Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-05-2023 01
Ran by skim8 (administrator) on AWESOMOUS (Dell Inc. G7 7700) (12-05-2023 19:55:00)
Running from C:\Users\skim8\OneDrive\Desktop\FRST64.exe
Loaded Profiles: skim8
Platform: Microsoft Windows 11 Home Version 22H2 22621.1702 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(A-Volute SAS -> A-Volute) C:\Users\skim8\AppData\Local\NhNotifSys\awsc\awscns.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.133\BraveCrashHandler.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.133\BraveCrashHandler64.exe
(C:\Fraps\fraps.exe ->) (Beepa Pty Ltd -> Beepa P/L) C:\Fraps\fraps64.dat
(C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe ->) (Malwarebytes Inc -> Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(C:\Program Files (x86)\SonicsVPN\sonicsvpn.exe ->) () [File not signed] C:\Program Files (x86)\SonicsVPN\data\flutter_assets\ClashAssets\sonics.exe
(C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe ->) (Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRApp.exe
(C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe ->) (Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRAppBS.exe
(C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe ->) (Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRAgent.exe
(C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe ->) (Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRAppPB.exe
(C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe ->) (Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
(C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe ->) (Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
(C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe ->) (Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Alienware\Alienware Command Center\AWCC.Service.exe ->) (Dell Inc -> Dell Technologies) C:\Program Files\Alienware\Alienware Command Center\AWCC.Background.Server.exe
(C:\Program Files\Alienware\Alienware Command Center\AWCC.Service.exe ->) (Dell Inc -> Dell Technologies) C:\Program Files\Alienware\Alienware Command Center\OCControlService\OCControl.Service.exe
(C:\Program Files\BiglyBT\BiglyBT.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserProcess.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\AnalyticsSubAgent\Dell.TechHub.Analytics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Inc -> ) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\ugeeTablet\ugeeTabletDriver.exe ->) (Hanvon Ugee Technology Co., Ltd. -> Hanvon Ugee Technology Co.) C:\Program Files\ugeeTablet\ugeeTablet.exe
(cmd.exe ->) (Bigly Software -> ) C:\Users\skim8\AppData\Roaming\BiglyBT\plugins\aznettor\BiglyBTTor.exe
(CRYPTOCOMPANY OÜ -> CRYPTOCOMPANY OU) C:\Program Files (x86)\CryptoCompany\Update\1.3.105.33\CryptoTabCrashHandler.exe
(CRYPTOCOMPANY OÜ -> CRYPTOCOMPANY OU) C:\Program Files (x86)\CryptoCompany\Update\1.3.105.33\CryptoTabCrashHandler64.exe
(drivers\RivetNetworks\Killer\KAPSService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPS.exe
(drivers\RivetNetworks\Killer\KNDBWMService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxEM.exe
(explorer.exe ->) (Azadi Network LLC -> ) C:\ProgramData\SharewareOnSale Notifier\SharewareOnSale Notifier.exe
(explorer.exe ->) (Bartels Media GmbH -> Bartels Media GmbH) C:\Program Files (x86)\PhraseExpress\phraseexpress.exe
(explorer.exe ->) (Bigly Software -> Bigly Software) C:\Program Files\BiglyBT\BiglyBT.exe
(explorer.exe ->) (Bright Data Ltd -> Bright Data Ltd.) C:\Program Files (x86)\EarnApp\earnapp.exe
(explorer.exe ->) (com.example) [File not signed] C:\Program Files (x86)\SonicsVPN\sonicsvpn.exe
(explorer.exe ->) (Hanvon Ugee Technology Co., Ltd. -> ) C:\Program Files\ugeeTablet\ugeeTabletDriver.exe
(explorer.exe ->) (Hewlett Packard -> HP Inc.) C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe
(explorer.exe ->) (IPRoyal Services FZE LLC -> IPRoyal) C:\Program Files\Pawns.app\Pawns.app.exe <5>
(explorer.exe ->) (Mega Limited -> Mega Limited) C:\Users\skim8\AppData\Local\MEGAsync\MEGAsync.exe
(explorer.exe ->) (Notion Labs, Inc. -> Notion Labs, Inc) C:\Users\skim8\AppData\Local\Programs\Notion\Notion.exe <9>
(explorer.exe ->) (Simple Coding Solutions LLC -> ) C:\Program Files (x86)\Peer2Profit\Peer2Profit.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.212\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.212\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <55>
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(Malwarebytes Inc -> Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\skim8\AppData\Local\MicrosoftAdvertisingEditor\app-11.30.15196\Microsoft.Advertising.Editor.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(OOO "XMAC" -> ) C:\Users\skim8\AppData\Roaming\Honeygain\Honeygain.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Bright Data Ltd -> BrightData Ltd. (certified)) C:\Program Files (x86)\EarnApp\net_updater32.exe
(services.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\ENS\ensserver.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\Fusion\FusionService.exe
(services.exe ->) (Dell Inc -> Dell INC.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Inc -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Inc -> Dell Technologies) C:\Program Files\Alienware\Alienware Command Center\AWCC.Service.exe
(services.exe ->) (Dell Inc -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_d6e4236a0f82e7b4\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_454f22d7cdb5b4cd\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_454f22d7cdb5b4cd\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d4564390a9b1e980\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\TbtP2pShortcutService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\ThunderboltService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPSService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Keepsolid Inc. -> KeepSolid Inc.) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordUpdater\NordUpdateService.exe
(services.exe ->) (nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvdmi.inf_amd64_3d50ed78ef5da3d8\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_44e42040d5543576\RtkAudUService64.exe <3>
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(services.exe ->) (Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(sihost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4779.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(sihost.exe ->) (F005DA31-7CE1-4D3E-ABEE-08A4AFF4F592 -> Dell Technologies) C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.5.46.0_x64__htrsf667h5kn2\GameLibrary\GameLibraryAppService.exe
(Slack Technologies, Inc. -> Slack Technologies Inc.) C:\Users\skim8\AppData\Local\slack\app-4.32.122\slack.exe <5>
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2317.9.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(svchost.exe ->) (Beepa Pty Ltd -> Beepa P/L) C:\Fraps\fraps.exe
(svchost.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS CleanGenius\bin\CleanGenius.exe
(svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4779.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (F005DA31-7CE1-4D3E-ABEE-08A4AFF4F592 -> Dell Technologies) C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.5.46.0_x64__htrsf667h5kn2\AWCC.exe
(svchost.exe ->) (GRETECH CORPORATION -> GOM & Company) C:\Program Files (x86)\GOM\GOMPlayer\GOM.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.OneNote_16001.14326.21386.0_x64__8wekyb3d8bbwe\onenoteim.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SecHealthUI_1000.25305.9000.0_x64__8wekyb3d8bbwe\SecHealthUI.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21422.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21422.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.11600.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <5>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\SecurityHealth\1.0.2303.28002-0\SecurityHealthHost.exe <2>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_44e42040d5543576\RtkAudUService64.exe [1591680 2022-09-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [PenTablet] => C:\Program Files\ugeeTablet\ugeeTabletDriver.exe [206968 2023-04-11] (Hanvon Ugee Technology Co., Ltd. -> )
HKLM-x32\...\Run: [CryptoTab Browser] => C:\Program Files\CryptoTab Browser\Application\browser.exe [2492928 2022-08-03] (CRYPTOCOMPANY OÜ -> The Chromium and CryptoTab Browser Authors)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [781552 2022-03-26] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2478800 2021-07-28] (Malwarebytes Inc -> Malwarebytes Corporation)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [291080 2022-12-14] (Intel Corporation -> Intel)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\Run: [SharewareOnSale Notifier] => C:\ProgramData\SharewareOnSale Notifier\SharewareOnSale Notifier.exe [1008816 2021-04-16] (Azadi Network LLC -> ) <==== ATTENTION
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\Run: [KakaoTalk] => C:\Program Files (x86)\Kakao\KakaoTalk\KakaoTalk.exe [23144032 2022-01-13] (Kakao corp. -> Kakao Corp.)
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4268456 2022-01-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\Run: [7 Taskbar Tweaker] => C:\Users\skim8\AppData\Local\Programs\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe [491120 2021-11-30] (Michael Maltsev -> RaMMicHaeL)
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\Run: [BlueJeans.Detector] => C:\Users\skim8\AppData\Local\BlueJeans\BlueJeans.Detector.exe [16376 2021-07-07] (Blue Jeans Network, Inc. -> BlueJeans)
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\Run: [Samsung DeX] => C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe [10484392 2021-07-01] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\Run: [Microsoft.Advertising.Editor] => C:\Users\skim8\AppData\Local\MicrosoftAdvertisingEditor\app-11.30.15196\Microsoft.Advertising.Editor.exe [6447584 2023-05-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\Run: [HP ENVY 4520 series (NET)] => C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe [3770504 2017-04-06] (Hewlett Packard -> HP Inc.)
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [253816 2022-08-03] (nordvpn s.a. -> TEFINCOM S.A.)
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [7592400 2023-05-04] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\Run: [EarnApp] => C:\Program Files (x86)\EarnApp\earnapp.exe [15470664 2023-05-08] (Bright Data Ltd -> Bright Data Ltd.)
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\Run: [Google Update] => C:\Users\skim8\AppData\Local\Google\Update\1.3.36.212\GoogleUpdateCore.exe [223000 2023-04-24] (Google LLC -> Google LLC)
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\Run: [electron.app.Pawns.app] => C:\Program Files\Pawns.app\Pawns.app.exe [149032536 2023-04-24] (IPRoyal Services FZE LLC -> IPRoyal)
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\Run: [Peer2Profit] => C:\Program Files (x86)\Peer2Profit\Peer2Profit.exe [2302840 2022-10-09] (Simple Coding Solutions LLC -> )
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\Run: [TeraBoxWeb] => C:\Users\skim8\AppData\Roaming\TeraBox\TeraBoxWebService.exe [1139056 2023-02-22] (FLEXTECH INC. -> Flextech Inc.)
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\Run: [electron.app.Poised] => C:\Users\skim8\AppData\Local\Programs\poise\Poised.exe (No File)
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\skim8\AppData\Local\slack\slack.exe [310584 2023-05-10] (Slack Technologies, Inc. -> Slack Technologies Inc.)
HKU\S-1-5-21-2649961789-1134712864-1179498568-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [61440 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP D711 Status Monitor: C:\Windows\system32\hpinkstsD711LM.dll [393352 2017-03-26] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{7D2B3E1D-D096-4594-9D8F-A6667F12E0AC}] -> C:\Program Files\CryptoTab Browser\Application\103.0.5060.134\Installer\chrmstp.exe [2022-08-22] (CRYPTOCOMPANY OÜ -> The Chromium and CryptoTab Browser Authors)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\113.0.5672.93\Installer\chrmstp.exe [2023-05-11] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\113.1.51.114\Installer\chrmstp.exe [2023-05-09] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{97E1814E-5601-41c8-9971-10C319EF61CC}] -> C:\WINDOWS\system32\SRCredentialProvider.dll [2022-01-11] (Splashtop Inc. -> Splashtop Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PhraseExpress.lnk [2022-05-31]
ShortcutTarget: PhraseExpress.lnk -> C:\Program Files (x86)\PhraseExpress\phraseexpress.exe (Bartels Media GmbH -> Bartels Media GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RescueTime.lnk [2021-06-30]
ShortcutTarget: RescueTime.lnk -> C:\Program Files (x86)\RescueTime\RescueTime.exe (RescueTime, Inc.) [File not signed]
Startup: C:\Users\skim8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HoneygainUpdater.lnk [2021-06-04]
ShortcutTarget: HoneygainUpdater.lnk -> C:\Users\skim8\AppData\Roaming\Honeygain\HoneygainUpdater.exe (OOO "XMAC" -> Honeygain)
Startup: C:\Users\skim8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Luminar AI.lnk [2022-12-14]
ShortcutTarget: Luminar AI.lnk -> C:\Program Files\Skylum\Luminar AI\Luminar AI.exe (Skylum Software USA, Inc. -> Skylum)
Startup: C:\Users\skim8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2022-03-05]
ShortcutTarget: MEGAsync.lnk -> C:\Users\skim8\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0240CBDC-A455-437F-8824-56943558F3E0} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2649961789-1134712864-1179498568-1001 => C:\Users\skim8\AppData\Local\MEGAsync\MEGAupdater.exe [2531504 2023-04-12] (Mega Limited -> )
Task: {0481C1B6-A3DF-4E44-8212-BDEEDF6AC03B} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\SupportAssistInstaller.exe [738144 2023-04-07] (Dell Inc -> Dell Inc.)
Task: {12A44B25-068D-4792-9EDD-05B04686C799} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2649961789-1134712864-1179498568-1001UA{D758DFCD-F438-4F17-8239-2E3F26BF00E9} => C:\Users\skim8\AppData\Local\Google\Update\GoogleUpdate.exe [171480 2022-11-08] (Google LLC -> Google LLC)
Task: {1B4E43F0-5A86-4C60-957C-111F7C9B1D01} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3978504 2021-07-29] (Easeware Technology Limited -> Easeware)
Task: {1CABABD5-FE8A-4D6C-BAA6-077E1766C5C1} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe/RunOnAC ReadyToReboot
Task: {2DCCAFB4-2494-4DB2-88A2-726C15F5D3DD} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-04-16] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {2EC7CBD3-2E50-4819-96D8-F40851E4D85F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => C:\WINDOWS\system32\MusNotification.exe/RunOnBattery ReadyToReboot
Task: {3EC45263-7404-4A6E-9DAC-467B68D62610} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5002480 2023-02-21] (Intel Corporation -> Intel Corporation)
Task: {4282A4B3-D554-405C-83B9-9FBE4546034C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {487544A3-485F-4B86-BB4F-A6A03977B8C1} - System32\Tasks\GoogleUpdateTaskMachineUA{12F1622C-6D4F-43D4-BDB2-62B15B76711D} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-10] (Google LLC -> Google LLC)
Task: {492B380F-236D-4C3C-8187-1A5E2641CAC6} - System32\Tasks\NahimicSvc64Run => C:\WINDOWS\system32\NahimicSvc64.exe [1098400 2022-07-15] (A-Volute SAS -> Nahimic)
Task: {4C92CD4B-065D-4165-BF80-03E805794377} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4E2113E1-2824-45FB-B881-AAC0A4AAFB3E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {573F886B-5684-434D-BB0B-59B51CC36169} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {584D96EF-F7BE-46E6-BB41-D88108B0D73E} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2022-01-31] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {5885687A-60BD-490C-B4F3-27FC0D7CF187} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe/s
Task: {58C68D94-3DEE-4050-B6E1-457186C315B6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {5A303D5E-2D99-4125-9B5E-2BB021222826} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5A87B6F6-B5E6-46DF-865A-5BD6CADBECB7} - System32\Tasks\AWCC\Update => C:\Program Files (x86)\InstallShield Installation Information\{D2DA930B-CB5D-4DD6-BF62-BE6C310A353D}\Update\IMSilentUpdate.exe [19888 2023-04-07] (Dell Inc -> )
Task: {5F04FAAB-E7B3-40AD-B381-1978C2548C14} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513320 2023-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {63FE0729-0051-4552-ACE4-E7F4CD14AFD8} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-04-16] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {6524F69C-F7FD-4CC2-8074-57767869BDB9} - System32\Tasks\GoogleUpdateTaskMachineCore{5E35D070-8178-45E7-91F9-E57EF3713D58} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-10] (Google LLC -> Google LLC)
Task: {691DA003-F152-4999-8DDD-1366DE8FC3EA} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6D25EEAC-6531-4906-BBA8-488827777169} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {826CBCAE-1D72-4A3C-B422-69552215861B} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [190816 2023-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {85DB5ACE-D15D-4CC0-B3C7-BC20A038695F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8D9D9535-AD44-4A3E-B126-05F754FD4E8A} - System32\Tasks\CryptoTabUpdateTaskMachineUA => C:\Program Files (x86)\CryptoCompany\Update\CryptoTabUpdate.exe [181288 2021-04-16] (CRYPTOCOMPANY OÜ -> CRYPTOCOMPANY OU)
Task: {9565510C-20DD-4F4F-BA47-1EE7A012FD9E} - System32\Tasks\CleanGenius => C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS CleanGenius\bin\CleanGenius.exe [610440 2022-03-24] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
Task: {98318420-16CB-4BF9-A19A-63D10A226452} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-s.kim89@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {9B87463B-0469-4E9C-B09D-494C5914A3CE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513320 2023-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {9FBE5D2E-F526-47B5-9309-76F6A6FA9EB1} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\WINDOWS\System32\Wscript.exe [200704 2023-05-09] (Microsoft Windows -> Microsoft Corporation) -> //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {A5D78222-5B89-44B4-9CDC-E19EF5F076B8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MpCmdRun.exe [1650024 2023-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {ADF5D6B3-DE0E-48B9-84E1-EEDED8F85ADE} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe--automatic
Task: {AEF3DC72-C98A-4F38-B688-D988818B5836} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2649961789-1134712864-1179498568-1001Core{7DBFC47E-4CC3-41DB-862B-995810DDE9F9} => C:\Users\skim8\AppData\Local\Google\Update\GoogleUpdate.exe [171480 2022-11-08] (Google LLC -> Google LLC)
Task: {AF659593-AC00-4495-BF7B-E7FBC13D9A7A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AFF7BA97-52CA-4120-8DFE-22905C1F9F35} - System32\Tasks\NahimicTask32 => C:\WINDOWS\system32\..\SysWOW64\NahimicSvc32.exe [837280 ] (A-Volute SAS -> Nahimic)
Task: {B439E8DD-E509-45DF-866C-23BE5450E609} - System32\Tasks\FRAPS => C:\Fraps\fraps.exe [2652760 2019-08-30] (Beepa Pty Ltd -> Beepa P/L)
Task: {BDABDBA4-1BC2-4A27-826E-53323ADC6797} - System32\Tasks\NahimicTask64 => C:\WINDOWS\system32\.\NahimicSvc64.exe [1098400 ] (A-Volute SAS -> Nahimic)
Task: {BE570586-0121-4CC6-9B35-673DA0B9D9F8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CAAAEC95-7C4E-4F3A-B986-C9AC6545FAEA} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => C:\WINDOWS\system32\MusNotification.exeLogonUpdateResults
Task: {CF33746A-947E-4359-9948-ED76B9A158E8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D07EAE0C-632B-4D56-9A35-728571714CB4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157664 2023-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {D4D2C5D3-297B-4336-9BD6-1131BC38C67D} - System32\Tasks\NahimicSvc32Run => C:\WINDOWS\SysWOW64\NahimicSvc32.exe [837280 2022-07-15] (A-Volute SAS -> Nahimic)
Task: {DE5C2800-CE86-4571-AD8B-C916F80492A7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {DF5E8D33-D94A-4E42-96EF-6A2134F806D6} - System32\Tasks\CryptoTabUpdateTaskMachineCore => C:\Program Files (x86)\CryptoCompany\Update\CryptoTabUpdate.exe [181288 2021-04-16] (CRYPTOCOMPANY OÜ -> CRYPTOCOMPANY OU)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {EE1135F8-814A-4BEC-B77C-4A3A7F1C7F19} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [157664 2023-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE29AEE6-FA62-4376-B9D8-49BB82D48470} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F28F1637-2026-48D7-87B4-05E964118DDA} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5002480 2023-02-21] (Intel Corporation -> Intel Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [S-1-5-21-2649961789-1134712864-1179498568-1001] => Proxy is enabled.
ProxyServer: [S-1-5-21-2649961789-1134712864-1179498568-1001] => 127.0.0.1:7890
Tcpip\Parameters: [DhcpNameServer] 64.71.255.204 64.71.255.198
Tcpip\..\Interfaces\{48ae4133-2012-491f-bf0f-e0b5afd0e991}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{48ae4133-2012-491f-bf0f-e0b5afd0e991}: [DhcpNameServer] 64.71.255.204 64.71.255.198
Tcpip\..\Interfaces\{ed60931c-1a22-4741-b30f-0e9c4075777b}: [DhcpNameServer] 172.22.255.204 172.22.255.206
ManualProxies: 1127.0.0.1:7890 <==== ATTENTION
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\skim8\AppData\Local\Microsoft\Edge\User Data\Default [2023-05-11]
Edge HomePage: Default -> hxxp://ads.microsoft.com/
Edge Session Restore: Default -> is enabled.
Edge Extension: (Loom for Edge) - C:\Users\skim8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\abeameknhmpmfegfbeioekonmhbmbpai [2022-06-22]
Edge Extension: (PayPal Honey: Automatic Coupons & Cash Back) - C:\Users\skim8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\amnbcmdbanbkjhnfoeceemmmdiepnbpp [2023-04-06]
Edge Extension: (LastPass: Free Password Manager) - C:\Users\skim8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bbcinlkgjjkejfdpemiealijmmooekmp [2023-04-29]
Edge Extension: (Social Blade) - C:\Users\skim8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2022-09-07] [UpdateUrl:hxxps://addon.socialblade.com/updates.json] <==== ATTENTION
Edge Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\skim8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cnlefmmeadmemmdciolhbnfeacpdfbkd [2023-04-29]
Edge Extension: (Email Exporter) - C:\Users\skim8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ecnfbegpagpeocjegnecbifjepfcpnhe [2023-05-05]
Edge Extension: (MetaMask) - C:\Users\skim8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ejbalbakoplchlghecdalmeeeajnimhm [2023-04-18]
Edge Extension: (Meta Pixel Helper) - C:\Users\skim8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2023-03-20]
Edge Extension: (Keywords Everywhere - Keyword Tool) - C:\Users\skim8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hbapdpeemoojbophdfndmlgdhppljgmp [2023-05-09]
Edge Extension: (Rakuten Button Canada) - C:\Users\skim8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\idpbkophnbfijcnlffdmmppgnncgappc [2022-10-28]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\skim8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-05-05]
Edge Extension: (WhatFont) - C:\Users\skim8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2022-06-22]
Edge Extension: (SimilarWeb - Traffic Rank & Website Analysis) - C:\Users\skim8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lgecefcjlholabgliikbfdifhdfbfnma [2022-06-22]
Edge Extension: (Cookie-Editor) - C:\Users\skim8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\neaplmfkghagebokkhpjpoebhdledlfi [2023-03-17]
Edge Extension: (UET Tag Helper (by Microsoft Advertising)) - C:\Users\skim8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nmcihgehpmokipeigjpeckphhdejjpbf [2021-06-16]
Edge Extension: (uBlock Origin) - C:\Users\skim8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2023-04-29]
Edge Extension: (ColorPick Eyedropper) - C:\Users\skim8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ohcpnigalekghcmgcdcenkpelffpdolg [2022-08-27]
Edge Extension: (vidIQ Vision for YouTube) - C:\Users\skim8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pachckjkecffpdphbpmfolblodfkgbhl [2023-04-29]
Edge Extension: (Sort for TikTok) - C:\Users\skim8\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\piiiffonpmeolocfghlpeolmdabhiemi [2022-06-22]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2022-03-26] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.CryptoTab.com/CryptoTab Update;version=3 -> C:\Program Files (x86)\CryptoCompany\Update\1.3.105.33\npCryptoTabUpdate3.dll [2021-08-08] (CRYPTOCOMPANY OÜ -> CRYPTOCOMPANY OU)
FF Plugin-x32: @tools.CryptoTab.com/CryptoTab Update;version=9 -> C:\Program Files (x86)\CryptoCompany\Update\1.3.105.33\npCryptoTabUpdate3.dll [2021-08-08] (CRYPTOCOMPANY OÜ -> CRYPTOCOMPANY OU)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2022-03-26] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default [2023-05-12]
CHR Notifications: Default -> hxxps://adbullion.everflowclient.io; hxxps://admin.plugrush.com; hxxps://app.airtm.com; hxxps://app.clickup.com; hxxps://app.impact.com; hxxps://app.marketplan.io; hxxps://app.scalenut.com; hxxps://app.slack.com; hxxps://business.facebook.com; hxxps://calendar.google.com; hxxps://crm.zoho.com; hxxps://dashboard.godaddy.com; hxxps://dcc.godaddy.com; hxxps://freesoff.com; hxxps://funkywithans.dashclicks.com; hxxps://giveaways.joinsurf.com; hxxps://go.adbullion.com; hxxps://gregoryfavorite.space; hxxps://in.godaddy.com; hxxps://mail.proton.me; hxxps://mail.protonmail.com; hxxps://mail.zoho.com; hxxps://meet.google.com; hxxps://outlook.office.com; hxxps://portal.smartadv.com; hxxps://sync.beatoven.ai; hxxps://trading.questrade.com; hxxps://www.facebook.com; hxxps://www.messenger.com; hxxps://www.netflix.com; hxxps://www.plugrush.com; hxxps://www.tiktok.com; hxxps://www.youtube.com; hxxps://www36.orvilleandrea.pro
CHR Session Restore: Default -> is enabled.
CHR Extension: (Superpower for ChatGPT) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\amhmeenmapldpjdedekalnfifgnpfnkc [2023-05-09]
CHR Extension: (PayPal Honey: Automatic Coupons & Cash Back) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2023-05-12]
CHR Extension: (Social Blade) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2022-09-09] [UpdateUrl:hxxps://addon.socialblade.com/updates.json] <==== ATTENTION
CHR Extension: (OneTab) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2023-04-15]
CHR Extension: (uBlock Origin) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-04-29]
CHR Extension: (Tampermonkey) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2022-11-30]
CHR Extension: (Meta Pixel Helper) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2023-03-21]
CHR Extension: (NordVPN - VPN Proxy for Privacy and Security) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2023-04-01]
CHR Extension: (Google Docs Offline) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-24]
CHR Extension: (Save to Google Drive) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2023-02-13]
CHR Extension: (Keywords Everywhere - Keyword Tool) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbapdpeemoojbophdfndmlgdhppljgmp [2023-05-09]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2023-05-05]
CHR Extension: (Cookie-Editor) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlkenndednhfkekhgcdicdfddnkalmdm [2023-03-13]
CHR Extension: (Similarweb - Traffic Rank & Website Analysis) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp [2023-04-29]
CHR Extension: (Rakuten Button Canada) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\idpbkophnbfijcnlffdmmppgnncgappc [2022-10-28]
CHR Extension: (Discussions button for Google Search™) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjiggoeheaondbmhmilpmbdkpgcjmdn [2023-04-24]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-05-05]
CHR Extension: (WhatFont) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2022-02-16]
CHR Extension: (Tag Assistant Companion) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmekfmbnaedfebfnmakmokmlfpblbfdm [2023-04-29]
CHR Extension: (Google Analytics Debugger) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnkmfdileelhofjcijamephohjechhna [2023-03-14]
CHR Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2023-05-12]
CHR Extension: (Tag Assistant Legacy (by Google)) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2022-12-25]
CHR Extension: (Loom – Screen Recorder & Screen Capture) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\liecbddmkiiihnedobmlmillhodjkdmb [2023-05-05]
CHR Extension: (Tag Assistant for Conversions Beta) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\llpfnmnallbompdmklfkcibfpcfpncdd [2022-12-25]
CHR Extension: (MetaMask) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-05-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-10]
CHR Extension: (UProc for LinkedIn) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\odfhegllgcagejmjbanonlofmllejfea [2023-05-02]
CHR Extension: (ColorPick Eyedropper) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohcpnigalekghcmgcdcenkpelffpdolg [2022-08-27]
CHR Extension: (Sort for TikTok) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\piiiffonpmeolocfghlpeolmdabhiemi [2022-02-24]
CHR Extension: (Podawaa - Get more Engagement on LinkedIn) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppgndohgacfggdpbcdlgibdkdknimfmn [2023-05-03]
CHR Extension: (Quick Proposal Generator) - C:\Users\skim8\OneDrive\Desktop\Quick Proposal Generator [2023-04-25]
CHR Profile: C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-05-11]
CHR Profile: C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-02-12]
CHR Extension: (NordVPN - VPN Proxy for Privacy and Security) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2023-01-28]
CHR Extension: (Google Docs Offline) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-28]
CHR Extension: (Save to Google Drive) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2023-01-28]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-02-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\skim8\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-01-28]
CHR Profile: C:\Users\skim8\AppData\Local\Google\Chrome\User Data\System Profile [2023-05-12]
CHR HKLM-x32\...\Chrome\Extension: [fjoaledfpmneenckfbpdfhkmimnjocfa]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Brave:
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-03-19]
BRA Notifications: Default -> hxxps://app.impact.com; hxxps://business.facebook.com; hxxps://mail.protonmail.com; hxxps://meet.google.com; hxxps://voice.google.com; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.netflix.com; hxxps://www.youtube.com
BRA Extension: (Google Translate) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-03-11]
BRA Extension: (Redirect Path) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aomidfkchockcldhbkggjokdkkebmdll [2021-06-03]
BRA Extension: (ColorZilla) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2021-07-12]
BRA Extension: (Mobile View Switcher) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bmhfelbhbkeoldaiphchjibggnoodpcj [2023-03-14]
BRA Extension: (PayPal Honey: Automatic Coupons & Cash Back) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2023-03-17]
BRA Extension: (Social Blade) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2022-09-09] [UpdateUrl:hxxps://addon.socialblade.com/updates.json] <==== ATTENTION
BRA Extension: (FUNNELBOT CF Page Copier) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cpiagapooikhbopmlcjnpphhmjiegcpi [2023-03-14]
BRA Extension: (User-Agent Switcher for Chrome) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2021-11-21]
BRA Extension: (Email Exporter) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ecnfbegpagpeocjegnecbifjepfcpnhe [2022-09-02]
BRA Extension: (L.O.C) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eojdckfcadamkapabechhbnkleligand [2023-03-14]
BRA Extension: (Simple Social Tools Audience Toolkit (Legacy)) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\epemanhmbacheecolglokjjbanjnmcae [2022-01-26]
BRA Extension: (Meta Pixel Helper) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2023-03-14]
BRA Extension: (NordVPN - VPN Proxy for Privacy and Security) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2023-03-17]
BRA Extension: (PinDown) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\flieckppkcgagklbnnhnkkeladdghogp [2021-10-12]
BRA Extension: (Tailwind – AI marketing content assistant) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gkbhgdhhefdphpikedbinecandoigdel [2023-03-17]
BRA Extension: (Keywords Everywhere - Keyword Tool) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\hbapdpeemoojbophdfndmlgdhppljgmp [2023-03-14]
BRA Extension: (LastPass: Free Password Manager) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2023-03-14]
BRA Extension: (Similarweb - Traffic Rank & Website Analysis) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp [2023-03-14]
BRA Extension: (Rakuten Button Canada) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\idpbkophnbfijcnlffdmmppgnncgappc [2023-03-14]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-03-14]
BRA Extension: (WhatFont) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2021-10-15]
BRA Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2023-03-16]
BRA Extension: (Loom – Screen Recorder & Screen Capture) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\liecbddmkiiihnedobmlmillhodjkdmb [2023-03-14]
BRA Extension: (Tag Assistant for Conversions Beta) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\llpfnmnallbompdmklfkcibfpcfpncdd [2023-03-14]
BRA Extension: (TubeBuddy) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mhkhmbddkmdggbhaaaodilponhnccicb [2023-03-17]
BRA Extension: (Video Speed Controller) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nffaoalbilbmmfgbnbgppjihopabppdk [2023-03-14]
BRA Extension: (MetaMask) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2022-10-06]
BRA Extension: (NoCoding Data Scraper - Easy Web Scraping) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ojaffphbffmdaicdkahnmihipclmepok [2023-03-18]
BRA Extension: (vidIQ Vision for YouTube) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\pachckjkecffpdphbpmfolblodfkgbhl [2023-03-14]
BRA Extension: (Sort for TikTok) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\piiiffonpmeolocfghlpeolmdabhiemi [2022-02-22]
BRA Extension: (Lead Grabber) - C:\Users\skim8\OneDrive\Documents\2022 Business Breakthrough\January 2022\Courses\Extensions\Lead Grabber [2022-02-07]
BRA Profile: C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Guest Profile [2023-03-19]
BRA Profile: C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 1 [2022-09-20]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-09-02]
BRA Profile: C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\System Profile [2023-03-19]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-03-19]
BRA Extension: (Brave NTP background images) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2022-09-03]
BRA Extension: (Wallet Data Files Updater) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-03-17]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-11-04]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2022-03-12]
BRA Extension: (Brave Ads Resources) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\emgmepnebbddgnkhfmhdhmjifkglkamo [2021-05-24]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-03-14]
BRA Extension: (Brave Ads Resources) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\gpaihfendegmjoffnpngjjhbipbioknd [2021-05-24]
BRA Extension: (Brave Ad Block Updater (Default (plaintext))) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-03-18]
BRA Extension: (Brave NTP sponsored images) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\jiacfhmaoegmmahbioiihgpfnjnklmoe [2023-03-18]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-03-12]
BRA Extension: (Brave Ads Resources) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\lgejdiamednlaeiknhnnjnkofmapfbbf [2023-03-14]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-03-15]
BRA Extension: (Brave Ads Resources) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\ocilmpijebaopmdifcomolmpigakocmo [2023-03-14]
BRA Extension: (Crypto Wallets) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\odbfpeeihdkbihmopkbjmoonfanlbfcl [2021-10-21]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\skim8\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-03-14]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844528 2022-03-26] (Adobe Inc. -> Adobe Inc.)
R2 AWCCService; C:\Program Files\Alienware\Alienware Command Center\AWCC.Service.exe [20912 2023-04-06] (Dell Inc -> Dell Technologies)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-04-16] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-04-16] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveVpnService; C:\Program Files\BraveSoftware\Brave-Browser\Application\113.1.51.114\brave_vpn_helper.exe [3029808 2023-05-09] (Brave Software, Inc. -> Brave Software, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11749288 2023-04-27] (Microsoft Corporation -> Microsoft Corporation)
S2 cryptobrowser; C:\Program Files (x86)\CryptoCompany\Update\CryptoTabUpdate.exe [181288 2021-04-16] (CRYPTOCOMPANY OÜ -> CRYPTOCOMPANY OU)
S3 cryptobrowserm; C:\Program Files (x86)\CryptoCompany\Update\CryptoTabUpdate.exe [181288 2021-04-16] (CRYPTOCOMPANY OÜ -> CRYPTOCOMPANY OU)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [458960 2023-03-14] (Dell Inc -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [161488 2023-03-14] (Dell Inc -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [484560 2023-03-14] (Dell Inc -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [55712 2022-11-07] (Dell Inc -> )
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [22224 2023-04-11] (Dell Inc -> Dell INC.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [49880 2023-01-19] (Dell Inc -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [156064 2022-12-09] (Dell Inc -> Dell)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [42248 2022-12-14] (Intel Corporation -> Intel)
S3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [207624 2022-12-14] (Intel Corporation -> Intel)
R2 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [27784 2022-05-12] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
R3 EPMVssEaseusProvider; C:\WINDOWS\system32\dllhost.exe /Processid:{5C33A6D2-69AE-4334-9140-CF0FAA494A97} [46416 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R2 FusionService; C:\Program Files\Dell\Fusion\FusionService.exe [19096 2021-10-13] (Dell Inc -> Dell Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [229328 2023-05-04] (HP Inc. -> HP Inc.)
S2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_5a9d4e2af428d38d\\AS\\IAS\\IntelAudioService.exe [412168 ] (Intel Corporation -> Intel)
R3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [75112 2022-06-09] (Intel Corporation -> Intel® Corporation)
R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [2433392 2022-06-09] (Intel Corporation -> Intel)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2893672 2022-06-09] (Intel Corporation -> Intel)
R3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [75112 2022-06-09] (Intel Corporation -> Intel® Corporation)
R2 luminati_net_updater_win_earnapp_com; C:\Program Files (x86)\EarnApp\net_updater32.exe [9226320 2023-05-08] (Bright Data Ltd -> BrightData Ltd. (certified))
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [154320 2021-07-28] (Malwarebytes Inc -> Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9245528 2023-05-10] (Malwarebytes Inc. -> Malwarebytes)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1926840 2022-07-15] (A-Volute SAS -> Nahimic)
S3 nordsec-threatprotection-service; C:\Program Files\NordVPN\NordSec ThreatProtection\nordsec-threatprotection-service.exe [310136 2021-06-11] (nordvpn s.a. -> TEFINCOM S.A.)
R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2022-11-21] (nordvpn s.a. -> nordvpn S.A.)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [254328 2022-08-03] (nordvpn s.a. -> TEFINCOM S.A.)
S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [115816 2021-11-15] (Proton Technologies AG -> )
S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [65128 2021-11-15] (Proton Technologies AG -> )
S3 ProtonVPN WireGuard; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe [50792 2021-11-15] (Proton Technologies AG -> )
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [160096 2023-04-07] (Dell Inc -> Dell Inc.)
R2 TbtP2pShortcutService; C:\WINDOWS\TbtP2pShortcutService.exe [256608 2022-06-29] (Intel Corporation -> Intel Corporation)
S3 TeraBoxUtility; C:\Users\skim8\AppData\Roaming\TeraBox\YunUtilityService.exe [113520 2023-02-22] (FLEXTECH INC. -> Flextech Inc.)
R2 VPNUnlimitedService; C:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe [48072 2023-02-10] (Keepsolid Inc. -> KeepSolid Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe [3216064 2023-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe [133544 2023-05-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WireGuardTunnel$VPNUWireguard; C:\Program Files (x86)\VPN Unlimited\WireVPNUImpl.exe [29128 2023-02-10] (Keepsolid Inc. -> )
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\113.1.51.114\elevation_service.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_3d50ed78ef5da3d8\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_3d50ed78ef5da3d8\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AWCCDriver; C:\WINDOWS\System32\drivers\AWCCDriver.sys [42440 2020-12-10] (IndiLogic LLC -> Dell Inc.)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [320728 2022-01-31] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [3819744 2018-07-25] (WDKTestCert cm359,131641702659254692 -> C-MEDIA)
R3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [46528 2023-03-14] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 e2k68cx21x64; C:\WINDOWS\System32\DriverStore\FileRepository\e2k68cx21x64.inf_amd64_6923790bf5486b87\e2k68cx21x64.sys [652272 2022-05-24] (Realtek Semiconductor Corp. -> Realtek)
R3 ecmntdrv; C:\WINDOWS\system32\ecmntdrv.sys [36280 2021-03-24] (CHENGDU YIWO Tech Development Co., Ltd. -> )
S3 epmdkdrv; C:\WINDOWS\system32\epmdkdrv.sys [36280 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows ® Codename Longhorn DDK provider)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [160176 2021-07-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 EUDCPEPM; C:\WINDOWS\System32\drivers\EUDCPEPM.sys [76344 2020-12-08] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUEDKEPM; C:\WINDOWS\system32\drivers\EUEDKEPM.sys [33712 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
R3 hanvonugeemfilter; C:\WINDOWS\System32\drivers\hanvonugeemfilter.sys [9728 2023-02-03] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo11X64.sys [186600 2022-06-09] (Intel Corporation -> Rivet Networks, LLC.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-05-11] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-06-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-05-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl4fdb363f; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1E0F8AFB-524B-48BF-B4B8-10462CD8471C}\MpKslDrv.sys [212264 2023-05-12] (Microsoft Windows -> Microsoft Corporation)
R2 NDivert; C:\Program Files\NordVPN\7.2.6.0\Drivers\NDivert.sys [131472 2022-06-28] (nordvpn s.a. -> Nordvpn S.A.)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [44928 2022-02-22] (nordvpn s.a. -> TEFINCOM S.A.)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-13] (Nvidia Corporation -> NVIDIA Corporation)
S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2020-08-21] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2017-04-20] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [49744 2022-06-29] (nordvpn s.a. -> The OpenVPN Project)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [174968 2021-01-07] (Oracle Corporation -> Oracle Corporation)
R3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [10752 2023-02-03] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2023-05-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-05-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-05-02] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29592 2022-10-12] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-05-12 18:40 - 2023-05-12 18:40 - 000684984 _____ (Mozilla Foundation) C:\Users\skim8\AppData\LocalLow\freebl3.dll
2023-05-12 18:40 - 2023-05-12 18:40 - 000627128 _____ (Mozilla Foundation) C:\Users\skim8\AppData\LocalLow\mozglue.dll
2023-05-12 18:40 - 2023-05-12 18:40 - 000254392 _____ (Mozilla Foundation) C:\Users\skim8\AppData\LocalLow\softokn3.dll
2023-05-12 17:27 - 2023-05-12 17:27 - 000000928 _____ C:\Users\skim8\Downloads\[Bitsearch.to]Avira Phantom VPN Pro v2.34.3.230352 Pre-Cracked CracksHash.zip.torrent
2023-05-12 17:15 - 2023-05-12 17:15 - 000007123 _____ C:\Users\skim8\Downloads\[Bitsearch.to]Betternet VPN For Windows 4.4.2 Premium Pre Cracked [CracksNow].torrent
2023-05-12 13:26 - 2023-05-12 13:26 - 000750108 _____ C:\Users\skim8\Downloads\UGEE User Manual (English).pdf
2023-05-12 03:18 - 2023-05-12 03:18 - 000003192 _____ C:\WINDOWS\system32\Tasks\FRAPS
2023-05-12 03:18 - 2023-05-12 03:18 - 000003108 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2023-05-12 03:18 - 2023-05-12 03:18 - 000003088 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2023-05-11 21:23 - 2023-05-11 21:23 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-05-11 21:23 - 2023-05-11 21:23 - 000002112 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-05-11 20:20 - 2023-05-11 20:20 - 000001191 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro 2023.lnk
2023-05-11 20:03 - 2023-05-11 20:03 - 000001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2023.lnk
2023-05-10 09:09 - 2023-05-12 05:38 - 000000000 ____D C:\Users\skim8\AppData\Roaming\Notion
2023-05-10 09:09 - 2023-05-12 04:54 - 000000000 ____D C:\Users\skim8\AppData\Local\notion-updater
2023-05-10 09:09 - 2023-05-10 09:09 - 000002260 _____ C:\Users\skim8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notion.lnk
2023-05-10 09:08 - 2023-05-10 09:08 - 095146264 _____ (Notion Labs, Inc) C:\Users\skim8\Downloads\Notion Setup 2.0.43.exe
2023-05-10 00:17 - 2023-05-12 03:19 - 000000000 ____D C:\Users\skim8\AppData\Local\Malwarebytes
2023-05-09 21:01 - 2023-05-09 21:01 - 000000000 ___HD C:\$WinREAgent
2023-05-09 19:19 - 2023-05-09 19:19 - 000000000 ____D C:\Users\skim8\AppData\Roaming\ugeeTablet
2023-05-09 19:19 - 2023-05-09 19:19 - 000000000 ____D C:\Users\skim8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pentablet
2023-05-09 19:19 - 2023-05-09 19:19 - 000000000 ____D C:\Program Files\ugeeTablet
2023-05-09 19:19 - 2023-02-03 17:02 - 000146944 _____ (TODO: <公司名>) C:\WINDOWS\system32\WinTab32.dll
2023-05-09 19:19 - 2023-02-03 17:02 - 000126464 _____ (TODO: <公司名>) C:\WINDOWS\SysWOW64\WinTab32.dll
2023-05-09 19:18 - 2023-05-09 19:18 - 023556527 _____ C:\Users\skim8\Downloads\ugeeWin_4.1.1.230411.zip
2023-05-08 21:15 - 2023-05-08 21:16 - 000178069 _____ C:\Users\skim8\Downloads\PimpMyMind-Tony-Robbins-Become-Unshakeable-Challenge-2023.torrent
2023-05-07 20:05 - 2023-04-26 12:47 - 002172472 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-05-07 20:05 - 2023-04-26 12:47 - 002172472 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-05-07 20:05 - 2023-04-26 12:47 - 001607736 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-05-07 20:05 - 2023-04-26 12:47 - 001607736 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-05-07 20:05 - 2023-04-26 12:47 - 001479216 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-05-07 20:05 - 2023-04-26 12:47 - 001479216 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-05-07 20:05 - 2023-04-26 12:47 - 001211448 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-05-07 20:05 - 2023-04-26 12:47 - 001211448 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-05-07 20:05 - 2023-04-26 12:46 - 001487872 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-05-07 20:05 - 2023-04-26 12:46 - 001226736 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-05-07 20:05 - 2023-04-26 12:43 - 001536512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2023-05-07 20:05 - 2023-04-26 12:43 - 001194480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2023-05-07 20:05 - 2023-04-26 12:43 - 000851968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2023-05-07 20:05 - 2023-04-26 12:43 - 000671256 _____ C:\WINDOWS\system32\nvofapi64.dll
2023-05-07 20:05 - 2023-04-26 12:43 - 000506352 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2023-05-07 20:05 - 2023-04-26 12:42 - 002166296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2023-05-07 20:05 - 2023-04-26 12:42 - 001621016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2023-05-07 20:05 - 2023-04-26 12:42 - 000979456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2023-05-07 20:05 - 2023-04-26 12:42 - 000758768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2023-05-07 20:05 - 2023-04-26 12:42 - 000741400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2023-05-07 20:05 - 2023-04-26 12:41 - 013769216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2023-05-07 20:05 - 2023-04-26 12:41 - 011650048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2023-05-07 20:05 - 2023-04-26 12:41 - 006083568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2023-05-07 20:05 - 2023-04-26 12:41 - 005911024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2023-05-07 20:05 - 2023-04-26 12:41 - 005835288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2023-05-07 20:05 - 2023-04-26 12:41 - 003430448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2023-05-07 20:05 - 2023-04-26 12:41 - 000457712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2023-05-07 20:05 - 2023-04-26 12:40 - 000853016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2023-05-07 20:05 - 2023-04-26 12:39 - 007935568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2023-05-07 20:05 - 2023-04-26 12:39 - 006798792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2023-05-07 20:05 - 2023-04-25 19:34 - 000104369 _____ C:\WINDOWS\system32\nvinfo.pb
2023-05-07 13:21 - 2023-05-11 20:18 - 000000000 ____D C:\Program Files\SO Viewer
2023-05-07 13:16 - 2023-05-07 13:17 - 099658432 _____ (Smart Oculus LLC) C:\Users\skim8\Downloads\SO_Viewer_Setup.exe
2023-05-06 09:05 - 2023-05-06 09:05 - 000003368 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2649961789-1134712864-1179498568-1001
2023-05-06 09:05 - 2023-05-06 09:05 - 000002420 _____ C:\Users\skim8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-05-04 12:28 - 2023-05-04 12:28 - 000003948 _____ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate
2023-04-29 08:16 - 2023-04-29 08:16 - 000000000 ____D C:\WINDOWS\Panther
2023-04-28 16:32 - 2023-04-28 16:32 - 000173469 _____ C:\Users\skim8\Downloads\andrew-fox-affiliate-millionaire-my-super-affiliate-builder-bundle.torrent
2023-04-26 17:08 - 2023-04-26 17:08 - 000001881 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pawns.app.lnk
2023-04-26 17:08 - 2023-04-26 17:08 - 000000000 ____D C:\Users\skim8\AppData\Local\pawns.app-updater
2023-04-26 17:07 - 2023-04-26 17:07 - 172481800 _____ (IPRoyal) C:\Users\skim8\Downloads\Pawns Setup.exe
2023-04-26 16:02 - 2023-04-26 16:03 - 287063096 _____ (Krisp Technologies, Inc.) C:\Users\skim8\Downloads\Krisp_2.18.6.exe
2023-04-26 04:36 - 2023-04-26 04:36 - 364188552 _____ C:\Users\skim8\Downloads\Unconfirmed 324949.crdownload
2023-04-26 00:50 - 2023-04-26 00:50 - 000000000 ____D C:\Users\skim8\AppData\Local\pip
2023-04-26 00:31 - 2023-04-26 00:37 - 000000000 ____D C:\Users\skim8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.11
2023-04-26 00:30 - 2023-04-26 00:30 - 025347040 _____ (Python Software Foundation) C:\Users\skim8\Downloads\python-3.11.3-amd64.exe
2023-04-24 12:49 - 2023-04-24 12:49 - 000000000 ____D C:\Users\skim8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Ads Editor
2023-04-21 00:05 - 2023-04-21 00:05 - 000068717 _____ C:\Users\skim8\Downloads\PimpMyMind-Todd-Herman-Alter-Ego-Effect-Masterclass.torrent
2023-04-20 23:49 - 2023-04-20 23:49 - 000072593 _____ C:\Users\skim8\Downloads\PimpMyMind-Paul-Mascetta-Maverick-Persuasion.torrent
2023-04-20 23:33 - 2023-04-20 23:33 - 000015933 _____ C:\Users\skim8\Downloads\PimpMyMind-Earl-Nightingale-Lead-The-Field-personal-dev.-series.torrent
2023-04-20 23:30 - 2023-04-20 23:31 - 000009287 _____ C:\Users\skim8\Downloads\PimpMyMind-Lynda-Falkenstein-How-To-Get-Niched-Get-Noticed-Get-Clients.torrent
2023-04-20 23:00 - 2023-04-20 23:00 - 000023590 _____ C:\Users\skim8\Downloads\PimpMyMind-Michael-Breen-–-The-Art-Skills-Of-Nested-Story-Telling (1).torrent
2023-04-20 22:09 - 2023-04-20 22:09 - 000057682 _____ C:\Users\skim8\Downloads\PimpMyMind-Jordan-Peterson-Personality.torrent
2023-04-20 21:57 - 2023-04-20 21:57 - 000175042 _____ C:\Users\skim8\Downloads\PimpMyMind-Joshua-Elder-Inner-Circle.torrent
2023-04-17 22:10 - 2023-04-24 03:01 - 000000000 ____D C:\Users\skim8\AppData\Roaming\Poised
2023-04-17 22:10 - 2023-04-17 22:10 - 000000000 ____D C:\Users\skim8\AppData\Local\poise-updater
2023-04-17 22:09 - 2023-04-17 22:10 - 074367128 _____ (Vicky Sehrawat) C:\Users\skim8\Downloads\Poised Setup 2.12.98-x64.exe
2023-04-15 16:59 - 2023-04-15 16:59 - 000000002 _____ C:\Users\skim8\Downloads\Unconfirmed 139407.crdownload
2023-04-14 09:56 - 2023-04-14 09:56 - 000384096 _____ (LogMeIn, Inc.) C:\Users\skim8\Downloads\GoTo Webinar Opener.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-05-12 19:56 - 2021-08-03 12:09 - 000000000 ____D C:\Users\skim8\AppData\Roaming\BiglyBT
2023-05-12 19:55 - 2021-02-21 15:58 - 000000000 ____D C:\FRST
2023-05-12 19:19 - 2022-04-20 09:08 - 000000000 ____D C:\Users\skim8\AppData\Roaming\Slack
2023-05-12 18:56 - 2022-02-07 17:00 - 000000000 ____D C:\Program Files (x86)\Google
2023-05-12 18:46 - 2022-05-07 01:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-05-12 18:08 - 2021-08-03 12:09 - 000000000 ____D C:\Users\skim8\OneDrive\Documents\BiglyBT Downloads
2023-05-12 12:33 - 2022-11-08 02:23 - 000000000 ____D C:\Users\skim8\AppData\Local\D3DSCache
2023-05-12 12:25 - 2021-04-16 17:11 - 000000000 ____D C:\Users\skim8\AppData\Local\CrashDumps
2023-05-12 12:25 - 2020-12-10 06:29 - 000000000 ____D C:\ProgramData\NVIDIA
2023-05-12 11:12 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\Registration
2023-05-12 10:10 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-05-12 04:45 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-05-12 03:19 - 2022-11-20 14:42 - 000000000 ____D C:\Users\skim8\AppData\Roaming\client-gui-electron
2023-05-12 03:19 - 2022-05-07 01:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-05-12 03:19 - 2021-10-26 21:21 - 000000000 ____D C:\Users\skim8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation
2023-05-12 03:19 - 2021-10-26 21:21 - 000000000 ____D C:\Users\skim8\AppData\Local\MicrosoftAdvertisingEditor
2023-05-12 03:18 - 2022-11-08 02:19 - 000003486 _____ C:\WINDOWS\system32\Tasks\CleanGenius
2023-05-12 03:18 - 2021-03-11 00:48 - 000000000 ____D C:\Fraps
2023-05-12 03:18 - 2020-12-22 20:24 - 000000000 __SHD C:\Users\skim8\IntelGraphicsProfiles
2023-05-11 21:51 - 2020-12-10 06:35 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2023-05-11 21:39 - 2022-11-08 02:18 - 000850372 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-05-11 21:39 - 2022-05-07 01:22 - 000000000 ____D C:\WINDOWS\INF
2023-05-11 21:34 - 2022-12-19 12:35 - 000012288 ___SH C:\DumpStack.log.tmp
2023-05-11 21:34 - 2022-11-08 02:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-05-11 21:34 - 2022-11-08 02:13 - 001306512 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-05-11 21:34 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\ServiceState
2023-05-11 21:34 - 2020-12-10 06:17 - 000000000 ____D C:\Intel
2023-05-11 21:33 - 2022-05-07 01:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-05-11 21:33 - 2022-05-07 01:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-05-11 21:33 - 2022-05-07 01:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-05-11 21:33 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\UUS
2023-05-11 21:33 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-05-11 21:33 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-05-11 21:33 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-05-11 21:33 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-05-11 21:33 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-05-11 21:33 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-05-11 21:33 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2023-05-11 21:33 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\setup
2023-05-11 21:33 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-05-11 21:33 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-05-11 21:33 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-05-11 21:33 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-05-11 21:33 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-05-11 21:33 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-05-11 21:33 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\Provisioning
2023-05-11 21:33 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-05-11 21:33 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-05-11 21:32 - 2022-05-07 01:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-05-11 21:31 - 2022-04-28 22:08 - 000000000 ____D C:\Users\skim8\OneDrive\Documents\PhraseExpress
2023-05-11 20:22 - 2022-09-12 11:26 - 000000000 ____D C:\Users\skim8\AppData\Roaming\com.adobe.dunamis
2023-05-11 20:22 - 2021-04-16 15:48 - 000000000 ____D C:\Users\skim8\AppData\Roaming\Adobe
2023-05-11 20:22 - 2020-12-22 20:26 - 000000000 ___RD C:\Users\skim8\OneDrive
2023-05-11 20:20 - 2021-04-16 19:17 - 000000000 ____D C:\Program Files\Common Files\Adobe
2023-05-11 20:20 - 2021-04-16 19:17 - 000000000 ____D C:\Program Files\Adobe
2023-05-11 20:15 - 2022-10-10 13:48 - 000000000 ____D C:\Program Files (x86)\Email Sender Deluxe
2023-05-11 20:08 - 2022-03-26 16:55 - 000000000 ___RD C:\Users\skim8\Creative Cloud Files
2023-05-11 20:07 - 2021-04-16 19:15 - 000000000 ____D C:\Users\skim8\AppData\Local\Adobe
2023-05-11 20:07 - 2020-12-30 06:04 - 000000000 ____D C:\Users\skim8\OneDrive\Documents\Adobe
2023-05-11 20:03 - 2021-04-16 19:59 - 000000000 ____D C:\Program Files (x86)\Adobe
2023-05-11 06:43 - 2023-03-16 12:59 - 000000000 ____D C:\Users\skim8\OneDrive\Documents\AI Gen F
2023-05-11 02:51 - 2022-02-10 11:31 - 000002286 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-05-10 13:08 - 2022-04-20 09:08 - 000000000 ____D C:\Users\skim8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc
2023-05-10 13:08 - 2022-04-20 09:08 - 000000000 ____D C:\Users\skim8\AppData\Local\slack
2023-05-10 04:00 - 2021-04-16 16:51 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-05-10 03:56 - 2021-04-16 16:51 - 159583304 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-05-09 22:14 - 2021-04-16 15:55 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2023-05-09 21:06 - 2022-05-07 01:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-05-09 21:03 - 2022-11-08 02:14 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-05-09 20:08 - 2022-11-08 02:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-05-09 20:07 - 2022-11-08 02:14 - 000000000 ____D C:\Users\skim8
2023-05-09 04:59 - 2021-04-16 19:37 - 000000000 ____D C:\Users\skim8\AppData\Roaming\obs-studio
2023-05-07 17:17 - 2020-12-10 06:19 - 000002475 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-05-07 13:17 - 2020-12-10 06:27 - 000000000 ____D C:\ProgramData\Package Cache
2023-05-06 09:05 - 2022-11-08 02:19 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2649961789-1134712864-1179498568-1001
2023-05-05 05:07 - 2022-03-10 19:41 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2023-05-05 05:05 - 2022-11-08 02:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2023-05-04 12:28 - 2020-12-10 06:26 - 000000000 ____D C:\Program Files\Dell
2023-05-04 12:24 - 2020-12-10 06:26 - 000000000 ____D C:\Program Files (x86)\Dell
2023-05-04 08:04 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2023-05-02 19:49 - 2021-04-16 16:54 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-05-02 19:49 - 2021-04-16 15:14 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-05-01 06:12 - 2022-02-03 07:21 - 000000000 ____D C:\Users\skim8\AppData\Roaming\Code
2023-05-01 05:09 - 2022-12-30 16:35 - 000000000 ____D C:\Users\skim8\OneDrive\Documents\2023 Business Take-Off
2023-04-30 15:02 - 2022-10-22 10:08 - 000000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2023-04-28 20:54 - 2020-12-10 06:47 - 000000000 ____D C:\Program Files\Microsoft Office
2023-04-27 12:21 - 2022-04-06 09:59 - 000000000 ____D C:\Program Files\dotnet
2023-04-26 17:09 - 2021-04-17 18:53 - 000000000 ____D C:\Users\skim8\AppData\Roaming\ip_royal_paws
2023-04-26 17:08 - 2022-11-20 14:42 - 000000000 ____D C:\Program Files\Pawns.app
2023-04-26 00:48 - 2022-11-08 02:14 - 000000000 ____D C:\Users\skim8\AppData\Roaming\Microsoft\Windows
2023-04-26 00:37 - 2021-08-04 12:01 - 000000000 ____D C:\Users\skim8\AppData\Local\Package Cache
2023-04-24 17:12 - 2022-10-19 16:26 - 000000000 ____D C:\Users\skim8\AppData\Roaming\LetsExtract
2023-04-24 17:00 - 2021-05-21 01:26 - 000000000 ____D C:\ProgramData\boost_interprocess
2023-04-24 12:43 - 2022-11-08 08:32 - 000004054 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2649961789-1134712864-1179498568-1001UA{D758DFCD-F438-4F17-8239-2E3F26BF00E9}
2023-04-24 12:43 - 2022-11-08 08:32 - 000003786 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2649961789-1134712864-1179498568-1001Core{7DBFC47E-4CC3-41DB-862B-995810DDE9F9}
2023-04-24 11:51 - 2022-11-08 02:19 - 000003790 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{12F1622C-6D4F-43D4-BDB2-62B15B76711D}
2023-04-24 11:51 - 2022-11-08 02:19 - 000003666 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{5E35D070-8178-45E7-91F9-E57EF3713D58}
2023-04-23 01:47 - 2022-01-20 14:26 - 000000000 ____D C:\Users\skim8\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2023-04-21 09:24 - 2021-09-13 20:54 - 000000000 ____D C:\Users\skim8\AppData\Roaming\audacity
2023-04-20 12:02 - 2021-04-27 20:22 - 000000000 ____D C:\Users\skim8\AppData\Roaming\Zoom
2023-04-19 21:56 - 2021-04-16 17:35 - 000000000 _____ C:\end
2023-04-19 21:55 - 2020-12-22 21:31 - 000007176 _____ C:\nsispromotion_log.txt
2023-04-15 20:00 - 2022-09-24 19:12 - 000000000 ____D C:\Users\skim8\AppData\Roaming\Descript
2023-04-15 15:41 - 2021-04-16 15:48 - 000000000 ____D C:\Users\skim8\AppData\Local\Packages
2023-04-14 09:46 - 2022-11-08 02:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\AWCC
2023-04-14 09:45 - 2020-12-10 06:32 - 000000000 ____D C:\Program Files\Alienware
2023-04-14 09:45 - 2020-12-10 06:26 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2023-04-13 14:48 - 2021-06-17 02:00 - 000000000 ____D C:\Users\skim8\AppData\Roaming\Microsoft\Excel
2023-04-13 02:31 - 2022-10-20 19:16 - 000079352 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2023-04-13 02:31 - 2022-10-20 19:16 - 000062968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2023-04-13 02:31 - 2021-11-19 17:45 - 000165368 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2023-04-13 02:31 - 2021-04-16 16:07 - 002790904 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2023-04-13 02:31 - 2021-04-16 16:07 - 000484856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2023-04-13 02:31 - 2021-04-16 16:07 - 000202232 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2023-04-13 02:31 - 2021-04-16 16:07 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2023-04-12 06:28 - 2022-03-05 16:12 - 000000000 ____D C:\Users\skim8\AppData\Local\MEGAsync
2023-04-12 06:24 - 2022-05-07 01:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
==================== Files in the root of some directories ========
2022-10-12 15:29 - 2022-10-13 09:30 - 000000033 _____ () C:\Users\skim8\AppData\Roaming\aesrecord.dat
2022-10-12 16:01 - 2022-10-13 09:31 - 000000055 _____ () C:\Users\skim8\AppData\Roaming\aesusername.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-05-2023 01
Ran by skim8 (12-05-2023 19:56:51)
Running from C:\Users\skim8\OneDrive\Desktop
Microsoft Windows 11 Home Version 22H2 22621.1702 (X64) (2022-11-08 06:19:28)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2649961789-1134712864-1179498568-500 - Administrator - Disabled)
Awesomous (S-1-5-21-2649961789-1134712864-1179498568-1002 - Administrator - Enabled) => C:\Users\Awesomous
DefaultAccount (S-1-5-21-2649961789-1134712864-1179498568-503 - Limited - Disabled)
Guest (S-1-5-21-2649961789-1134712864-1179498568-501 - Limited - Disabled)
skim8 (S-1-5-21-2649961789-1134712864-1179498568-1001 - Administrator - Enabled) => C:\Users\skim8
WDAGUtilityAccount (S-1-5-21-2649961789-1134712864-1179498568-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7+ Taskbar Tweaker v5.12.3 (HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\7 Taskbar Tweaker) (Version: 5.12.3 - RaMMicHaeL)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 23.001.20174 - Adobe)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.6.5.58 - Adobe Inc.)
Adobe Photoshop 2023 (HKLM-x32\...\PHSP_24_4_1) (Version: 24.4.1.449 - Adobe Inc.)
Adobe premier (HKLM\...\{A33A5D8E-C860-48A7-B8DF-11B354570F70}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Premiere (HKLM\...\{C1CB876C-A08E-4692-B525-42848BD154D7}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro 2023 (HKLM-x32\...\PPRO_23_3) (Version: 23.3 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Advanced Mouse Auto Clicker 4.2.1 (HKLM-x32\...\{ABB3A44C-97D0-466E-A0E8-562FAEBEF689}_is1) (Version: - Advanced Mouse Auto Clicker Ltd.)
Alienware CC Components for AWCC (1.1.38.0) (HKLM\...\Alienware CC Components for AWCC) (Version: 1.1.38.0 - Dell Inc) Hidden
Alienware Command Center Package Manager (HKLM-x32\...\{D2DA930B-CB5D-4DD6-BF62-BE6C310A353D}) (Version: 5.5.46.0 - Dell Inc.)
Alienware Command Center Suite (HKLM\...\{D9FFE2A8-3C65-4AAD-9939-D58F8090559B}) (Version: 5.5.46.0 - Dell Inc.) Hidden
Alienware Command Center Suite (HKLM-x32\...\InstallShield_{D9FFE2A8-3C65-4AAD-9939-D58F8090559B}) (Version: 5.5.46.0 - Dell Inc.) Hidden
Alienware FX Display Smart Installer (2.2.14.1) (HKLM\...\AWFXDisp_SmartInstaller) (Version: 2.2.14.1 - Dell Inc) Hidden
Alienware FX Display001 Smart Installer (2.4.1.205) (HKLM\...\{ACFDF14D-FCE6-4D6E-AD2B-BEFAF66FDAF4}_is1) (Version: 2.4.1.205 - Dell Inc.) Hidden
Alienware OC Controls (HKLM-x32\...\{24b87c1a-6ce2-4d88-ba35-c17b38acba62}) (Version: 1.4.26.1430 - Dell Inc) Hidden
Alienware OCControls Service Installer (HKLM\...\{9CF48D33-288D-473E-8323-03266FEEDA9C}) (Version: 1.4.26.1430 - DELL Inc) Hidden
Audacity 3.0.0 (HKLM-x32\...\Audacity_is1) (Version: 3.0.0 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BiglyBT (HKLM\...\0112-2557-8304-7048) (Version: 3.3.0.0 - Bigly Software)
Blackmagic RAW Common Components (HKLM\...\{EA2A465C-C315-4C71-B3C2-87589F000DFE}) (Version: 2.6 - Blackmagic Design)
BlueJeans (HKLM\...\{C6ADE026-5C99-44D9-B0A2-728E5F160B32}) (Version: 2.30.280 - BlueJeans Network, Inc.) Hidden
BlueJeans (HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\{dde2996d-599f-4cd8-8f12-f12586f5cfe3}) (Version: 2.30.280 - BlueJeans Network, Inc.)
BlueStacks 5 (HKLM\...\BlueStacks_nxt) (Version: 5.5.101.1002 - BlueStack Systems, Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 113.1.51.114 - Brave Software Inc)
CapCut (HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\CapCut) (Version: 1.5.0.230 - Bytedance Pte. Ltd.)
CryptoTab Browser (HKLM-x32\...\CryptoTab Browser) (Version: 103.0.5060.134 - The CryptoTab Browser Authors)
DaVinci Resolve (HKLM\...\{FB7E3D36-D727-40EA-823A-3207802871FE}) (Version: 18.0.10003 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{7667C543-084F-47F7-BC60-175FC25E9D6F}) (Version: 2.0.1.0 - Blackmagic Design)
Dell Digital Delivery Services (HKLM-x32\...\{CF95CED4-3A1E-4486-B7FA-428C25D617ED}) (Version: 5.0.64.0 - Dell Inc.)
Dell Mobile Connect Drivers (HKLM\...\{2D27B76E-8FB1-495B-A61D-FB76349E7E36}) (Version: 3.1.9518 - Screenovate Technologies Ltd.)
Dell SupportAssist (HKLM\...\{6D3561B7-19AA-438B-9C83-CD2CED199472}) (Version: 3.14.0.91 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{FFFED431-EF80-4C39-A66E-E11BC7413D33}) (Version: 5.5.5.16206 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{cff56899-3afb-4fe1-aeec-a0474836d1cd}) (Version: 5.5.5.16206 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{0ACC4393-7CDB-4512-800B-0404A9DF75E6}) (Version: 5.5.6.18729 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{3238f3fe-4c2d-4438-8bfd-e6bb87adb36e}) (Version: 5.5.6.18729 - Dell Inc.)
Dell Update for Windows Universal (HKLM\...\{F68DA8E2-38B6-47A7-AB62-BFE8B740F792}) (Version: 4.7.0 - Dell Inc.)
Descript 61.1.2-release.20230404.14496 (HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\47d4069d-eba1-5137-bc5f-9c138f7a3859) (Version: 61.1.2-release.20230404.14496 - Descript, Inc.)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\Discord) (Version: 1.0.9001 - Discord Inc.)
Driver Easy 5.7.0 (HKLM\...\DriverEasy_is1) (Version: 5.7.0 - Easeware)
Dynamic Application Loader Host Interface Service (HKLM\...\{ECFC785A-9107-4259-9288-0ABC86C0F6AB}) (Version: 1.0.0.0 - Intel Corporation) Hidden
EarnApp (HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\EarnApp) (Version: 1.379.187 - Bright Data Ltd.)
EaseUS CleanGenius 2.4.1 (HKLM-x32\...\EaseUS CleanGenius_is1) (Version: - EaseUS)
EaseUS Partition Master (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
Exodus (HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\exodus) (Version: 22.1.28 - Exodus Movement Inc)
Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.13 - Blackmagic Design)
FileZilla Client 3.57.0 (HKLM-x32\...\FileZilla Client) (Version: 3.57.0 - Tim Kosse)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Fusion Service (HKLM\...\{599709E7-DD10-4FF5-96D5-7C6F6B5F62C0}) (Version: 1.92.22.0 - Dell.Inc) Hidden
Fusion Service (HKLM-x32\...\{81ce0187-37c1-4c23-8387-44454e1796ad}) (Version: 1.92.22.0 - Dell.Inc)
Geekersoft PDF Editor V (HKLM-x32\...\{0D9126FC-C7E7-4DF1-9160-088C1BA9A2D4}_is1) (Version: - AmindPDF LIMITED)
GitHub Desktop (HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\GitHubDesktop) (Version: 2.9.6 - GitHub, Inc.)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.86.5354 - GOM & Company)
Google Ads Editor (HKLM-x32\...\{AC929DD3-DFC7-11ED-AD43-E04F43E69459}) (Version: 14.3.4.0 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 113.0.5672.93 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.105.33 - CRYPTOCOMPANY) Hidden
Honeygain (HKLM-x32\...\{C1922E93-B15E-460D-9C01-53E71109C2C6}) (Version: 0.10.2.0 - Honeygain)
HP ENVY 4520 series Basic Device Software (HKLM\...\{B46D9E8C-10FE-4873-996B-CA9EA3D7D9FE}) (Version: 40.11.1122.1796 - HP Inc.)
Intel Driver && Support Assistant (HKLM-x32\...\{E4EC6B50-5A65-41DD-AC35-E1839BF685E8}) (Version: 22.8.50.7 - Intel) Hidden
Intel Software Package (HKLM-x32\...\{e1d93543-7ba0-4927-aa7f-09c5fc7f25df}) (Version: 8.7.10600.20700 - Intel) Hidden
Intel® Computing Improvement Program (HKLM\...\{318C30A1-C7AF-414E-890F-6345E6E0FD33}) (Version: 2.4.09084 - Intel Corporation)
Intel® Dynamic Tuning (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.7.10600.20700 - Intel Corporation)
Intel® Dynamic Tuning Technology (HKLM-x32\...\{7a82309b-956d-4788-8207-25897660c3d6}) (Version: 8.7.10400.15556 - Intel) Hidden
Intel® Graphics Driver Software (HKLM-x32\...\{18b616d9-4adb-4666-82ce-a8a4337bd269}) (Version: 3.11.1.0 - Intel) Hidden
Intel® Icls (HKLM\...\{27946170-623E-45A2-9D7F-BEC95A5B78E6}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® LMS (HKLM\...\{364EE9BC-EB74-4436-B502-FA8FF2F7153F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2036.15.0.1835 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{DCC7FC90-C9BC-445B-A12B-ACC4278102BA}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{FEAA68D6-DA1D-4440-91B6-43906444FA49}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Driver (HKLM\...\{E34D6B17-6F86-49F8-AECB-DE7B543A5960}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® SUR QC Software Asset Manager (HKLM\...\{B3804557-9824-4918-AA88-0DFAC94CD3B5}) (Version: 3.5.5033 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000060-0220-1033-84C8-B8D95FA3C8C3}) (Version: 22.60.0.6 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{ff7ef6db-5d66-4ebe-827f-09d6cea8ee1e}) (Version: 22.8.50.7 - Intel)
Intel® Integrated Sensor Solution (HKLM-x32\...\{9e9834fd-84c9-48ce-af83-b764428095d5}) (Version: 3.10.100.4122 - Intel Corporation)
ISS_Drivers_x64 (HKLM\...\{AB85BCD8-DF2C-4F8B-9C68-239C04C43873}) (Version: 3.10.100.4122 - Intel Corporation) Hidden
KakaoTalk (HKLM-x32\...\KakaoTalk) (Version: 3.3.7.3028 - Kakao Corp.)
KC Softwares DUMo (HKLM-x32\...\KC Softwares DUMo_is1) (Version: 2.23.6.116 - KC Softwares)
Killer Performance Driver Suite UWD (HKLM\...\{52BBFCF6-CC8C-4E55-8651-75C6990A53C4}) (Version: 3.0.1571 - Rivet Networks)
KMPlayer 64X (HKLM\...\KMPlayer 64X) (Version: 2023.2.9.11 - PandoraTV)
LatencyMon 7.00 (HKLM\...\LatencyMon_is1) (Version: - Resplendence Software Projects Sp.)
League of Legends (HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Ledger Live 2.39.2 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.39.2 - Ledger Live Team)
Library Update for SendBlaster 1.0 (HKLM-x32\...\01F6DC69-1B4C-4C3C-95DC-BB8299081126_is1) (Version: 1.0.0 - Delivery Tech Corp)
LibreOffice 7.1.2.2 (HKLM\...\{07426A34-E0CD-4EC4-843B-F7A47C7BC835}) (Version: 7.1.2.2 - The Document Foundation)
LightPDF Editor V1.3.1.0 (HKLM-x32\...\{161C8BF4-DB06-49A7-B6AC-7CAB7DAF136F}_is1) (Version: 1.3.1.0 - Apowersoft LIMITED)
Luminar AI (HKLM\...\Luminar AI) (Version: 1.5.3.10043 - Skylum)
Malwarebytes Anti-Exploit version 1.13.2.401 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.13.2.401 - Malwarebytes)
Malwarebytes version 4.5.27.262 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.27.262 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Core Host - 3.1.23 (x86) (HKLM-x32\...\{50C787F3-AD71-498F-96AE-748293C32704}) (Version: 24.92.31022 - Microsoft Corporation) Hidden
Microsoft .NET Core Host - 3.1.28 (x64) (HKLM\...\{26ECE92F-518E-40AF-9108-7B7B444A46DE}) (Version: 24.112.31513 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.23 (x64) (HKLM\...\{7FF9BE57-3115-4282-BC9A-7FAB77C27235}) (Version: 24.92.31022 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.23 (x86) (HKLM-x32\...\{C3E7A321-C146-47B7-9E3B-706A21031272}) (Version: 24.92.31022 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.28 (x64) (HKLM\...\{CDEA72F4-1367-4E0A-AC5F-0EBAF7C6825A}) (Version: 24.112.31513 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.23 (x64) (HKLM\...\{81EDF4A0-FC57-48C3-B26A-E90C2DC266CE}) (Version: 24.92.31022 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.23 (x86) (HKLM-x32\...\{E40BC6AB-5820-4457-A2B9-2C628F8C7BFA}) (Version: 24.92.31022 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.28 (x64) (HKLM\...\{3691148D-EF42-4812-8956-AE11FC413B8D}) (Version: 24.112.31513 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.28 (x64) (HKLM-x32\...\{231e3b76-4d0f-4e60-9d69-f11c9c448630}) (Version: 3.1.28.31513 - Microsoft Corporation)
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.14 (x64) (HKLM\...\{40D4EC44-91F8-4EEE-869E-F4B3E90E6688}) (Version: 48.59.55225 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.14 (x64) (HKLM\...\{D1726E78-81F3-40A2-A7AF-6286BAA49B1C}) (Version: 48.59.55225 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.14 (x64) (HKLM\...\{61202CF9-3B84-4E5A-91A1-2984FAE38259}) (Version: 48.59.55225 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.14 (x64) (HKLM-x32\...\{a75f0c38-355e-478f-b573-1dbc42915c5c}) (Version: 6.0.14.32123 - Microsoft Corporation)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.16327.20214 - Microsoft Corporation)
Microsoft Advertising Editor (HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\MicrosoftAdvertisingEditor) (Version: 11.30.15196 - Microsoft Corporation)
Microsoft Advertising Intelligence (HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\82CCF9920C12A7C15ACA520823A1483B69C73FC1) (Version: 9.4.2.2 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 113.0.1774.35 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 113.0.1774.35 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\OneDriveSetup.exe) (Version: 23.081.0416.0001 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{B9274744-8BAE-4874-8E59-2610919CD419}) (Version: 11.4.7001.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{43D501A5-E5E3-46EC-8F33-9E15D2A2CBD5}) (Version: 5.70.0.0 - Microsoft Corporation)
Microsoft Visual Basic/C++ Runtime (x86) (HKLM-x32\...\{C5E3A69D-D391-45A6-A8FB-00B01E2B010D}) (Version: 1.1.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31921 (HKLM\...\{EB61ACFC-A91D-47FD-A4FF-17E29ED06794}) (Version: 14.34.31921 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31921 (HKLM\...\{5CD0C440-0D9B-435D-B5CF-CC20E04C669B}) (Version: 14.34.31921 - Microsoft Corporation)
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.77.3 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.23 (x64) (HKLM\...\{4456FDE5-AAE9-4E03-9B34-0D9A476CEF5A}) (Version: 24.92.31022 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.23 (x64) (HKLM-x32\...\{d2f91fed-8a18-4071-b8d3-22606fa9a9f6}) (Version: 3.1.23.31022 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.23 (x86) (HKLM-x32\...\{32D405E8-E1B0-4E1D-BCFF-B9FE5AB15F7E}) (Version: 24.92.31022 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.23 (x86) (HKLM-x32\...\{b8f5b50f-4b72-421e-ac78-130b4bce05d1}) (Version: 3.1.23.31022 - Microsoft Corporation)
n8n 1.3.0 (HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\65db1fc2-4db9-5559-92df-4a9103101aae) (Version: 1.3.0 - n8n GmbH)
NordUpdater (HKLM\...\{6E35DB82-3D19-4DD6-B8CB-F082815FDE18}_is1) (Version: 1.3.0.160 - Nord Security)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 7.2.6.0 - Nord Security)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
Notion 2.0.43 (HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\fcdf0d7f-424b-5f10-a1c7-a8f643f21adf) (Version: 2.0.43 - Notion Labs, Inc)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.112 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.112 - NVIDIA Corporation)
NVIDIA Graphics Driver 531.79 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 531.79 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16327.20200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OptaneDowngradeGuard (HKLM\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Pawns.app 1.20.3 (HKLM\...\5eab1cd3-3b84-5b3c-8e4b-54edfa81aaec) (Version: 1.20.3 - IPRoyal)
Peer2Profit (HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\{a5cb7856-8006-4381-a613-8eff7569ad7d}) (Version: 0.53 - Peer2Profit)
PhraseExpress v15.0.95 (HKLM-x32\...\PhraseExpress_is1) (Version: 15.0.95 - Bartels Media GmbH)
ProtonVPN (HKLM-x32\...\{FBEC385C-5D3B-4827-9879-F157FA9E349F}) (Version: 1.24.2 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.24.2) (Version: 1.24.2 - Proton Technologies AG)
ProtonVPNTap (HKLM-x32\...\{5DA710E2-1B81-4675-BFC5-76BAF63AE1F6}) (Version: 1.1.3 - Proton Technologies AG)
ProtonVPNTun (HKLM-x32\...\{C953D354-0C14-4CB5-AB42-0A9E40F55857}) (Version: 0.13.0 - Proton Technologies AG)
Python 3.11.3 (64-bit) (HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\{c6a7d2cb-61ea-4f5e-bc56-95faa938bacf}) (Version: 3.11.3150.0 - Python Software Foundation)
Python 3.11.3 Add to Path (64-bit) (HKLM\...\{9EB782CC-B2A5-4B67-BFEC-C91F5B755CAF}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Core Interpreter (64-bit) (HKLM\...\{611F1238-29A9-495F-B1F4-CFFCC98D9421}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Development Libraries (64-bit) (HKLM\...\{D307D056-AF62-4F53-810E-052AAAF0EFB2}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Documentation (64-bit) (HKLM\...\{25DC2A6F-FDC2-40D0-AA9D-3BF392BDF500}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Executables (64-bit) (HKLM\...\{A2BCB6C1-272D-437F-A5BC-92431FC521B4}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 pip Bootstrap (64-bit) (HKLM\...\{55BEEF7A-9288-497D-B5CE-960D2F3C70A3}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Standard Library (64-bit) (HKLM\...\{0D289858-69D1-4CB6-946E-659F028DDC27}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Tcl/Tk Support (64-bit) (HKLM\...\{C321A7FC-E479-4E2A-AA09-2698EFEA4CA3}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Test Suite (64-bit) (HKLM\...\{BA9ABB78-751C-4488-80A9-60E44290C060}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python 3.11.3 Utility Scripts (64-bit) (HKLM\...\{5BF6CA5B-E057-413A-B87A-CCD47600E465}) (Version: 3.11.3150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{C41DB702-D72D-40F4-A2B3-5BAC2DCA2DF2}) (Version: 3.11.3150.0 - Python Software Foundation)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9045.1 - Realtek Semiconductor Corp.)
RescueTime 2.16.8.2 (HKLM-x32\...\{2505571C-03B3-4F9F-AC35-33F1CB4B5E9E}_is1) (Version: - RescueTime.com)
RivaTuner Statistics Server 7.3.0 (HKLM-x32\...\RTSS) (Version: 7.3.0 - Unwinder)
RstDowngradeGuard (HKLM\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Samsung DeX (HKLM-x32\...\{2EB6072C-55E0-4AA0-A851-A34A5D64F6C9}) (Version: 2.0.1.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung DeX (HKLM-x32\...\{3d6025db-b129-4813-84ac-91328af71882}) (Version: 2.0.1.2 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.43.0 - Samsung Electronics Co., Ltd.)
SEO Checker (HKLM-x32\...\SEO Checker_is1) (Version: 5.7.0.0 - VOVSOFT)
SharewareOnSale Notifier (HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\SharewareOnSale Notifier) (Version: 20 - SharewareOnSale)
Slack (HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\slack) (Version: 4.32.122 - Slack Technologies Inc.)
SO Viewer Installation (HKLM-x32\...\{b21a6a23-6394-4a9e-b428-17704bfa1a21}) (Version: 1.4.0.0 - Smart Oculus LLC) Hidden
soft Xpansion Perfect PDF 9 Editor (HKLM-x32\...\{287693CB-6770-4CAD-9436-55C02CFBF4C9}) (Version: 9.0.1.3 - soft Xpansion)
SonicsVPN version 1.0.1 (HKLM-x32\...\{322D63D0-677F-4CBF-8C31-407146F746D3}_is1) (Version: 1.0.1 - SonicsVPN, Inc.)
Sparkol VideoScribe (HKLM\...\{5D91C1C1-044F-4F38-A203-21D0A60507C3}) (Version: 3.6.11 - Sparkol) Hidden
Sparkol VideoScribe (HKLM-x32\...\Sparkol VideoScribe 3.6.11) (Version: 3.6.11 - Sparkol)
Speech to Text Converter (HKLM-x32\...\Speech to Text Converter_is1) (Version: 1.2.0.0 - VOVSOFT)
Splashtop Personal (HKLM-x32\...\{E7CF0F14-8C1D-41F3-85ED-579C108262C7}) (Version: 3.4.8.5 - Splashtop Inc.)
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.20 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 3.5.6.0 - Splashtop Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Telegram Desktop version 4.2.4 (HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.2.4 - Telegram FZ-LLC)
TeraBox (HKLM-x32\...\TeraBox) (Version: 1.15.1 - Flextech Inc.)
Text-R (HKLM-x32\...\Text-R_is1) (Version: 2.0.0.0 - ASCOMP Software GmbH)
TreeSize Free V4.6.2 (64 bit) (HKLM\...\TreeSize Free_is1) (Version: 4.6.2 - JAM Software)
ugeeTablet (HKLM\...\{4D963093-F3C4-4096-B784-438A8652D16F}_is1) (Version: 4.1.1.230411 - UGEE Technology)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
VantageFX MT4 (HKLM-x32\...\VantageFX MT4) (Version: 4.00 - MetaQuotes Ltd.)
Video Spin Blaster Pro Plus v2.42 [ ViP Licensed ] (HKLM-x32\...\{98687C2C-5F08-4415-9D2D-67DEC6C2F381}_is1) (Version: 2.42.0.0 - Dr.FarFar)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
VPN Unlimited 8.6.4 (HKLM-x32\...\{DC24521E-872B-41AF-93EA-FE477902D6FB}_is1) (Version: 8.6.4 - KeepSolid Inc.)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.7.0 - Azureus Software, Inc.)
Webby 1.4.13 (HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\771a5a74-2c75-5f60-852c-c3e290e4cdbb) (Version: 1.4.13 - Webby)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinRAR 6.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.01.0 - win.rar GmbH)
Wise Video Player 1.2.9 (HKLM-x32\...\Wise Video Player_is1) (Version: 1.2.9 - WiseCleaner.com, Inc.)
Zoom (HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\ZoomUMX) (Version: 5.13.3 (11494) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc [2022-03-26] (Adobe Systems Incorporated)
Alienware Command Center -> C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.5.46.0_x64__htrsf667h5kn2 [2023-05-09] (Dell Inc)
Alienware FX AW20 -> C:\Program Files\WindowsApps\DellInc.Alienware.FXAW20_1.3.3.0_x64__htrsf667h5kn2 [2023-05-09] (Dell Inc)
Alienware OC Controls -> C:\Program Files\WindowsApps\DellInc.423703F9C7E0E_1.4.4.0_x64__htrsf667h5kn2 [2023-05-09] (Dell Inc)
Alienware Sound Center -> C:\Program Files\WindowsApps\DellInc.AlienwareSoundCenter_1.5.13.0_x64__htrsf667h5kn2 [2023-05-09] (Dell Inc)
Dell Cinema Guide -> C:\Program Files\WindowsApps\DellInc.DellCinemaGuide_1.0.49.0_x64__htrsf667h5kn2 [2022-05-18] (Dell Inc)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.4.9.0_x64__htrsf667h5kn2 [2023-04-10] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_5.0.64.0_x64__htrsf667h5kn2 [2023-03-19] (Dell Inc)
Dell Mobile Connect 3.3 -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0 [2023-03-19] (Screenovate Technologies) [Startup Task]
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.14.4.0_x64__htrsf667h5kn2 [2023-05-11] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_4.7.31.0_x86__htrsf667h5kn2 [2022-11-02] (Dell Inc)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.17.945.0_x64__rz1tebttyb220 [2023-05-08] (Dolby Laboratories)
Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2023.315.1.0_x64__8xx8rvfyw5nnt [2023-05-12] (Meta)
Gaming Promo -> C:\Program Files\WindowsApps\DellInc.3926769DBC762_1.0.7.0_x64__htrsf667h5kn2 [2021-04-16] (Dell Inc)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_145.2.1084.0_x64__v10z8vjag6ke6 [2023-05-06] (HP Inc.)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1037.0_x64__8j3eq9eme6ctt [2023-03-19] (INTEL CORP)
Killer Intelligence Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_3.1222.608.0_x64__rh07ty8m5nkag [2022-08-29] (Rivet Networks LLC) [Startup Task]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2303.28003.0_x64__8wekyb3d8bbwe [2023-04-13] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.39.0_x64__8wekyb3d8bbwe [2023-01-04] (Microsoft Corp.)
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-05-05] (Microsoft Corporation)
ms-resource:Appname -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.3006.0_x64__8wekyb3d8bbwe [2023-05-09] (Microsoft Corporation)
ms-resource:DisplayName -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2023-03-19] (McAfee LLC.)
ms-resource:OEMAppName -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.16.0_x64__xbfy0k16fey96 [2023-04-22] (Dropbox Inc.)
ms-resource:System_Item_Title_IntelGraphicsControlPanel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4779.0_x64__8j3eq9eme6ctt [2023-04-14] (INTEL CORP) [Startup Task]
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_2.2.4.0_x64__htrsf667h5kn2 [2023-03-19] (Dell Inc)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-05-07] (NVIDIA Corp.)
Partner Promo -> C:\Program Files\WindowsApps\DellInc.PartnerPromo_1.0.21.0_x64__htrsf667h5kn2 [2021-04-16] (Dell Inc)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-02-01] (Microsoft Corporation)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2022-03-28] (Adobe Systems Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.39.279.0_x64__dt26b99r8h8gj [2022-12-11] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-19] (Microsoft Studios) [MS Ad]
Thunderbolt™ Control Center -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.36.0_x64__8j3eq9eme6ctt [2022-09-23] (INTEL CORP)
TikTok -> C:\Program Files\WindowsApps\BytedancePte.Ltd.TikTok_1.0.5.0_neutral__6yccndn6064se [2023-05-12] (Bytedance Pte. Ltd.)
WebcamOnDesktop -> C:\Program Files\WindowsApps\62302TobiasHarmes.WebcamOnDesktop_1.0.9.0_x64__mgfwc5dxafxf6 [2023-03-21] (Tobias Harmes)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2317.9.0_x64__cv1g1gvanyjgm [2023-05-12] (WhatsApp Inc.) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2649961789-1134712864-1179498568-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-2649961789-1134712864-1179498568-1001_Classes\CLSID\{1F9E0710-2073-435F-9C1B-F29946205947}\InprocServer32 -> C:\Users\skim8\AppData\Local\Google\Update\1.3.36.152\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2649961789-1134712864-1179498568-1001_Classes\CLSID\{2919A592-BF5E-4AF5-A658-84454D70841E}\InprocServer32 -> C:\Users\skim8\AppData\Local\Google\Update\1.3.36.202\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2649961789-1134712864-1179498568-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-2649961789-1134712864-1179498568-1001_Classes\CLSID\{444c3d34-4024-4c6f-a9da-b47eed58ceb6}\localserver32 -> C:\Program Files\Skylum\Luminar AI\Luminar AI.exe (Skylum Software USA, Inc. -> Skylum)
CustomCLSID: HKU\S-1-5-21-2649961789-1134712864-1179498568-1001_Classes\CLSID\{5D44759C-CF3F-433D-9EA0-267E45577C77}\InprocServer32 -> C:\Users\skim8\AppData\Local\Google\Update\1.3.36.212\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2649961789-1134712864-1179498568-1001_Classes\CLSID\{679F137C-3162-45da-BE3C-2F9C3D093F64}\Shell\Open\Command -> C:\Users\skim8\AppData\Roaming\TeraBox\TeraBox.exe (FLEXTECH INC. -> Flextech Inc.)
CustomCLSID: HKU\S-1-5-21-2649961789-1134712864-1179498568-1001_Classes\CLSID\{679F137C-3162-45da-BE3C-2F9C3D093F64} -> [TeraBox] => C:\Users\skim8\AppData\Roaming\TeraBox\ [0000-00-00 00:00]
CustomCLSID: HKU\S-1-5-21-2649961789-1134712864-1179498568-1001_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\skim8\AppData\Local\Google\Update\1.3.36.212\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2649961789-1134712864-1179498568-1001_Classes\CLSID\{d936918b-9c4b-555e-074a-c79314be04e1}\localserver32 -> C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe (Proton Technologies AG -> )
CustomCLSID: HKU\S-1-5-21-2649961789-1134712864-1179498568-1001_Classes\CLSID\{e69d01c8-b418-4e5b-9206-9545b47257cc}\localserver32 -> C:\Users\skim8\AppData\Local\NhNotifSys\awsc\awscns.exe (A-Volute SAS -> A-Volute)
CustomCLSID: HKU\S-1-5-21-2649961789-1134712864-1179498568-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-2649961789-1134712864-1179498568-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\skim8\AppData\Local\Google\Update\1.3.36.212\psuser_64.dll (Google LLC -> Google LLC)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\skim8\AppData\Local\MEGAsync\ShellExtX64.dll [2023-04-12] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\skim8\AppData\Local\MEGAsync\ShellExtX64.dll [2023-04-12] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\skim8\AppData\Local\MEGAsync\ShellExtX64.dll [2023-04-12] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ .WorkspaceExt0] -> {C568C78A-652C-425B-8E6B-FFA73043302D} => -> No File
ShellIconOverlayIdentifiers: [ .WorkspaceExt1] -> {2A6FE247-5DA3-4732-9626-77820518FD77} => -> No File
ShellIconOverlayIdentifiers: [ .WorkspaceExt2] -> {FF895810-293B-464A-93F2-82D11E07EEC8} => -> No File
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-03-20] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-03-20] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-03-20] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_357b728ba88fb99a\OptaneShellExt.dll [2022-12-18] (Intel Corporation -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-03-20] (Adobe Inc. -> )
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\skim8\AppData\Local\MEGAsync\ShellExtX64.dll [2023-04-12] (Mega Limited -> )
ContextMenuHandlers1: [SX_PDF9_EDITOR] -> {236D7124-8C0B-45B3-AA81-143AF254799D} => C:\Program Files (x86)\soft Xpansion\Perfect PDF 9 Editor\weagent64.dll [2022-03-14] (soft Xpansion GmbH & Co.KG -> soft Xpansion)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [YunShellExt] -> {6D85624F-305A-491d-8848-C1927AA0D790} => C:\Users\skim8\AppData\Roaming\TeraBox\YunShellExt64.dll [2023-02-22] (FLEXTECH INC. -> )
ContextMenuHandlers2: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\skim8\AppData\Local\MEGAsync\ShellExtX64.dll [2023-04-12] (Mega Limited -> )
ContextMenuHandlers3: [ContextMenu] -> {ee10d625-cc60-30a4-b3df-4b349785be6b} => C:\Program Files (x86)\Avira\Security\Antivirus.ContextMenu\Antivirus.ContextMenu.DLL -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-03] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\skim8\AppData\Local\MEGAsync\ShellExtX64.dll [2023-04-12] (Mega Limited -> )
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_357b728ba88fb99a\OptaneShellExt.dll [2022-12-18] (Intel Corporation -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\skim8\AppData\Local\MEGAsync\ShellExtX64.dll [2023-04-12] (Mega Limited -> )
ContextMenuHandlers4: [YunShellExt] -> {6D85624F-305A-491d-8848-C1927AA0D790} => C:\Users\skim8\AppData\Roaming\TeraBox\YunShellExt64.dll [2023-02-22] (FLEXTECH INC. -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvdmi.inf_amd64_3d50ed78ef5da3d8\nvshext.dll [2023-04-26] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2023-03-20] (Adobe Inc. -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-03-03] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2019-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2019-08-30] (Beepa P/L) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\skim8\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7da8c452ab87f4cd\CryptoTab Browser.lnk -> C:\Program Files\CryptoTab Browser\Application\browser.exe (The Chromium and CryptoTab Browser Authors) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2023-05-12 03:19 - 2023-05-12 03:19 - 001160704 _____ () [File not signed] [File is in use] C:\Users\skim8\AppData\Local\MicrosoftAdvertisingEditor\app-11.30.15196\CefSharp.BrowserSubprocess.Core.dll
2023-05-12 03:19 - 2023-05-12 03:19 - 001783808 _____ () [File not signed] [File is in use] C:\Users\skim8\AppData\Local\MicrosoftAdvertisingEditor\app-11.30.15196\CefSharp.Core.Runtime.dll
2023-05-10 09:09 - 2023-04-25 18:14 - 002781696 _____ () [File not signed] \\?\C:\Users\skim8\AppData\Local\Programs\Notion\resources\app\node_modules\better-sqlite3\build\Release\better_sqlite3.node
2023-05-10 09:09 - 2023-04-25 18:14 - 000654336 _____ () [File not signed] \\?\C:\Users\skim8\AppData\Local\Programs\Notion\resources\app\node_modules\bufferutil\build\Release\bufferutil.node
2023-05-10 09:09 - 2023-04-25 18:14 - 002982400 _____ () [File not signed] \\?\C:\Users\skim8\AppData\Local\Programs\Notion\resources\app\node_modules\cld\build\Release\cld.node
2023-05-12 03:19 - 2023-05-12 03:19 - 000195584 _____ () [File not signed] \\?\C:\Users\skim8\AppData\Local\Temp\75904448-e026-4d0c-8d0e-240c7a41a839.tmp.node
2023-05-12 03:19 - 2023-05-12 03:19 - 000602112 _____ () [File not signed] \\?\C:\Users\skim8\AppData\Local\Temp\c40060fe-968e-4be1-9ef7-267588018561.tmp.node
2022-06-05 08:40 - 2021-09-26 09:31 - 000194048 _____ () [File not signed] C:\Program Files (x86)\EaseUS\ENS\libssh2.dll
2023-04-16 22:52 - 2023-04-16 22:52 - 001506304 _____ () [File not signed] C:\Program Files (x86)\GOM\GOMPlayer\libass.dll
2022-12-14 10:39 - 2022-11-11 20:12 - 000072704 _____ () [File not signed] C:\Program Files (x86)\SonicsVPN\flutter_acrylic_plugin.dll
2022-12-14 10:39 - 2022-10-24 12:17 - 014733312 _____ () [File not signed] C:\Program Files (x86)\SonicsVPN\flutter_windows.dll
2022-12-14 10:39 - 2022-11-11 20:12 - 000095232 _____ () [File not signed] C:\Program Files (x86)\SonicsVPN\screen_retriever_plugin.dll
2022-12-14 10:39 - 2022-11-11 20:12 - 000082432 _____ () [File not signed] C:\Program Files (x86)\SonicsVPN\system_theme_plugin.dll
2022-12-14 10:39 - 2022-11-11 20:12 - 000122368 _____ () [File not signed] C:\Program Files (x86)\SonicsVPN\system_tray_plugin.dll
2022-12-14 10:39 - 2022-11-11 20:12 - 000078848 _____ () [File not signed] C:\Program Files (x86)\SonicsVPN\url_launcher_windows_plugin.dll
2022-12-14 10:39 - 2022-11-11 20:12 - 000128000 _____ () [File not signed] C:\Program Files (x86)\SonicsVPN\window_manager_plugin.dll
2022-01-11 18:36 - 2022-01-11 18:36 - 000108032 _____ () [File not signed] C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\qrcodelib.dll
2023-04-26 17:08 - 2023-04-24 09:23 - 002789888 _____ () [File not signed] C:\Program Files\Pawns.app\ffmpeg.dll
2023-04-26 17:08 - 2023-04-24 09:23 - 000471040 _____ () [File not signed] C:\Program Files\Pawns.app\libegl.dll
2023-04-26 17:08 - 2023-04-24 09:23 - 007178752 _____ () [File not signed] C:\Program Files\Pawns.app\libglesv2.dll
2023-04-26 17:08 - 2023-04-24 09:23 - 004759040 _____ () [File not signed] C:\Program Files\Pawns.app\vk_swiftshader.dll
2023-05-12 03:19 - 2023-05-12 03:19 - 194953728 _____ () [File not signed] C:\Users\skim8\AppData\Local\MicrosoftAdvertisingEditor\app-11.30.15196\libcef.dll
2023-05-10 09:08 - 2023-04-25 18:14 - 002789376 _____ () [File not signed] C:\Users\skim8\AppData\Local\Programs\Notion\ffmpeg.dll
2023-05-10 09:08 - 2023-04-25 18:14 - 000471040 _____ () [File not signed] C:\Users\skim8\AppData\Local\Programs\Notion\libegl.dll
2023-05-10 09:08 - 2023-04-25 18:14 - 007179264 _____ () [File not signed] C:\Users\skim8\AppData\Local\Programs\Notion\libglesv2.dll
2023-05-10 09:08 - 2023-04-25 18:14 - 004759552 _____ () [File not signed] C:\Users\skim8\AppData\Local\Programs\Notion\vk_swiftshader.dll
2019-08-30 04:06 - 2019-08-30 04:06 - 000174080 _____ (Beepa P/L) [File not signed] C:\Fraps\FRAPSLCD.DLL
2022-06-05 08:40 - 2022-03-24 14:13 - 000509064 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS CleanGenius\bin\AliyunWrap.DLL
2022-06-05 08:40 - 2022-03-24 14:13 - 001186952 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS CleanGenius\bin\AppGather.dll
2022-06-05 08:40 - 2022-03-24 14:13 - 000242824 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS CleanGenius\bin\Applications.dll
2022-06-05 08:40 - 2022-03-24 14:13 - 000142984 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS CleanGenius\bin\AppRuntime.dll
2022-06-05 08:40 - 2022-03-24 14:13 - 000307848 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS CleanGenius\bin\BigFileGather.dll
2022-06-05 08:40 - 2022-03-24 14:13 - 000043656 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS CleanGenius\bin\cgUtility.dll
2022-06-05 08:40 - 2022-03-24 14:13 - 000600200 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS CleanGenius\bin\EaseusStartup.dll
2022-06-05 08:40 - 2022-03-24 14:13 - 000190088 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS CleanGenius\bin\ecg_plugin.dll
2022-06-05 08:40 - 2022-03-24 14:13 - 000509064 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS CleanGenius\bin\ens\AliyunWrap.DLL
2022-06-05 08:40 - 2022-03-24 14:13 - 000141448 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS CleanGenius\bin\ens\enshelper.dll
2022-06-05 08:41 - 2022-03-24 14:13 - 000141448 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS CleanGenius\bin\enshelper.dll
2022-06-05 08:40 - 2022-03-24 14:13 - 001392776 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS CleanGenius\bin\EuDownload.dll
2022-06-05 08:40 - 2022-03-24 14:13 - 000176264 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS CleanGenius\bin\FHProcess.dll
2022-06-05 08:40 - 2022-03-24 14:13 - 000363656 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS CleanGenius\bin\GarbageGather.dll
2022-06-05 08:40 - 2022-03-24 14:13 - 000246920 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS CleanGenius\bin\MainFrame.dll
2022-06-05 08:40 - 2022-03-24 14:13 - 000093832 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS CleanGenius\bin\MultiLanguage.dll
2022-06-05 08:40 - 2022-03-24 14:13 - 000210056 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS CleanGenius\bin\Optimize.dll
2022-06-05 08:40 - 2022-03-24 14:13 - 000257672 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS CleanGenius\bin\Privacy.dll
2022-06-05 08:40 - 2022-03-24 14:13 - 000168584 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS CleanGenius\bin\PublicLoader.dll
2022-06-05 08:40 - 2022-03-24 14:13 - 000180360 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS CleanGenius\bin\RegistryGather.dll
2022-06-05 08:40 - 2022-03-24 14:13 - 000274056 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS CleanGenius\bin\TrashClean.dll
2022-06-05 08:40 - 2022-05-12 12:43 - 000509064 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\ENS\AliyunWrap.DLL
2022-06-05 08:40 - 2022-05-12 12:43 - 000141448 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\ENS\EnsHelper.dll
2022-06-05 08:40 - 2022-05-12 12:43 - 000098440 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\ENS\register.dll
2022-06-05 08:40 - 2022-05-12 12:43 - 000461448 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\EaseUS\ENS\wpnr.dll
2022-06-05 08:39 - 2022-02-17 16:32 - 000066696 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master\DC\bin\x64\VssEaseusProvider.dll
2022-06-05 08:40 - 2022-03-24 14:13 - 000081032 _____ (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU Yiwo Tech Development Co., Ltd.) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS CleanGenius\bin\SystemInfo.dll
2023-04-16 22:52 - 2023-04-16 22:52 - 016685485 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\GOM\GOMPlayer\modules\avcodec-gp-58.dll
2023-04-16 22:52 - 2023-04-16 22:52 - 015587009 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\GOM\GOMPlayer\modules\avformat-gp-58.dll
2023-04-16 22:52 - 2023-04-16 22:52 - 001218976 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\GOM\GOMPlayer\modules\avutil-gp-56.dll
2023-04-16 22:52 - 2023-04-16 22:52 - 000236097 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\GOM\GOMPlayer\modules\swresample-gp-3.dll
2023-04-16 22:52 - 2023-04-16 22:52 - 000768167 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\GOM\GOMPlayer\modules\swscale-gp-5.dll
2023-04-16 22:52 - 2023-04-16 22:52 - 000178176 _____ (GOM & Company) [File not signed] C:\Program Files (x86)\GOM\GOMPlayer\CrashDumpCollector.dll
2023-04-16 22:52 - 2023-04-16 22:52 - 000120320 _____ (GOM & Company) [File not signed] C:\Program Files (x86)\GOM\GOMPlayer\modules\GifMaker.dll
2023-04-16 22:52 - 2023-04-16 22:52 - 003340800 _____ (GOM & Company) [File not signed] C:\Program Files (x86)\GOM\GOMPlayer\modules\Subtitle.dll
2023-04-16 22:52 - 2023-04-16 22:52 - 000825344 _____ (GOM & Company) [File not signed] C:\Program Files (x86)\GOM\GOMPlayer\modules\VRU.ax
2023-04-16 22:52 - 2023-04-16 22:52 - 001326080 _____ (GOM & Company.) [File not signed] C:\Program Files (x86)\GOM\GOMPlayer\modules\gaf.ax
2023-04-16 22:52 - 2023-04-16 22:52 - 003632640 _____ (GOM & Company.) [File not signed] C:\Program Files (x86)\GOM\GOMPlayer\modules\gvf.ax
2023-04-16 22:52 - 2023-04-16 22:52 - 004162048 _____ (GOM & Company.) [File not signed] C:\Program Files (x86)\GOM\GOMPlayer\modules\MediaSource.ax
2022-05-31 09:57 - 2015-09-08 15:28 - 000381440 _____ (hxxp://hunspell.sourceforge.net/) [File not signed] C:\Program Files (x86)\PhraseExpress\hunspelldll.dll
2020-12-10 06:47 - 2020-12-10 06:47 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2020-12-10 06:47 - 2020-12-10 06:47 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2018-03-08 07:18 - 2018-03-08 07:18 - 000015360 _____ (NHibernate community) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Iesi.Collections.dll
2020-11-11 20:57 - 2020-11-11 20:57 - 000537088 _____ (NHibernate.info) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\FluentNHibernate.dll
2022-11-07 13:53 - 2022-11-07 13:53 - 001548800 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Dell Digital Delivery Services\SQLite.Interop.dll
2023-02-24 23:02 - 2023-02-24 23:02 - 001600512 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll
2023-05-12 03:19 - 2023-05-12 03:19 - 001243136 _____ (Robert Simpson, et al.) [File not signed] C:\Users\skim8\AppData\Local\MicrosoftAdvertisingEditor\app-11.30.15196\SQLite.Interop.dll
2018-02-06 17:25 - 2018-02-06 17:25 - 000176640 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.dll
2018-03-23 12:10 - 2018-03-23 12:10 - 000028160 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.EagerFetching.dll
2023-02-24 23:02 - 2023-02-24 23:02 - 002165760 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2021-02-17 04:19 - 2021-02-17 04:19 - 000124928 _____ (Stateless Contributors) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\stateless.dll
2021-12-17 05:45 - 2021-12-17 05:45 - 000258048 _____ (The Apache Software Foundation) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\log4net.dll
2023-02-13 13:13 - 2021-07-22 13:11 - 000058880 _____ (The c-ares library, hxxps://c-ares.haxx.se/) [File not signed] C:\Program Files (x86)\VPN Unlimited\cares.dll
2023-05-12 03:19 - 2023-05-12 03:19 - 001412608 _____ (The Chromium Authors) [File not signed] C:\Users\skim8\AppData\Local\MicrosoftAdvertisingEditor\app-11.30.15196\chrome_elf.dll
2022-06-05 08:40 - 2021-09-26 09:31 - 000428544 _____ (The curl library, hxxps://curl.se/) [File not signed] C:\Program Files (x86)\EaseUS\ENS\libcurl.dll
2023-02-13 13:13 - 2022-10-31 12:05 - 000416768 _____ (The curl library, hxxps://curl.se/) [File not signed] C:\Program Files (x86)\VPN Unlimited\libcurl.dll
2023-05-09 19:19 - 2023-03-15 10:29 - 001230848 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\ugeeTablet\LIBEAY32.dll
2023-05-09 19:19 - 2021-07-28 16:23 - 000278016 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\ugeeTablet\SSLEAY32.dll
2022-06-05 08:40 - 2021-04-14 08:51 - 002523136 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS CleanGenius\bin\libcrypto-1_1.dll
2022-06-05 08:40 - 2021-04-14 08:51 - 000531456 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\EaseUS\EaseUS Partition Master\ToolKits\EaseUS CleanGenius\bin\libssl-1_1.dll
2022-06-05 08:40 - 2021-09-26 09:31 - 002523136 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\EaseUS\ENS\libcrypto-1_1.dll
2022-06-05 08:40 - 2021-09-26 09:31 - 000531456 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\EaseUS\ENS\libssl-1_1.dll
2022-10-09 13:54 - 2022-10-09 13:54 - 002253312 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\Peer2Profit\libcrypto-1_1.dll
2022-10-09 13:54 - 2022-10-09 13:54 - 000535552 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\Peer2Profit\libssl-1_1.dll
2023-02-13 13:13 - 2022-07-05 22:42 - 002525184 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\VPN Unlimited\libcrypto-1_1.dll
2023-02-13 13:13 - 2022-07-05 22:42 - 000532992 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\VPN Unlimited\libssl-1_1.dll
2023-05-09 19:19 - 2023-02-03 17:02 - 000036352 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\ugeeTablet\imageformats\qdds.dll
2023-05-09 19:19 - 2023-02-03 17:02 - 000022016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\ugeeTablet\imageformats\qgif.dll
2023-05-09 19:19 - 2023-02-03 17:02 - 000029184 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\ugeeTablet\imageformats\qicns.dll
2023-05-09 19:19 - 2023-02-03 17:02 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\ugeeTablet\imageformats\qico.dll
2023-05-09 19:19 - 2023-02-03 17:02 - 000206848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\ugeeTablet\imageformats\qjpeg.dll
2023-05-09 19:19 - 2023-02-03 17:02 - 000016896 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\ugeeTablet\imageformats\qsvg.dll
2023-05-09 19:19 - 2023-02-03 17:02 - 000016384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\ugeeTablet\imageformats\qtga.dll
2023-05-09 19:19 - 2023-02-03 17:02 - 000310272 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\ugeeTablet\imageformats\qtiff.dll
2023-05-09 19:19 - 2023-02-03 17:02 - 000015360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\ugeeTablet\imageformats\qwbmp.dll
2023-05-09 19:19 - 2023-02-03 17:02 - 000287232 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\ugeeTablet\imageformats\qwebp.dll
2023-05-09 19:19 - 2023-02-03 17:02 - 000966144 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\ugeeTablet\platforms\qwindows.dll
2023-05-09 19:19 - 2023-02-03 17:02 - 004686848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\ugeeTablet\Qt5Core.dll
2023-05-09 19:19 - 2023-02-03 17:02 - 005035008 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\ugeeTablet\Qt5Gui.dll
2023-05-09 19:19 - 2023-03-15 10:29 - 000833536 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\ugeeTablet\Qt5Network.dll
2023-05-09 19:19 - 2023-02-03 17:02 - 000251392 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\ugeeTablet\Qt5Svg.dll
2023-05-09 19:19 - 2023-02-03 17:02 - 004518912 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\ugeeTablet\Qt5Widgets.dll
2023-05-09 19:19 - 2023-02-03 17:02 - 000151040 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\ugeeTablet\Qt5Xml.dll
2022-07-24 19:28 - 2022-07-24 19:28 - 005979824 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Users\skim8\AppData\Local\MEGAsync\Qt5Core.dll
2016-12-18 08:55 - 2016-12-18 08:55 - 000097280 _____ (Tunnel Vision Laboratories, LLC) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Antlr3.Runtime.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-2649961789-1134712864-1179498568-1001 -> DefaultScope {89A7FC30-A6A4-4845-A615-4E7C0EB628B2} URL =
SearchScopes: HKU\S-1-5-21-2649961789-1134712864-1179498568-1001 -> {89A7FC30-A6A4-4845-A615-4E7C0EB628B2} URL =
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-03-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-04-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: XBasic - {CF3D3EE3-BD52-4A8F-B430-A73BDE453460} - No File
Handler: XBasicV12 - {CF3D3EE3-BD52-4A8F-B430-A73BDE453460} - No File
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 05:14 - 2019-12-07 05:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\skim8\OneDrive\Documents\2023 Business Take-Off\February\Vision Board\2023-02-09 Vision Board.png
HKU\S-1-5-21-2649961789-1134712864-1179498568-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\dell\dell-gaming-g-series-wallpaper-g7-silver.jpg
DNS Servers: 208.67.222.222 - 208.67.220.220
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet 3: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled)
Local Area Connection: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled)
Wi-Fi: NordVPN LightWeight Firewall -> NordLwf (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "RescueTime.lnk"
HKLM\...\StartupApproved\Run32: => "CryptoTab Browser"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\StartupApproved\Run: => "7 Taskbar Tweaker"
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\StartupApproved\Run: => "BlueJeans.Detector"
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\StartupApproved\Run: => "KakaoTalk"
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\StartupApproved\Run: => "Samsung DeX"
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\StartupApproved\Run: => "StickyPassword"
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\StartupApproved\Run: => "NordVPN"
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\StartupApproved\Run: => "electron.app.Poised"
HKU\S-1-5-21-2649961789-1134712864-1179498568-1001\...\StartupApproved\Run: => "TeraBoxWeb"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{1EA38EC7-CF65-42E7-A3B0-7CB518CC6BFB}] => (Allow) C:\Users\skim8\Downloads\hitpaw-watermark-remover.exe => No File
FirewallRules: [{BA7F7D0B-5A91-4611-B521-C10F80CD55F0}] => (Allow) C:\Users\skim8\Downloads\hitpaw-watermark-remover.exe => No File
FirewallRules: [{3DE3A98C-010E-4794-B7AD-87AE12A9F264}] => (Allow) C:\Program Files\CyberLink\PowerPlayer365\Common\dynamic_transcode.exe => No File
FirewallRules: [{DF5C464A-2A49-4EE5-AC13-9722EFDA1C5D}] => (Allow) C:\Program Files\CyberLink\PowerPlayer365\Common\CLMediaServer\clmediaserver.exe => No File
FirewallRules: [{6CE0A54B-6DD2-4D67-A258-9EF0D2546E61}] => (Allow) C:\Program Files\CyberLink\PowerPlayer365\CastingStation.exe => No File
FirewallRules: [{2D582E1C-04A1-4E89-9A6B-9802C9FB4FE7}] => (Allow) C:\Program Files\CyberLink\PowerPlayer365\Movie\PowerDVDMovie.exe => No File
FirewallRules: [{CE0D2A73-B09F-46D1-B0C1-E0FC52AB133C}] => (Allow) C:\Program Files\CyberLink\PowerPlayer365\PowerDVD21Agent.exe => No File
FirewallRules: [{30D2F3AE-2877-40AF-BE5A-FD310B458773}] => (Allow) C:\Program Files\CyberLink\PowerPlayer365\ShareModule32\Kernel\DMS\CLMSServerCPP365.exe => No File
FirewallRules: [{BA6DE748-C133-43C2-80CD-CA37140A2476}] => (Allow) C:\Program Files\CyberLink\PowerPlayer365\PowerDVD.exe => No File
FirewallRules: [UDP Query User{B6A2743D-EB84-4ED1-B9D9-13D9B6B646BC}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe => No File
FirewallRules: [TCP Query User{8F5E65D0-0E80-43BB-8D65-9B7EEC4C6D2A}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe => No File
FirewallRules: [UDP Query User{62706B5A-2774-4422-A77D-2843170092C5}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Allow) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe => No File
FirewallRules: [TCP Query User{5538C03B-2B76-4063-91A7-F30E9D4563C8}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Allow) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe => No File
FirewallRules: [{D041BAB7-8535-41E7-9638-068578266D24}] => (Allow) C:\Program Files (x86)\Peer2Profit\Peer2Profit.exe (Simple Coding Solutions LLC -> )
FirewallRules: [{403FDA2C-8D26-4B03-BC2F-7E711D57A612}] => (Allow) C:\Program Files (x86)\Peer2Profit\Peer2Profit.exe (Simple Coding Solutions LLC -> )
FirewallRules: [{5779F41B-9A4F-411E-8BFC-967093D84867}] => (Allow) C:\Program Files (x86)\Peer2Profit\Peer2Profit.exe (Simple Coding Solutions LLC -> )
FirewallRules: [{4591150F-A0F6-467A-8EFC-257DE992A27E}] => (Allow) C:\Program Files (x86)\Peer2Profit\Peer2Profit.exe (Simple Coding Solutions LLC -> )
FirewallRules: [{7135CBBA-12DB-43DD-915E-EECF185A523E}] => (Allow) C:\Program Files (x86)\Bulk Email Sender Pro\Bulk Email Sender Pro.exe => No File
FirewallRules: [UDP Query User{2EC4FBAB-D452-4237-9C1F-51D24BF2B3D8}C:\users\skim8\appdata\local\programs\dreamtime\resources\app.asar.unpacked\node_modules\go-ipfs\go-ipfs\ipfs.exe] => (Allow) C:\users\skim8\appdata\local\programs\dreamtime\resources\app.asar.unpacked\node_modules\go-ipfs\go-ipfs\ipfs.exe => No File
FirewallRules: [TCP Query User{1AB9E1C2-90FC-48B9-96D3-802173F3975A}C:\users\skim8\appdata\local\programs\dreamtime\resources\app.asar.unpacked\node_modules\go-ipfs\go-ipfs\ipfs.exe] => (Allow) C:\users\skim8\appdata\local\programs\dreamtime\resources\app.asar.unpacked\node_modules\go-ipfs\go-ipfs\ipfs.exe => No File
FirewallRules: [UDP Query User{62DCFCF7-943C-4579-8732-60E00417D951}C:\program files\windowsapps\microsoftcorporationii.quickassist_2.0.9.0_x64__8wekyb3d8bbwe\quickassist.exe] => (Allow) C:\program files\windowsapps\microsoftcorporationii.quickassist_2.0.9.0_x64__8wekyb3d8bbwe\quickassist.exe => No File
FirewallRules: [TCP Query User{2FF72DE9-9E77-4AAF-A49C-5929C833CB06}C:\program files\windowsapps\microsoftcorporationii.quickassist_2.0.9.0_x64__8wekyb3d8bbwe\quickassist.exe] => (Allow) C:\program files\windowsapps\microsoftcorporationii.quickassist_2.0.9.0_x64__8wekyb3d8bbwe\quickassist.exe => No File
FirewallRules: [{1B9CFA2C-633F-4983-AA00-37B6FEC34F8D}] => (Allow) C:\Program Files\CryptoTab Browser\Application\browser.exe (CRYPTOCOMPANY OÜ -> The Chromium and CryptoTab Browser Authors)
FirewallRules: [{4E84DC05-4387-409B-AA67-403D021BF3F1}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{383606B9-7FC4-47D0-ACA9-F04560A38A31}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{321D1459-A508-457B-B2A0-915C185611C6}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{317C9BCE-C739-45FA-A5F7-881CDD098C91}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{FC5E56B0-615D-44B8-AE38-4CF1C8C07251}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{30AE4B1F-30BF-41C6-9751-C32002421282}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{B7345B5D-C2F8-4533-93AF-51745FCEA7F9}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{74FC2607-C522-4E53-B040-F201A4A24197}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{0E7EF576-EF8C-4A75-BABC-1A17B4AB90FA}] => (Allow) BiglyBT.exe => No File
FirewallRules: [{A03B2BBF-D0AB-46B4-AFAF-251E6112CB6F}] => (Allow) C:\Users\skim8\AppData\Local\Temp\7zS1BD8\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{9BECC452-8BC8-4884-A05F-4956C7D2B48C}] => (Allow) C:\Users\skim8\AppData\Local\Temp\7zS1BD8\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{380908DE-98D1-4CDD-A345-A6B2C16D9DE9}] => (Allow) C:\Program Files (x86)\LightPDF\LightPDF Editor\{app}\ServiceModule\Apowersoft.CoreServices.exe => No File
FirewallRules: [{FC26B37C-8F0D-4360-86EB-EEA4A16818BC}] => (Allow) C:\Program Files (x86)\LightPDF\LightPDF Editor\{app}\ServiceModule\Apowersoft.CoreServices.exe => No File
FirewallRules: [UDP Query User{8ADEAAC9-39D8-4CFA-B7E0-60B5CB551101}C:\users\skim8\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\skim8\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [TCP Query User{0860DD02-9E85-4C03-8D9F-FA3DCF2C8AE5}C:\users\skim8\appdata\local\discord\app-1.0.9004\discord.exe] => (Allow) C:\users\skim8\appdata\local\discord\app-1.0.9004\discord.exe => No File
FirewallRules: [{45404004-D3DE-40CB-8D46-F06B13C61FB6}] => (Allow) C:\Program Files (x86)\PhraseExpress\PhraseExpress.exe (Bartels Media GmbH -> Bartels Media GmbH)
FirewallRules: [{CE219F72-94AC-4F7E-9EA3-95A37D8CB339}] => (Allow) C:\Program Files (x86)\PhraseExpress\PhraseExpress.exe (Bartels Media GmbH -> Bartels Media GmbH)
FirewallRules: [UDP Query User{87210C75-C183-43E3-B4A9-D2A1F8D26F09}C:\users\skim8\appdata\local\programs\n8n\n8n.exe] => (Allow) C:\users\skim8\appdata\local\programs\n8n\n8n.exe (n8n GmbH) [File not signed]
FirewallRules: [TCP Query User{6F05A95C-CEA6-41CF-8816-7507E58D17D6}C:\users\skim8\appdata\local\programs\n8n\n8n.exe] => (Allow) C:\users\skim8\appdata\local\programs\n8n\n8n.exe (n8n GmbH) [File not signed]
FirewallRules: [UDP Query User{66720E6C-4C4E-4F35-B17E-129C96C06E30}C:\users\skim8\appdata\local\programs\webby\webby.exe] => (Block) C:\users\skim8\appdata\local\programs\webby\webby.exe (WebinarFuel LLC -> Webby)
FirewallRules: [TCP Query User{D5D1C4A3-DC0F-4D71-8FBD-53E86C64727F}C:\users\skim8\appdata\local\programs\webby\webby.exe] => (Block) C:\users\skim8\appdata\local\programs\webby\webby.exe (WebinarFuel LLC -> Webby)
FirewallRules: [UDP Query User{FD577F56-DE5E-4A12-B87E-C598BDB49DE3}C:\program files (x86)\hp\diagnostics\telemetrywatch\psdrtelemetrywatch.exe] => (Block) C:\program files (x86)\hp\diagnostics\telemetrywatch\psdrtelemetrywatch.exe (HP Inc. -> )
FirewallRules: [TCP Query User{34414A10-02C2-4EFA-BE7D-815A407451A8}C:\program files (x86)\hp\diagnostics\telemetrywatch\psdrtelemetrywatch.exe] => (Block) C:\program files (x86)\hp\diagnostics\telemetrywatch\psdrtelemetrywatch.exe (HP Inc. -> )
FirewallRules: [{A8730747-B871-4D2C-BE8E-C6B756516C68}] => (Allow) BiglyBT.exe => No File
FirewallRules: [{FC031617-4502-4FFB-8AED-DCA4B2E80BD5}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{B08134D8-B90A-46E3-A999-29BBB98CDAA3}] => (Allow) LPort=5357
FirewallRules: [{7AD0C93E-F085-4B18-B826-5CBE6E9B3DB0}] => (Allow) C:\Program Files\HP\HP ENVY 4520 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{3E12EE0F-742E-487C-B6F1-6AC9E52535CD}] => (Allow) C:\Users\skim8\AppData\Local\Temp\7zS4FFD\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{2643631B-C2AC-43A1-A692-B797DDE4B9E3}] => (Allow) C:\Users\skim8\AppData\Local\Temp\7zS4FFD\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{074E385B-822A-409F-B57D-7BA343B4CED6}] => (Allow) C:\Users\skim8\AppData\Local\Temp\7zS401E\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{8E8691C8-71FF-4021-8421-D48F58641834}] => (Allow) C:\Users\skim8\AppData\Local\Temp\7zS401E\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{D10E32DD-CDA7-4D65-834C-F1CC61976F4A}] => (Allow) C:\Users\skim8\AppData\Local\Temp\7zS133E\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{E2907F4B-E3DB-428C-97B0-91872392875D}] => (Allow) C:\Users\skim8\AppData\Local\Temp\7zS133E\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{AB913D18-EE1F-44DC-94CA-3C2709AA0796}] => (Allow) C:\Program Files (x86)\AtomPark\Atomic Email Hunter\AtomicEmailHunter.exe => No File
FirewallRules: [{99E579D4-AD50-45E4-AB9F-23F74769EB0D}] => (Allow) C:\Program Files (x86)\AtomPark\Atomic Email Hunter\AtomicEmailHunter.exe => No File
FirewallRules: [{ED5F8E0C-546B-4287-BC27-2B346B2C4607}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Bluestack Systems, Inc -> BlueStack Systems)
FirewallRules: [{543587D9-7F5E-4402-8707-914D56D364C4}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => No File
FirewallRules: [{371D9C5D-4ECD-42F5-A9ED-8C55D4599882}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => No File
FirewallRules: [UDP Query User{DC07A713-829B-42FF-83F9-042F4A11F3A4}C:\program files\biglybt\biglybt.exe] => (Allow) C:\program files\biglybt\biglybt.exe (Bigly Software -> Bigly Software)
FirewallRules: [TCP Query User{5E49241E-2754-44E4-BABE-C3555B3DCFF1}C:\program files\biglybt\biglybt.exe] => (Allow) C:\program files\biglybt\biglybt.exe (Bigly Software -> Bigly Software)
FirewallRules: [UDP Query User{EFC61D0B-2645-4E63-9E31-6A68AC8C83DB}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{9DB43FC7-2559-4F76-83B7-B8D4D24368BC}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{A0E4F09A-A3CE-4EAC-AB21-7BD00F352079}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => No File
FirewallRules: [{2F1F9EA0-966B-4595-B866-60DA2FA1C4B1}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => No File
FirewallRules: [UDP Query User{F764B4C6-3A0C-4223-BC90-38E04B968795}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [TCP Query User{41EC8957-AFF0-488D-B358-7373D78F335E}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe (Tim Kosse -> FileZilla Project)
FirewallRules: [{5C513600-A4F8-49C3-AB5C-784AC69A99A4}] => (Allow) C:\Program Files (x86)\RescueTime\RescueTime.exe (RescueTime, Inc.) [File not signed]
FirewallRules: [{7B32143A-7963-4155-9DA2-630E51E8BBDD}] => (Allow) C:\Program Files (x86)\RescueTime\RescueTime.exe (RescueTime, Inc.) [File not signed]
FirewallRules: [{0523A231-855F-4378-85ED-9EF16604FD3A}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe => No File
FirewallRules: [{4A486E2A-16C4-43F6-8182-D1B082EC2EA5}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe => No File
FirewallRules: [{617C1FF0-BB06-4F25-B1AE-E12E015F0ECC}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [UDP Query User{791AF745-5D2C-4DEE-9DE3-DC3132FE5FC6}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{EAC96DCD-DFC5-45AD-BF87-8479BD1F0684}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{23F7B8C2-8193-43CB-8BAF-11D6BA2F720A}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{A018E0A5-7623-485C-AE46-219AB6845A0B}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{36410043-DAB8-480E-8675-84860C74A2B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3D676283-3373-4DDD-B20D-7AB7AF436710}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{16547924-F11F-412C-98BF-B55CC4452250}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{EC6ADFBE-3100-4ED0-B999-785760633F3E}] => (Allow) C:\Program Files\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [TCP Query User{0FCC16DF-EA09-4046-9655-29E9DF6860DE}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{15AEA8BF-8CF2-4B80-A59D-9DBFACF4561E}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{EE3918C4-7FB5-4C9E-8F74-E58C2256C9CB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6C717A1B-D7CB-4F31-AED4-0EDB9798CFC8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{708C2733-E463-4992-9725-333BCDF8CDA7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{13266536-63C5-4A7C-9488-48B2338FB3C9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{45E5F05E-1C4C-4F78-B146-C04B683CECDC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{38BD0222-CDDD-4D11-9950-225EE6A087B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{D52AA105-20B4-4FC1-A215-80179EC85880}] => (Allow) C:\Users\skim8\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{614985F4-9833-4780-B756-47C8425001DB}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [UDP Query User{0E707317-4E67-4E18-A182-C3C246C1831E}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [TCP Query User{1265E2B7-3B78-422F-B988-69DAD738138B}C:\program files (x86)\kakao\kakaotalk\kakaotalk.exe] => (Allow) C:\program files (x86)\kakao\kakaotalk\kakaotalk.exe (Kakao corp. -> Kakao Corp.)
FirewallRules: [UDP Query User{D6A48329-5CC4-4350-A069-C17AD7B9E3E1}C:\program files (x86)\kakao\kakaotalk\kakaotalk.exe] => (Allow) C:\program files (x86)\kakao\kakaotalk\kakaotalk.exe (Kakao corp. -> Kakao Corp.)
FirewallRules: [TCP Query User{22AF3B6F-6FF8-4077-B055-BDC903C4DABE}C:\users\skim8\appdata\local\programs\webby\webby.exe] => (Allow) C:\users\skim8\appdata\local\programs\webby\webby.exe (WebinarFuel LLC -> Webby)
FirewallRules: [UDP Query User{42139EFA-F6A7-4B03-9DAA-DA26C6E804B7}C:\users\skim8\appdata\local\programs\webby\webby.exe] => (Allow) C:\users\skim8\appdata\local\programs\webby\webby.exe (WebinarFuel LLC -> Webby)
FirewallRules: [TCP Query User{BD578AD3-AECB-45F7-BABB-7646BB818F71}C:\program files\biglybt\biglybt.exe] => (Allow) C:\program files\biglybt\biglybt.exe (Bigly Software -> Bigly Software)
FirewallRules: [UDP Query User{68BD7C0A-F825-4A56-B6C8-29F08F0C46A7}C:\program files\biglybt\biglybt.exe] => (Allow) C:\program files\biglybt\biglybt.exe (Bigly Software -> Bigly Software)
FirewallRules: [{99C567F2-00AF-4587-909A-EC1331D4BD61}] => (Allow) C:\Users\skim8\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4D3C9399-958F-471F-BA72-B7E460C83167}] => (Allow) C:\Users\skim8\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{7FB411EC-034A-4C26-BB4B-5F63620D2142}] => (Allow) C:\Users\skim8\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{65718EBC-5DCF-4D21-A520-0BA511B5E85D}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{CE9B6DFA-5861-4F5D-8ECF-9ED68A6F8D19}] => (Allow) C:\Program Files (x86)\Samsung\Samsung DeX\SamsungDeX.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{3291B939-51F1-4032-B1EE-6F05AD379BF4}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [{D84EC1FB-7B94-4F19-846A-264E0A882338}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_3.3.9809.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [TCP Query User{112B250D-1E8E-4A1C-A6DD-86424A145261}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{9F03B402-46D1-4338-B921-8ACC5EE1B8AA}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{0F1CD474-6289-49C8-A2C5-C1698752B5CB}C:\program files (x86)\sonicsvpn\data\flutter_assets\clashassets\sonics.exe] => (Allow) C:\program files (x86)\sonicsvpn\data\flutter_assets\clashassets\sonics.exe () [File not signed]
FirewallRules: [UDP Query User{CB35FEFA-CFE2-4581-AAF6-0D012EEA6D0C}C:\program files (x86)\sonicsvpn\data\flutter_assets\clashassets\sonics.exe] => (Allow) C:\program files (x86)\sonicsvpn\data\flutter_assets\clashassets\sonics.exe () [File not signed]
FirewallRules: [TCP Query User{C63BED00-6C16-4632-ADB7-26596C25F16A}C:\program files (x86)\sonicsvpn\data\flutter_assets\clashassets\sonics.exe] => (Allow) C:\program files (x86)\sonicsvpn\data\flutter_assets\clashassets\sonics.exe () [File not signed]
FirewallRules: [UDP Query User{AACD81D1-5077-4E16-8449-BF2A2EB1C223}C:\program files (x86)\sonicsvpn\data\flutter_assets\clashassets\sonics.exe] => (Allow) C:\program files (x86)\sonicsvpn\data\flutter_assets\clashassets\sonics.exe () [File not signed]
FirewallRules: [{826AA569-63D6-4F0F-8EA0-3D56CB2E2B84}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{5F4A4F1A-F40C-4934-87AE-69D386BA29C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{234DB30E-8AB9-4E03-9454-46CE627143DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{FD2CA68C-A70C-45CA-87FC-818C2EEE0B6F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{DE130413-CD4B-4C67-A3E8-4C1D8D09776C}] => (Allow) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe (Keepsolid Inc. -> KeepSolid Inc.)
FirewallRules: [{96171555-7CF0-4B2E-9B43-98C32728D35C}] => (Allow) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited.exe (Keepsolid Inc. -> KeepSolid Inc.)
FirewallRules: [{EAB28583-3A73-4485-99B9-332AB2E77F61}] => (Allow) C:\Program Files (x86)\VPN Unlimited\openvpn.exe (The OpenVPN Project) [File not signed]
FirewallRules: [{73D33837-7733-4D0D-A820-C0C7008A1357}] => (Allow) C:\Program Files (x86)\VPN Unlimited\openvpn.exe (The OpenVPN Project) [File not signed]
FirewallRules: [TCP Query User{9ACCF1D4-B725-4081-B857-2F801E5C3398}C:\users\skim8\downloads\anydesk.exe] => (Allow) C:\users\skim8\downloads\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [UDP Query User{6D74F187-1CB8-4EDA-8DDE-3BCA81C5D349}C:\users\skim8\downloads\anydesk.exe] => (Allow) C:\users\skim8\downloads\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [TCP Query User{2B2A482F-97B7-40CA-8BEC-C03CA23DC2C3}C:\users\skim8\appdata\roaming\terabox\teraboxrender.exe] => (Allow) C:\users\skim8\appdata\roaming\terabox\teraboxrender.exe (FLEXTECH INC. -> Flextech Inc.)
FirewallRules: [UDP Query User{9B2A3EAD-178F-4C96-BF47-172F57336980}C:\users\skim8\appdata\roaming\terabox\teraboxrender.exe] => (Allow) C:\users\skim8\appdata\roaming\terabox\teraboxrender.exe (FLEXTECH INC. -> Flextech Inc.)
FirewallRules: [{8D897960-4EBF-4A5D-A5B2-701C04DD33F0}] => (Allow) BiglyBT.exe => No File
FirewallRules: [{811E0A0D-BB6B-48F2-8D98-7EF1EB9428DB}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{679069FB-A258-40E6-A0E3-6A131126DB98}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{1E2664A8-F207-4FFB-BAC6-0A21DEC920C4}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{2B19566A-373C-440F-AF58-0F0C639AD0C5}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{A26201D9-AFC6-4D2A-B903-68AC0A57EAB6}] => (Allow) C:\Program Files\Pawns.app\Pawns.app.exe (IPRoyal Services FZE LLC -> IPRoyal)
FirewallRules: [{113457C4-AD88-4769-A683-DFF666D60DD2}] => (Allow) C:\Program Files\Pawns.app\Pawns.app.exe (IPRoyal Services FZE LLC -> IPRoyal)
FirewallRules: [TCP Query User{CD2FD84D-ACE6-48EC-85A9-12440CBD5B13}C:\users\skim8\appdata\local\programs\python\python311\python.exe] => (Allow) C:\users\skim8\appdata\local\programs\python\python311\python.exe (Python Software Foundation -> Python Software Foundation)
FirewallRules: [UDP Query User{858E7907-3414-4D7A-871D-95C8DE29A53D}C:\users\skim8\appdata\local\programs\python\python311\python.exe] => (Allow) C:\users\skim8\appdata\local\programs\python\python311\python.exe (Python Software Foundation -> Python Software Foundation)
FirewallRules: [{D99AE230-EC3C-483E-93AB-73AD4A8E8F4D}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23091.406.2009.3890_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{98F33CF8-D0FA-4357-9EC4-BD42B7E8EE5A}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23091.406.2009.3890_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4F5F4B1A-22FC-444A-A7BB-40624EF055AD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{56950C1E-D827-4EFD-9694-2757F5A4E24E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\113.0.1774.35\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{92BA154B-3C19-4D57-AB9B-ADA2BDC866AC}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{E38EF1C2-2A05-488D-B53F-BCBD23184708}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{06106405-ED87-4D9C-9362-8BB47B399572}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7B823555-BC15-4899-BDEA-97476A69D942}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F6EA6EFF-5AC6-48DC-BBA8-08127AF4BB67}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5A8CE153-2E1B-4D9C-A6D1-9DFEA33B43D4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.97.3404.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{09DBFAFA-11F4-4225-89FA-23A39ABFDE06}] => (Allow) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRManager.exe (Splashtop Inc. -> Splashtop Inc.)
==================== Restore Points =========================
11-05-2023 03:09:34 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/12/2023 12:25:48 PM) (Source: Application Error) (EventID: 1000) (User: AWESOMOUS)
Description: Faulting application name: dptf_helper.exe, version: 8.7.10600.20700, time stamp: 0x604bfbdc
Faulting module name: dptf_helper.exe, version: 8.7.10600.20700, time stamp: 0x604bfbdc
Exception code: 0xc0000005
Fault offset: 0x0000000000002794
Faulting process id: 0x0xa20
Faulting application start time: 0x0x1d984a1f43b16de
Faulting application path: C:\WINDOWS\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\dptf_helper.exe
Faulting module path: C:\WINDOWS\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\dptf_helper.exe
Report Id: 4ee35d0c-7900-4658-aa86-4b291a8b72cb
Faulting package full name:
Faulting package-relative application ID:
Error: (05/12/2023 11:06:48 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {133a5e25-d486-46c8-8b6a-1df6962bc46c}
Error: (05/12/2023 10:55:39 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {133a5e25-d486-46c8-8b6a-1df6962bc46c}
Error: (05/12/2023 03:19:51 AM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program AWCC.exe version 5.5.46.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Error: (05/12/2023 03:19:19 AM) (Source: Application Error) (EventID: 1000) (User: AWESOMOUS)
Description: Faulting application name: AWCC.exe, version: 5.5.46.0, time stamp: 0x642e6619
Faulting module name: twinapi.appcore.dll, version: 10.0.22621.1635, time stamp: 0xe86a6225
Exception code: 0xc000027b
Fault offset: 0x00000000001154fc
Faulting process id: 0x0x42f8
Faulting application start time: 0x0x1d984a1f5423494
Faulting application path: C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.5.46.0_x64__htrsf667h5kn2\AWCC.exe
Faulting module path: C:\WINDOWS\SYSTEM32\twinapi.appcore.dll
Report Id: 31bbea6a-0e5b-4cb6-9404-3b694667bf39
Faulting package full name: DellInc.AlienwareCommandCenter_5.5.46.0_x64__htrsf667h5kn2
Faulting package-relative application ID: App
Error: (05/11/2023 10:54:25 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {133a5e25-d486-46c8-8b6a-1df6962bc46c}
Error: (05/11/2023 10:41:22 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {133a5e25-d486-46c8-8b6a-1df6962bc46c}
Error: (05/11/2023 09:34:41 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows cannot load the extensible counter DLL "C:\WINDOWS\system32\sysmain.dll" (Win32 error code 126).
System errors:
=============
Error: (05/11/2023 09:34:35 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The IntelAudioService service terminated with the following service-specific error:
The operation completed successfully.
Error: (05/11/2023 09:32:41 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Modules Installer service terminated with the following error:
The process cannot access the file because it is being used by another process.
Error: (05/11/2023 04:27:18 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073d02: 9NKSQGP7F2NH-5319275A.WhatsAppDesktop.
Error: (05/11/2023 02:50:54 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The EaseUS UPDATE SERVICE service terminated unexpectedly. It has done this 1 time(s).
Error: (05/11/2023 02:49:51 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Miniport Microsoft Wi-Fi Direct Virtual Adapter #2, {dccfa065-ab83-4961-8766-20a08e208a9d}, had event 74
Error: (05/11/2023 12:13:01 AM) (Source: volsnap) (EventID: 25) (User: )
Description: The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time. Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.
Error: (05/09/2023 08:08:03 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The IntelAudioService service terminated with the following service-specific error:
The operation completed successfully.
Error: (05/09/2023 08:07:07 PM) (Source: DCOM) (EventID: 10010) (User: AWESOMOUS)
Description: The server DellInc.AlienwareCommandCenter_5.5.46.0_x64__htrsf667h5kn2!App did not register with DCOM within the required timeout.
Windows Defender:
================
Date: 2023-05-12 18:41:05
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Wacatac.H!ml
Severity: Severe
Category: Trojan
Path: file:_C:\Users\skim8\AppData\Roaming\P9R337N7.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Users\skim8\Videos\Courses\Software\Avira Phantom VPN Pro 9.8.7\+Setup.exe
Security intelligence Version: AV: 1.389.1046.0, AS: 1.389.1046.0, NIS: 1.389.1046.0
Engine Version: AM: 1.1.20300.3, NIS: 1.1.20300.3
Date: 2023-05-12 18:41:03
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: Trojan:Win32/Casdet!rfn
Severity: Severe
Category: Trojan
Path: file:_C:\Users\skim8\AppData\Roaming\f4459igc.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Users\skim8\Videos\Courses\Software\Avira Phantom VPN Pro 9.8.7\+Setup.exe
Security intelligence Version: AV: 1.389.1046.0, AS: 1.389.1046.0, NIS: 1.389.1046.0
Engine Version: AM: 1.1.20300.3, NIS: 1.1.20300.3
Date: 2023-05-10 21:03:15
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-05-10 03:57:05
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2023-05-09 21:03:30
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]
Date: 2023-03-15 09:12:12
Description:
Microsoft Defender Antivirus engine has been terminated due to an unexpected error.
Failure Type: Crash
Exception code: 0xc0000005
Resource:
Engine Code: %7
CodeIntegrity:
===============
Date: 2023-05-12 18:52:23
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\skim8\AppData\LocalLow\IGDump\obysmostqaanesbxhjffkxizquxtoudj\nmknxypgwobdnvkslwudhwjyfdcqmurf.ext because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2023-05-12 10:12:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_454f22d7cdb5b4cd\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-05-11 21:46:28
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-05-11 16:09:50
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\skim8\AppData\LocalLow\IGDump\iqydyghqtisdtphuvqenjemmvmstjleb\zujcylvvnajkwgthncutbdmvlgplkssa.ext because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Dell Inc. 1.21.0 12/16/2022
Motherboard: Dell Inc. 06YKK0
Processor: Intel® Core i7-10750H CPU @ 2.60GHz
Percentage of memory in use: 82%
Total physical RAM: 16145.69 MB
Available physical RAM: 2842.65 MB
Total Virtual: 36231.09 MB
Available Virtual: 14522.94 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:933.81 GB) (Free:42.42 GB) (Model: Micron 2300 NVMe 1024GB) NTFS
\\?\Volume{591c063d-ba86-4186-aaf3-a9ef10e0bcc2}\ () (Fixed) (Total:1.04 GB) (Free:0.1 GB) NTFS
\\?\Volume{a86efbc6-dc2b-4e49-ad28-70d6d4fada2e}\ (Image) (Fixed) (Total:17.39 GB) (Free:0.13 GB) NTFS
\\?\Volume{0caac8b0-020a-4a65-8816-269c1afa25ca}\ (DELLSUPPORT) (Fixed) (Total:1.34 GB) (Free:0.5 GB) NTFS
\\?\Volume{696fd7d7-691e-425a-af62-052c62f02d21}\ (ESP) (Fixed) (Total:0.14 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 953.9 GB) (Disk ID: 7CCF32EB)
Partition: GPT.
==================== End of Addition.txt =======================