweakingRemoveSafeBoot => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalvss => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalWSService => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkAppXSvc => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkBITS => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkcamsvc => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkClipSvc => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkdps => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworklfsvc => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmsiserver => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkSamSs => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworksemgrsvc => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkshellhwdetection => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworksrv => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworksrv2 => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworksrvnet => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkTokenBroker => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkTweakingRemoveSafeBoot => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkvss => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkWSService => “”=”Service”

 

==================== Association (Whitelisted) =================

 

==================== Internet Explorer (Version 11) (Whitelisted) ==========

 

BHO: IDM integration (IDMIEHlprObj Class) -> 0055C089-8582-441B-A0BF-17B458C2A3A8 -> C:Program Files (x86)Internet Download ManagerIDMIECC64.dll [2020-12-12] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)

BHO: RoboForm Toolbar Helper -> 724d43a9-0d85-11d4-9908-00400523e39a -> C:Program Files (x86)Siber SystemsAI RoboFormRoboForm-x64.dll [2021-05-26] (Siber Systems -> Siber Systems Inc.)

BHO: No Name -> A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A -> No File

BHO: Adobe Acrobat Create PDF Helper -> AE7CD045-E861-484f-8273-0445EE161910 -> C:Program Files (x86)Common FilesAdobeAcrobatWCIEActiveXDCx64AcroIEFavStub.dll [2021-04-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

BHO: Adobe Acrobat Create PDF from Selection -> F4971EE7-DAA0-4053-9964-665D8EE6A077 -> C:Program Files (x86)Common FilesAdobeAcrobatWCIEActiveXDCx64AcroIEFavStub.dll [2021-04-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

BHO-x32: IDM integration (IDMIEHlprObj Class) -> 0055C089-8582-441B-A0BF-17B458C2A3A8 -> C:Program Files (x86)Internet Download ManagerIDMIECC.dll [2020-12-12] (Tonec Inc. -> Internet Download Manager, Tonec Inc.)

BHO-x32: RoboForm Toolbar Helper -> 724d43a9-0d85-11d4-9908-00400523e39a -> C:Program Files (x86)Siber SystemsAI RoboFormroboform.dll [2021-05-26] (Siber Systems -> Siber Systems Inc.) [File not signed]

BHO-x32: No Name -> A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A -> No File

BHO-x32: Adobe Acrobat Create PDF Helper -> AE7CD045-E861-484f-8273-0445EE161910 -> C:Program Files (x86)Common FilesAdobeAcrobatWCIEActiveXDCAcroIEFavStub.dll [2021-04-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

BHO-x32: Adobe Acrobat Create PDF from Selection -> F4971EE7-DAA0-4053-9964-665D8EE6A077 -> C:Program Files (x86)Common FilesAdobeAcrobatWCIEActiveXDCAcroIEFavStub.dll [2021-04-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

Toolbar: HKLM – &RoboForm Toolbar – 724d43a0-0d85-11d4-9908-00400523e39a – C:Program Files (x86)Siber SystemsAI RoboFormRoboForm-x64.dll [2021-05-26] (Siber Systems -> Siber Systems Inc.)

Toolbar: HKLM – Adobe Acrobat Create PDF Toolbar – 47833539-D0C5-4125-9FA8-0819E2EAAC93 – C:Program Files (x86)Common FilesAdobeAcrobatWCIEActiveXDCx64AcroIEFavStub.dll [2021-04-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

Toolbar: HKLM – No Name – BFD9D8A8-57FF-488A-B919-065EC77CF82F –  No File

Toolbar: HKLM-x32 – &RoboForm Toolbar – 724d43a0-0d85-11d4-9908-00400523e39a – C:Program Files (x86)Siber SystemsAI RoboFormroboform.dll [2021-05-26] (Siber Systems -> Siber Systems Inc.) [File not signed]

Toolbar: HKLM-x32 – Adobe Acrobat Create PDF Toolbar – 47833539-D0C5-4125-9FA8-0819E2EAAC93 – C:Program Files (x86)Common FilesAdobeAcrobatWCIEActiveXDCAcroIEFavStub.dll [2021-04-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

Toolbar: HKLM-x32 – No Name – BFD9D8A8-57FF-488A-B919-065EC77CF82F –  No File

 

==================== Other Areas ===========================

 

(Currently there is no automatic fix for this section.)

 

HKUS-1-5-21-4152996346-4113304775-1243249153-1001Control PanelDesktop\Wallpaper -> 

DNS Servers: 1.1.1.1 – 1.0.0.1

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 0) (EnableLUA: 0)

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(If an entry is included in the fixlist, it will be removed.)

 

MSCONFIGServices: WinDefend => 2

MSCONFIGstartupfolder: C:^Users^MeeONLY^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk => C:WindowspssLogitech . Product Registration.lnk.Startup

MSCONFIGstartupreg: Acrobat Assistant 8.0 => “C:Program Files (x86)AdobeAcrobat DCAcrobatAcrotray.exe”

MSCONFIGstartupreg: AdobeAAMUpdater-1.0 => “C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe”

MSCONFIGstartupreg: AdobeGCInvoker-1.0 => “C:Program Files (x86)Common FilesAdobeAdobeGCClientAGCInvokerUtility.exe”

MSCONFIGstartupreg: ISUSPM => C:ProgramDataFLEXnetConnect11\isuspm.exe -scheduler

MSCONFIGstartupreg: MSC => “c:Program FilesMicrosoft Security Clientmsseces.exe” -hide -runkey

 

==================== FirewallRules (Whitelisted) ================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [SPPSVC-In-TCP] => (Allow) C:Windowssystem32sppsvc.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:Windowssystem32sppsvc.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [B02F67F4-E749-4BE7-8533-15B311B3D1D0] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [FFCB2C7A-4C5B-4832-BD98-CB4C498714EB] => (Allow) C:Program FilesMozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [F2163E3F-924D-4642-941D-0777CD73EFE9] => (Allow) LPort=54925

FirewallRules: [D4D1D042-4BE3-472B-9667-0656F81D5808] => (Allow) LPort=54950

FirewallRules: [F6E78B32-D315-4C1F-B9FB-3E09B83FB0BE] => (Allow) LPort=54955

FirewallRules: [171313AC-46B0-4CE1-AFE5-B166B7FA404E] => (Allow) c:program files (x86)pc-faxreceivebrengineprocess.exe (Brother Industries, Ltd.) [File not signed]

FirewallRules: [C8437A64-77A0-42A5-9A3E-16AF79A0BFB5] => (Allow) c:program files (x86)pc-faxreceivebrengineprocess.exe (Brother Industries, Ltd.) [File not signed]

FirewallRules: [593575EC-917F-4664-A16C-CAE1B27A74B4] => (Allow) C:Program FilesVueScanvuescan.exe (Hamrick Software -> Hamrick Software) [File not signed]

FirewallRules: [73D6A43D-6898-43D1-AF58-78AC33932C4A] => (Allow) C:Program FilesVueScanvuescan.exe (Hamrick Software -> Hamrick Software) [File not signed]

FirewallRules: [6632BDFA-0F53-4BAE-86B9-0B01323E5B5B] => (Allow) C:Program FilesqBittorrentqbittorrent.exe () [File not signed]

FirewallRules: [3ADC8DBF-8F23-47FC-B733-D2886291B603] => (Allow) C:Program FilesqBittorrentqbittorrent.exe () [File not signed]

FirewallRules: [C83B33DB-A495-4FE2-884E-A2E6490DE7F7] => (Allow) C:UsersMeeONLYAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [C87DCCC9-021A-4A82-AD32-A33E6A71FFCD] => (Allow) C:UsersMeeONLYAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [3394551C-0903-41DA-A6EE-ECFE77D4CC45] => (Allow) C:UsersMeeONLYAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [279A1445-14D3-4FA9-9811-73B23C5EF12C] => (Allow) C:UsersMeeONLYAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [4E6A5B1C-5BD1-43EB-82B5-53694F2E72E4] => (Allow) C:UsersMeeONLYAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [3FBAB8E1-E3DC-4084-9DE3-16A2E95E8FF1] => (Allow) C:UsersMeeONLYAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [TCP Query User010B1461-3858-4287-8473-7EDD4A8289F2E:portableappsgooglechromeportable64appchrome-binchrome.exe] => (Allow) E:portableappsgooglechromeportable64appchrome-binchrome.exe (Google LLC -> Google LLC)

FirewallRules: [UDP Query UserA20FE638-6871-40CE-AAB6-785BE2E0B05AE:portableappsgooglechromeportable64appchrome-binchrome.exe] => (Allow) E:portableappsgooglechromeportable64appchrome-binchrome.exe (Google LLC -> Google LLC)

FirewallRules: [TCP Query UserF0A935C0-01EE-4B88-8DE2-B84D50C4C769E:portableappsbraveappbrave.exe] => (Allow) E:portableappsbraveappbrave.exe (Brave Software, Inc. -> Brave Software, Inc.)

FirewallRules: [UDP Query User8612C565-2596-4B0E-960F-7A601234EA97E:portableappsbraveappbrave.exe] => (Allow) E:portableappsbraveappbrave.exe (Brave Software, Inc. -> Brave Software, Inc.)

FirewallRules: [9E0EB35B-D2E8-4806-B6BD-AF28C7709E2E] => (Allow) D:Program FilesNoxbinNox.exe (Nox Limited -> Duodian Technology Co. Ltd.)

FirewallRules: [431BBF4E-0BB5-4CCC-BAE0-5C93FC1D90BF] => (Allow) C:Program Files (x86)BignoxBigNoxVMRTNoxVMHandle.exe (Nox Limited -> Nox Limited Corporation)

FirewallRules: [TCP Query User0CAF6612-D410-49FB-98F3-D8FBFCAEBED8E:portableappsoperaportableappopera78.0.4093.112opera.exe] => (Allow) E:portableappsoperaportableappopera78.0.4093.112opera.exe (Opera Software AS -> Opera Software)

FirewallRules: [UDP Query UserD4E1D6B6-2319-48CB-9C33-32D141207F03E:portableappsoperaportableappopera78.0.4093.112opera.exe] => (Allow) E:portableappsoperaportableappopera78.0.4093.112opera.exe (Opera Software AS -> Opera Software)

FirewallRules: [D4410FD7-4C8F-4C69-BA59-310D35BABEA9] => (Allow) C:Program FilesqBittorrentqbittorrent.exe () [File not signed]

FirewallRules: [6C6539AA-6576-4BD1-AD3D-E017130C96A4] => (Allow) C:Program FilesqBittorrentqbittorrent.exe () [File not signed]

FirewallRules: [8A4376B5-292E-4984-A6A1-F5DE16C32439] => (Allow) C:Program Files (x86)GoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

 

==================== Restore Points =========================

 

22-08-2021 23:48:08 Installed PDFsam Basic

05-09-2021 12:59:51 Windows Update

 

==================== Faulty Device Manager Devices ============

 

 

==================== Event log errors: ========================

 

Application errors:

==================

Error: (09/05/2021 01:07:16 PM) (Source: Brother BrLog) (EventID: 1001) (User: )

Description: MTDLL BrtMTDLL: [2021/09/05 13:07:16.166]: [00004240]: Error GetInkSupplyType Send ( ErrCode == 5 )

 

Error: (09/05/2021 01:07:09 PM) (Source: Brother BrLog) (EventID: 1001) (User: )

Description: MTDLL BrtMTDLL: [2021/09/05 13:07:09.116]: [00004240]: Error GetInkSupplyType Send ( ErrCode == 5 )

 

Error: (09/05/2021 01:07:02 PM) (Source: Brother BrLog) (EventID: 1001) (User: )

Description: MTDLL BrtMTDLL: [2021/09/05 13:07:02.065]: [00004240]: Error GetInkSupplyType Send ( ErrCode == 5 )

 

Error: (09/05/2021 01:06:19 PM) (Source: Brother BrLog) (EventID: 1001) (User: )

Description: MTDLL BrtMTDLL: [2021/09/05 13:06:19.445]: [00004240]: Error GetInkSupplyType Send ( ErrCode == 5 )

 

Error: (09/05/2021 01:06:12 PM) (Source: Brother BrLog) (EventID: 1001) (User: )

Description: MTDLL BrtMTDLL: [2021/09/05 13:06:12.394]: [00004240]: Error GetInkSupplyType Send ( ErrCode == 5 )

 

Error: (09/05/2021 01:06:05 PM) (Source: Brother BrLog) (EventID: 1001) (User: )

Description: MTDLL BrtMTDLL: [2021/09/05 13:06:05.344]: [00004240]: Error GetInkSupplyType Send ( ErrCode == 5 )

 

Error: (09/05/2021 01:05:23 PM) (Source: Brother BrLog) (EventID: 1001) (User: )

Description: MTDLL BrtMTDLL: [2021/09/05 13:05:23.041]: [00004240]: Error GetInkSupplyType Send ( ErrCode == 5 )

 

Error: (09/05/2021 01:05:15 PM) (Source: Brother BrLog) (EventID: 1001) (User: )

Description: MTDLL BrtMTDLL: [2021/09/05 13:05:15.990]: [00004240]: Error GetInkSupplyType Send ( ErrCode == 5 )

 

 

System errors:

=============

Error: (09/05/2021 01:07:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

 

Error: (09/05/2021 01:07:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The BrYNSvc service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (09/05/2021 01:03:12 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

Description: The following fatal alert was received: 70.

 

Error: (09/05/2021 12:56:56 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )

Description: Service ‘WMPNetworkSvc’ did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error ‘0x80004005’. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

 

Error: (09/05/2021 12:54:01 PM) (Source: DCOM) (EventID: 10005) (User: )

Description: DCOM got error “1084” attempting to start the service WSearch with arguments “” in order to run the server:

9E175B6D-F52A-11D8-B9A5-505054503030

 

Error: (09/05/2021 12:54:01 PM) (Source: DCOM) (EventID: 10005) (User: )

Description: DCOM got error “1084” attempting to start the service WSearch with arguments “” in order to run the server:

7D096C5F-AC08-4F1F-BEB7-5C22C517CE39

 

Error: (09/05/2021 12:53:58 PM) (Source: DCOM) (EventID: 10005) (User: )

Description: DCOM got error “1084” attempting to start the service EventSystem with arguments “” in order to run the server:

1BE1F766-5536-11D1-B726-00C04FB926AF

 

Error: (09/05/2021 12:53:51 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: The following boot-start or system-start driver(s) failed to load: 

AsIO

discache

MpFilter

spldr

Wanarpv6

YSDrv

 

 

Windows Defender:

================

Date: 2019-05-28 01:39:01.093

Description: 

Windows Defender scan has been stopped before completion.

Scan Type:AntiSpyware

Scan Parameters:Quick Scan

 

Date: 2020-12-22 17:52:13.618

Description: 

Windows Defender has encountered an error trying to update the engine.

New Engine Version:1.1.17700.4

Previous Engine Version:1.1.6402.0

Update Source:User

Error Code:0x8050800c

Error description:An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support. 

 

Date: 2020-12-22 03:41:05.199

Description: 

Windows Defender has encountered an error trying to update the engine.

New Engine Version:1.1.17700.4

Previous Engine Version:1.1.6402.0

Update Source:User

Error Code:0x8050800c

Error description:An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support. 

 

Date: 2020-12-22 03:34:18.569

Description: 

Windows Defender has encountered an error trying to update the engine.

New Engine Version:1.1.17700.4

Previous Engine Version:1.1.6402.0

Update Source:User

Error Code:0x8050800c

Error description:An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support. 

 

Date: 2020-12-22 03:22:49.094

Description: 

Windows Defender has encountered an error trying to update the engine.

New Engine Version:1.1.17700.4

Previous Engine Version:1.1.6402.0

Update Source:User

Error Code:0x8050800c

Error description:An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support. 

 

Date: 2020-12-22 02:16:52.194

Description: 

Windows Defender has encountered an error trying to update the engine.

New Engine Version:1.1.17700.4

Previous Engine Version:1.1.6402.0

Update Source:User

Error Code:0x8050800c

Error description:An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support. 

 

==================== Memory info =========================== 

 

BIOS: American Megatrends Inc. 0303 05/25/2010

Motherboard: ASUSTeK Computer INC. P6X58D-E

Processor: Intel® Core™ i7 CPU 930 @ 2.80GHz

Percentage of memory in use: 57%

Total physical RAM: 6135.11 MB

Available physical RAM: 2620.11 MB

Total Virtual: 12268.37 MB

Available Virtual: 9117.04 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:1862.92 GB) (Free:1829.02 GB) NTFS

Drive d: (Seagate D) (Fixed) (Total:1863.02 GB) (Free:1552.75 GB) NTFS

Drive e: (Standalone) (Fixed) (Total:1863.01 GB) (Free:967.22 GB) NTFS

 

\?Volumed455b9cc-445c-11eb-a461-806e6f6e6963 (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

 

==================== MBR & Partition Table ====================

 

==========================================================

Disk: 0 (Size: 1863 GB) (Disk ID: A4B57300)

Partition 1: (Not Active) – (Size=1863 GB) – (Type=07 NTFS)

 

==========================================================

Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 93E0319B)

Partition 1: (Active) – (Size=100 MB) – (Type=07 NTFS)

Partition 2: (Not Active) – (Size=1862.9 GB) – (Type=07 NTFS)

 

==========================================================

Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: FBEA74AE)

Partition 1: (Not Active) – (Size=1863 GB) – (Type=0F Extended)

 

==================== End of Addition.txt =======================

Edited by Hmm888, Yesterday, 03:45 PM.

Next Post

How Moving to the Big 12 Affects the UCF Knights’ Olympic Sports

It’s pretty obvious how UCF’s reported move to the Big 12 will help its football and basketball programs. But what about the other sports? Which UCF Knights programs will benefit from the move? Who will see their schedules get significantly tougher? And what will be the storylines for those programs […]